Zurück   Trojaner-Board > Archiv - Kein Posten möglich > Mülltonne
Trojaner nach wiederherstellung des C-Laufwerks

Trojaner nach wiederherstellung des C-Laufwerks


Mülltonne: Trojaner nach wiederherstellung des C-Laufwerks

Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne...

 
Alt 26.09.2010, 16:42   #1
Domeej
Gesperrt
 
Trojaner nach wiederherstellung des C-Laufwerks - Standard

Trojaner nach wiederherstellung des C-Laufwerks


Hallo

Mein Antivirusschutzprogramm meldete mir 3 Trojaner


1 Dropper.Gen

2/3 Crypt.XPAC.gen

als ich sie in quarantäne gestellt hatte fing mein Laptop an zu spinnen

alle 10 min. kam der BlueScreen mein interet browser ging nich und und und..

Als er dann sogar porbleme beim hochfahren hatte hab ich das C Laufwerk wiederhergestellt.

nun meine frage:

könnte es sein das die viren nach dem Wiederherstellen noch vorhanden sind ?

OTL logfile OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 26.09.2010 13:53:15 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Domeej\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 359,62 Gb Total Space | 331,91 Gb Free Space | 92,29% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 6,83 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: DOMEEJ-PC
Current User Name: Domeej
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Processes (SafeList) ==========
 
PRC - [2010.09.26 13:53:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Domeej\Desktop\OTL.exe
PRC - [2010.09.26 13:26:12 | 001,277,264 | ---- | M] (Microsoft Corporation) -- C:\Users\Domeej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PRVS14BX\wlmessengersetup-custom[1].exe
PRC - [2010.09.26 06:20:54 | 000,024,576 | ---- | M] (Sony Corporation) -- C:\Programme\sony\Marketing Tools\MarketingTools.exe
PRC - [2010.09.26 06:02:50 | 000,243,312 | ---- | M] () -- C:\Programme\Google\Google Toolbar\GoogleToolbarUser.exe
PRC - [2009.10.12 10:45:12 | 000,312,784 | ---- | M] () -- C:\Programme\3DataManager\WTGService.exe
PRC - [2009.10.12 10:44:48 | 008,181,200 | ---- | M] (WebToGo Mobile Internet GmbH) -- C:\Programme\3DataManager\3DataManager.exe
PRC - [2009.02.20 16:27:06 | 000,380,928 | ---- | M] (Bytemobile, Inc.) -- C:\Programme\3DataManager\bmctl.exe
PRC - [2008.11.25 14:40:33 | 000,030,192 | ---- | M] (Google) -- C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2008.11.22 04:33:20 | 000,303,104 | ---- | M] (Sony Corporation) -- C:\Programme\sony\Network Utility\NSUService.exe
PRC - [2008.11.22 04:33:20 | 000,270,336 | ---- | M] (Sony Corporation) -- C:\Programme\sony\Network Utility\LANUtil.exe
PRC - [2008.11.06 14:58:14 | 000,794,232 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MSC\McMscSvc.exe
PRC - [2008.11.05 18:32:28 | 000,203,624 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Event Service\VESMgr.exe
PRC - [2008.11.05 18:32:28 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Event Service\VESMgrSub.exe
PRC - [2008.10.17 19:16:54 | 000,415,584 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Power Management\SPMService.exe
PRC - [2008.10.17 12:28:57 | 000,102,400 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE
PRC - [2008.10.14 17:07:30 | 000,776,744 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.09.30 02:04:57 | 000,122,880 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\Apoint.exe
PRC - [2008.09.30 02:04:57 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApntEx.exe
PRC - [2008.09.30 02:04:55 | 000,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApMsgFwd.exe
PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2008.09.11 19:28:26 | 000,446,464 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2008.09.08 09:59:54 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2008.09.08 09:59:52 | 000,279,848 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2008.09.05 12:54:58 | 001,771,360 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Power Management\SPMgr.exe
PRC - [2008.08.28 20:21:36 | 000,870,240 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Update 4\VAIOUpdt.exe
PRC - [2008.08.25 04:57:21 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Java\jre1.6.0_07\bin\jusched.exe
PRC - [2008.08.20 16:38:30 | 000,860,160 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe
PRC - [2008.08.20 16:08:02 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008.07.23 18:52:06 | 000,206,112 | ---- | M] () -- C:\Programme\McAfee\SiteAdvisor\McSACore.exe
PRC - [2008.07.18 08:02:52 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2008.07.11 18:48:54 | 000,641,208 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee.com\Agent\mcagent.exe
PRC - [2008.07.09 17:36:30 | 000,884,360 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MPF\MpfSrv.exe
PRC - [2008.07.09 14:49:10 | 000,358,736 | ---- | M] (McAfee, Inc.) -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2008.07.09 14:35:34 | 000,025,416 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MSK\msksrver.exe
PRC - [2008.06.20 05:41:04 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\VirusScan\Mcshield.exe
PRC - [2008.06.20 05:01:18 | 000,605,512 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\VirusScan\mcsysmon.exe
PRC - [2008.06.11 23:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008.04.03 20:32:48 | 000,317,280 | ---- | M] (Sony Corporation) -- C:\Programme\sony\ISB Utility\ISBMgr.exe
PRC - [2008.03.25 04:32:44 | 000,218,496 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil9f.exe
PRC - [2008.01.21 04:24:49 | 000,299,520 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\ieuser.exe
PRC - [2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.21 04:23:50 | 000,625,664 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2008.01.21 04:23:33 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
PRC - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () -- c:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) -- c:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.09.26 13:53:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Domeej\Desktop\OTL.exe
MOD - [2008.07.23 18:52:10 | 000,012,576 | ---- | M] () -- C:\Programme\McAfee\SiteAdvisor\sahook.dll
MOD - [2008.01.21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008.01.21 04:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2009.10.12 10:45:12 | 000,312,784 | ---- | M] () [Auto | Running] -- C:\Programme\3DataManager\WTGService.exe -- (WTGService)
SRV - [2008.11.25 14:40:33 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2008.11.25 14:40:16 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.11.22 04:33:20 | 000,303,104 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\sony\Network Utility\NSUService.exe -- (NSUService)
SRV - [2008.11.06 14:58:14 | 000,794,232 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\McAfee\MSC\McMscSvc.exe -- (mcmscsvc)
SRV - [2008.11.05 18:32:28 | 000,203,624 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2008.10.21 10:52:38 | 000,353,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms)
SRV - [2008.10.21 10:52:38 | 000,062,752 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs)
SRV - [2008.10.21 10:52:36 | 000,103,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp)
SRV - [2008.10.17 19:16:54 | 000,415,584 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2008.10.17 12:28:57 | 000,102,400 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkAudioService)
SRV - [2008.10.01 18:18:48 | 000,369,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2008.09.19 10:06:22 | 000,083,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2008.09.11 19:28:26 | 000,446,464 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2008.09.08 09:59:56 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2008.09.08 09:59:54 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2008.09.08 09:59:52 | 000,279,848 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2008.08.20 16:38:30 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.08.20 16:08:02 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.08.01 14:31:00 | 000,109,056 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008.07.23 18:52:06 | 000,206,112 | ---- | M] () [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2008.07.18 08:02:52 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2008.07.09 17:36:30 | 000,884,360 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2008.07.09 14:49:10 | 000,358,736 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2008.07.09 14:35:34 | 000,025,416 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2008.06.20 13:10:22 | 000,361,800 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2008.06.20 05:41:04 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Programme\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2008.06.20 05:01:18 | 000,605,512 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Programme\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2008.05.20 01:51:34 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2008.05.20 01:49:04 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2008.05.20 01:29:06 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2008.01.21 04:24:45 | 000,376,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- c:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010.09.26 13:14:31 | 000,101,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.09.10 14:55:58 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008.10.24 02:06:27 | 000,150,560 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008.10.23 02:02:23 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2008.10.23 02:02:02 | 000,068,608 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008.10.21 03:17:13 | 000,018,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2008.10.21 03:17:12 | 000,109,096 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2008.10.21 03:17:12 | 000,084,008 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2008.10.21 03:16:52 | 000,029,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2008.10.17 12:28:48 | 002,149,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.10.17 04:16:55 | 000,327,192 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008.09.30 02:04:57 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008.09.25 02:44:13 | 003,847,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.08.28 23:48:46 | 003,664,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.08.22 17:22:42 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2008.08.22 02:06:22 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2008.06.27 06:08:40 | 000,207,656 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2008.06.27 06:08:40 | 000,079,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2008.06.27 06:08:40 | 000,040,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2008.06.27 06:08:40 | 000,035,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2008.06.20 05:41:38 | 000,034,152 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2008.06.07 02:02:55 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008.06.02 14:56:02 | 000,130,424 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2008.04.24 14:06:40 | 000,017,920 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2008.03.27 02:54:41 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2008.01.25 04:14:25 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008.01.25 04:14:16 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2008.01.25 04:14:12 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2008.01.25 04:14:12 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2008.01.21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 04:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008.01.21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 04:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 04:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 04:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010.09.26 13:27:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\3-addons\addon [2010.09.26 13:14:35 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Programme\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\4.1.805.1852\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe (Sony)
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Programme\sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [McENUI] C:\Programme\McAfee\MHN\McENUI.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\VAIO 08 img5 Wallpaper 1600x900.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\VAIO 08 img5 Wallpaper 1600x900.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.06.16 14:22:04 | 000,021,960 | R--- | M] () - G:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2008.06.16 18:14:06 | 000,000,057 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{cd6c00ab-c95e-11df-ac95-001dbaadd9b1}\Shell - "" = AutoRun
O33 - MountPoints2\{cd6c00ab-c95e-11df-ac95-001dbaadd9b1}\Shell\AutoRun\command - "" = G:\.\Autorun.exe -- [2008.06.16 14:22:04 | 000,021,960 | R--- | M] ()
O33 - MountPoints2\{cd6c00d3-c95e-11df-ac95-001dbaadd9b1}\Shell - "" = AutoRun
O33 - MountPoints2\{cd6c00d3-c95e-11df-ac95-001dbaadd9b1}\Shell\AutoRun\command - "" = G:\.\Autorun.exe -- [2008.06.16 14:22:04 | 000,021,960 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.26 13:56:47 | 000,000,000 | ---D | C] -- C:\Users\Domeej\Tracing
[2010.09.26 13:52:55 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Domeej\Desktop\OTL.exe
[2010.09.26 13:48:08 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft
[2010.09.26 13:47:58 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.09.26 13:47:48 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live SkyDrive
[2010.09.26 13:47:31 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live
[2010.09.26 13:26:23 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Windows Live
[2010.09.26 13:22:39 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010.09.26 13:22:38 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010.09.26 13:22:16 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010.09.26 13:22:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010.09.26 13:22:01 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Roaming\Macromedia
[2010.09.26 13:19:28 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Roaming\Google
[2010.09.26 13:16:48 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Roaming\3DataManager
[2010.09.26 13:15:02 | 000,112,128 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys
[2010.09.26 13:15:02 | 000,101,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbdev.sys
[2010.09.26 13:15:02 | 000,023,424 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2010.09.26 13:14:35 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bmutil.dll
[2010.09.26 13:14:35 | 000,471,040 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bmnet.dll
[2010.09.26 13:14:35 | 000,294,912 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bminstall.dll
[2010.09.26 13:14:35 | 000,126,976 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bmdumpd.bin
[2010.09.26 13:14:35 | 000,008,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sporder.dll
[2010.09.26 13:14:35 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Roaming\Program Files
[2010.09.26 13:14:34 | 000,022,528 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\BMLoad.sys
[2010.09.26 13:14:34 | 000,018,816 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\tcpipBM.sys
[2010.09.26 13:14:34 | 000,000,000 | ---D | C] -- C:\Programme\3-addons
[2010.09.26 13:14:31 | 000,102,912 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2010.09.26 13:14:30 | 000,000,000 | ---D | C] -- C:\Programme\3DataManager
[2010.09.26 08:58:41 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Local\Sony_Corporation
[2010.09.26 08:58:35 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Roaming\ATI
[2010.09.26 08:58:35 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Local\ATI
[2010.09.26 08:58:31 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Roaming\Sony Corporation
[2010.09.26 08:55:16 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Local\VirtualStore
[2010.09.26 08:55:14 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Vorlagen
[2010.09.26 08:55:14 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\AppData\Local\Verlauf
[2010.09.26 08:55:14 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\AppData\Local\Temporary Internet Files
[2010.09.26 08:55:14 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Startmenü
[2010.09.26 08:55:14 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\SendTo
[2010.09.26 08:55:14 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Recent
[2010.09.26 08:55:14 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Lokale Einstellungen
[2010.09.26 08:55:14 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Druckumgebung
[2010.09.26 08:55:14 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\AppData\Local\Anwendungsdaten
[2010.09.26 08:55:13 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Netzwerkumgebung
[2010.09.26 08:55:13 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Documents\Eigene Videos
[2010.09.26 08:55:13 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Documents\Eigene Musik
[2010.09.26 08:55:13 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Eigene Dateien
[2010.09.26 08:55:13 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Documents\Eigene Bilder
[2010.09.26 08:55:13 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Cookies
[2010.09.26 08:55:13 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Anwendungsdaten
[2010.09.26 08:55:07 | 000,000,000 | --SD | C] -- C:\Users\Domeej\AppData\Roaming\Microsoft
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Videos
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Searches
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Saved Games
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Pictures
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Music
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Links
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Favorites
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Downloads
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Documents
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Desktop
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Contacts
[2010.09.26 08:55:07 | 000,000,000 | -H-D | C] -- C:\Users\Domeej\AppData
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Local\Temp
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\Roaming
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Local\Microsoft
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Roaming\Media Center Programs
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Roaming\Identities
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Local\Google
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\Documents\Eigene Google Gadgets
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Local\Broadcom
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\Documents\Bluetooth-Exchange-Ordner
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Roaming\Adobe
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Local\Adobe
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.09.26 06:35:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming
[2010.09.26 06:35:24 | 000,000,000 | ---D | C] -- C:\Programme\Cisco
[2010.09.26 06:35:22 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Intel
[2010.09.26 06:35:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2010.09.26 06:34:43 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\InterVideo
[2010.09.26 06:32:43 | 000,000,000 | ---D | C] -- C:\Programme\InterVideo
[2010.09.26 06:31:53 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010.09.26 06:31:53 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010.09.26 06:31:53 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010.09.26 06:31:53 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010.09.26 06:31:53 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010.09.26 06:31:53 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010.09.26 06:31:52 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010.09.26 06:31:52 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010.09.26 06:31:52 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010.09.26 06:31:52 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010.09.26 06:31:52 | 000,068,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010.09.26 06:31:52 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010.09.26 06:31:52 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010.09.26 06:31:48 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010.09.26 06:31:48 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010.09.26 06:31:48 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010.09.26 06:31:48 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010.09.26 06:31:48 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010.09.26 06:31:47 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010.09.26 06:31:47 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010.09.26 06:31:47 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010.09.26 06:31:47 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010.09.26 06:31:31 | 001,645,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2010.09.26 06:31:06 | 000,000,000 | ---D | C] -- C:\Documentation
[2010.09.26 06:28:16 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010.09.26 06:27:19 | 000,098,304 | ---- | C] (Sony Corporation) -- C:\Windows\System32\VESWinlogon.dll
[2010.09.26 06:23:01 | 000,155,648 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\SonyAIwo.dll
[2010.09.26 06:23:01 | 000,147,456 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\SonyAIds.dll
[2010.09.26 06:23:01 | 000,086,016 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\SonyAIwd.dll
[2010.09.26 06:22:40 | 000,135,168 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangRUSony.dll
[2010.09.26 06:22:40 | 000,098,304 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangITSony.dll
[2010.09.26 06:22:40 | 000,098,304 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangFRSony.dll
[2010.09.26 06:22:40 | 000,098,304 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangESSony.dll
[2010.09.26 06:22:40 | 000,098,304 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangDESony.dll
[2010.09.26 06:22:40 | 000,077,824 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangJASony.dll
[2010.09.26 06:22:40 | 000,069,632 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangZHSony.dll
[2010.09.26 06:22:22 | 000,770,048 | ---- | C] (Gracenote) -- C:\Windows\System32\CDDBUISony.dll
[2010.09.26 06:22:22 | 000,655,360 | ---- | C] (Gracenote, Inc.) -- C:\Windows\System32\CDDBControlSony.dll
[2010.09.26 06:22:22 | 000,589,824 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbMusicIDSony.dll
[2010.09.26 06:22:07 | 000,000,000 | ---D | C] -- C:\Programme\Skype
[2010.09.26 06:22:07 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype
[2010.09.26 06:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.09.26 06:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2010.09.26 06:21:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2010.09.26 06:21:40 | 000,000,000 | ---D | C] -- C:\Programme\Roxio
[2010.09.26 06:21:13 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Sonic Shared
[2010.09.26 06:21:04 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Roxio Shared
[2010.09.26 06:14:35 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office Suite Activation Assistant
[2010.09.26 06:12:09 | 000,032,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2010.09.26 06:11:36 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Works
[2010.09.26 06:11:24 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DESIGNER
[2010.09.26 06:11:11 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.09.26 06:11:11 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET
[2010.09.26 06:09:50 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2010.09.26 06:09:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010.09.26 06:09:34 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010.09.26 06:07:38 | 000,000,000 | ---D | C] -- C:\ProgramData\SiteAdvisor
[2010.09.26 06:04:29 | 000,034,152 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdk.sys
[2010.09.26 06:04:28 | 000,207,656 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys
[2010.09.26 06:04:28 | 000,079,240 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
[2010.09.26 06:04:28 | 000,040,488 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfesmfk.sys
[2010.09.26 06:04:28 | 000,035,240 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
[2010.09.26 06:04:26 | 000,130,424 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\Mpfp.sys
[2010.09.26 06:03:49 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\McAfee
[2010.09.26 06:03:31 | 000,000,000 | ---D | C] -- C:\Programme\McAfee.com
[2010.09.26 06:03:28 | 000,000,000 | ---D | C] -- C:\Programme\McAfee
[2010.09.26 06:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010.09.26 06:03:07 | 000,245,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unicows.dll
[2010.09.26 06:03:07 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\System32\PCDLIB32.DLL
[2010.09.26 06:03:01 | 000,055,808 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\System32\ArcSoftKsUFilter.dll
[2010.09.26 06:03:01 | 000,017,920 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys
[2010.09.26 06:02:59 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\ArcSoft
[2010.09.26 06:02:58 | 000,000,000 | ---D | C] -- C:\Programme\ArcSoft
[2010.09.26 06:02:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010.09.26 06:01:23 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2010.09.26 05:57:22 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PX Storage Engine
[2010.09.26 05:56:25 | 000,000,000 | ---D | C] -- C:\Programme\Picasa2
[2010.09.26 05:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.09.26 05:54:39 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies
[2010.09.26 05:53:59 | 000,000,000 | ---D | C] -- C:\Programme\Big Fish Games Spiel-Suite
[2010.09.26 05:52:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF
[2010.09.26 05:47:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.09.26 05:46:19 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxafs.dll
[2010.09.26 05:46:19 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxhpinst.exe
[2010.09.26 05:45:25 | 000,000,000 | ---D | C] -- C:\Windows\Sonysys
[2010.09.26 05:45:24 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.09.26 05:33:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.26 13:57:24 | 001,310,720 | -HS- | M] () -- C:\Users\Domeej\NTUSER.DAT
[2010.09.26 13:53:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Domeej\Desktop\OTL.exe
[2010.09.26 13:18:36 | 001,418,806 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.09.26 13:18:36 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.09.26 13:18:36 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.09.26 13:18:36 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.09.26 13:18:36 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.09.26 13:14:36 | 000,001,768 | ---- | M] () -- C:\Users\Public\Desktop\3DataManager.lnk
[2010.09.26 13:14:31 | 000,112,128 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys
[2010.09.26 13:14:31 | 000,101,248 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbdev.sys
[2010.09.26 13:14:31 | 000,023,424 | ---- | M] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2010.09.26 13:11:44 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.26 13:11:43 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.26 13:11:43 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.26 13:11:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.26 13:11:37 | 3186,663,424 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.26 12:50:50 | 000,003,307 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2010.09.26 12:50:50 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.09.26 12:50:49 | 000,524,288 | -HS- | M] () -- C:\Users\Domeej\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010.09.26 12:50:49 | 000,524,288 | -HS- | M] () -- C:\Users\Domeej\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.09.26 12:50:49 | 000,065,536 | -HS- | M] () -- C:\Users\Domeej\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.09.26 12:50:42 | 001,497,539 | -H-- | M] () -- C:\Users\Domeej\AppData\Local\IconCache.db
[2010.09.26 09:49:57 | 000,060,826 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.09.26 09:19:48 | 000,000,040 | -H-- | M] () -- C:\Windows\System32\ivireg.ivr
[2010.09.26 09:19:39 | 000,330,136 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.09.26 09:19:28 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2010.09.26 09:19:28 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
[2010.09.26 08:58:34 | 000,001,111 | ---- | M] () -- C:\Users\Domeej\Desktop\Google Desktop.lnk
[2010.09.26 08:57:03 | 000,000,000 | RH-- | M] () -- C:\Windows\System32\drivers\104D_Sony_VGN-FW31E.mrk
[2010.09.26 08:55:17 | 000,080,712 | ---- | M] () -- C:\Users\Domeej\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.09.26 06:31:04 | 000,000,000 | ---- | M] () -- C:\Windows\VAIOUpdt.INI
[2010.09.26 06:14:37 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Office - 60 Day Trial.lnk
[2010.09.26 06:08:19 | 000,001,761 | ---- | M] () -- C:\Users\Public\Desktop\Me&My VAIO.lnk
[2010.09.26 06:07:39 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2010.09.26 06:01:31 | 000,000,935 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2010.09.26 06:01:27 | 000,000,946 | ---- | M] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2010.09.26 05:52:02 | 000,000,002 | ---- | M] () -- C:\Windows\System32\Snyres.oem
[2010.09.26 05:46:05 | 000,000,209 | ---- | M] () -- C:\Windows\ODBCINST.INI
 
========== Files Created - No Company Name ==========
 
[2010.09.26 13:14:36 | 000,001,768 | ---- | C] () -- C:\Users\Public\Desktop\3DataManager.lnk
[2010.09.26 09:19:47 | 000,000,040 | -H-- | C] () -- C:\Windows\System32\ivireg.ivr
[2010.09.26 08:57:03 | 000,000,000 | RH-- | C] () -- C:\Windows\System32\drivers\104D_Sony_VGN-FW31E.mrk
[2010.09.26 08:55:13 | 000,524,288 | -HS- | C] () -- C:\Users\Domeej\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010.09.26 08:55:13 | 000,524,288 | -HS- | C] () -- C:\Users\Domeej\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.09.26 08:55:13 | 000,262,144 | -H-- | C] () -- C:\Users\Domeej\ntuser.dat.LOG1
[2010.09.26 08:55:13 | 000,065,536 | -HS- | C] () -- C:\Users\Domeej\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.09.26 08:55:13 | 000,000,000 | -H-- | C] () -- C:\Users\Domeej\ntuser.dat.LOG2
[2010.09.26 08:55:12 | 000,001,356 | ---- | C] () -- C:\Users\Domeej\AppData\Local\d3d9caps.dat
[2010.09.26 08:55:07 | 001,310,720 | -HS- | C] () -- C:\Users\Domeej\NTUSER.DAT
[2010.09.26 08:55:07 | 000,001,111 | ---- | C] () -- C:\Users\Domeej\Desktop\Google Desktop.lnk
[2010.09.26 08:55:07 | 000,000,020 | -HS- | C] () -- C:\Users\Domeej\ntuser.ini
[2010.09.26 06:31:04 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2010.09.26 06:22:49 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll
[2010.09.26 06:14:37 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office - 60 Day Trial.lnk
[2010.09.26 06:08:19 | 000,001,761 | ---- | C] () -- C:\Users\Public\Desktop\Me&My VAIO.lnk
[2010.09.26 06:07:49 | 000,003,307 | ---- | C] () -- C:\Windows\System32\Config.MPF
[2010.09.26 06:07:39 | 000,000,811 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2010.09.26 06:03:56 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\McDefragTask.job
[2010.09.26 06:03:54 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\McQcTask.job
[2010.09.26 06:01:31 | 000,000,935 | ---- | C] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2010.09.26 06:01:27 | 000,000,946 | ---- | C] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2010.09.26 05:52:02 | 000,000,002 | ---- | C] () -- C:\Windows\System32\Snyres.oem
[2010.09.26 05:33:48 | 3186,663,424 | -HS- | C] () -- C:\hiberfil.sys
[2008.11.25 20:42:47 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.08.08 19:14:10 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.08.08 19:11:22 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008.08.08 19:11:22 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008.08.08 19:10:34 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001.11.14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
< End of report >
--- --- ---



Malewarebyte Logfile:


www.malwarebytes.org

Datenbank Version: 4052

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

26.09.2010 17:27:33
mbam-log-2010-09-26 (17-27-33).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 218081
Laufzeit: 1 Stunde(n), 47 Minute(n), 8 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Bitte um Hilfe



(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Alt 26.09.2010, 18:58   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner nach wiederherstellung des C-Laufwerks - Ausrufezeichen

Trojaner nach wiederherstellung des C-Laufwerks


http://www.trojaner-board.de/91141-3...vorhanden.html

Warum machst Du jetzt nen neuen Strang auf?
__________________

__________________
Alt 26.09.2010, 19:00   #3
Domeej
Gesperrt
 
Trojaner nach wiederherstellung des C-Laufwerks - Standard

Trojaner nach wiederherstellung des C-Laufwerks


Zitat:
Zitat von cosinus Beitrag anzeigen
http://www.trojaner-board.de/91141-3...vorhanden.html

Warum machst Du jetzt nen neuen Strang auf?
ich wollts übersichtlicher haben soll ich da weiterschreiben der den anderen löschen ?
__________________
 

Themen zu Trojaner nach wiederherstellung des C-Laufwerks
0 bytes, adobe, bho, bluescree, bluescreen, browser, corp./icp, defender, explorer, firefox, format, frage, google, home, home premium, hängen, iastor.sys, intranet, location, logfile, media center, mozilla, nvidia, nvstor.sys, oldtimer, phishing, photoshop, picasa, plug-in, port, programdata, realtek, registry, service pack 1, siteadvisor, software, trojaner, viren, vista


« XP reagiert langsam, findet instalierte Programme nicht mehr und gibt häufig keine Rückmeldung | Logfile - Auswertung , wohl infizierter Rechner ... »


Ähnliche Themen: Trojaner nach wiederherstellung des C-Laufwerks


  1. WIN 7 PC, nach Wiederherstellung über Systemabbild, extrem langsam
    Plagegeister aller Art und deren Bekämpfung - 17.05.2015 (8)
  2. Windows 8.1: Virensuche [Whitescreen + Webcam] nach Wiederherstellung
    Log-Analyse und Auswertung - 03.02.2015 (8)
  3. Windows 7: Bluescreen nach Start,Wiederherstellung erfolgreich aber Malwareverdacht
    Log-Analyse und Auswertung - 25.02.2014 (19)
  4. Nach Wiederherstellung Trojan.Banker und Backdoor.bot gefunden
    Log-Analyse und Auswertung - 13.10.2013 (29)
  5. GVU Trojaner nach Wiederherstellung
    Plagegeister aller Art und deren Bekämpfung - 16.01.2013 (12)
  6. Fund nach Wiederherstellung wegen GVU Trojaner
    Plagegeister aller Art und deren Bekämpfung - 03.01.2013 (18)
  7. Ist PC nach Systemabild wiederherstellung sauber ?
    Diskussionsforum - 04.11.2012 (1)
  8. Guv Virus was tuen nach System wiederherstellung
    Plagegeister aller Art und deren Bekämpfung - 27.10.2012 (17)
  9. Kein Netz mehr nach Wiederherstellung
    Alles rund um Windows - 16.09.2012 (7)
  10. Windows startet nach (missglückter) Wiederherstellung nicht mehr
    Alles rund um Windows - 19.05.2012 (16)
  11. Wiederherstellung der verschlüsselten Dateien nach Trojan.Encoder
    Anleitungen, FAQs & Links - 25.04.2012 (1)
  12. Warnung von Bundespolizei und nach Wiederherstellung alles in Ordnung!
    Log-Analyse und Auswertung - 02.04.2012 (1)
  13. diverse Probleme nach 'Registrierungsdatei-Wiederherstellung'
    Mülltonne - 03.09.2011 (1)
  14. Wiederherstellung nach Windows Recovery unvollständig
    Plagegeister aller Art und deren Bekämpfung - 03.06.2011 (17)
  15. Nach Windows-Wiederherstellung: Angst ob System wieder sauber
    Plagegeister aller Art und deren Bekämpfung - 15.04.2011 (3)
  16. nach wiederherstellung von systemabbild virenfrei?
    Log-Analyse und Auswertung - 05.04.2011 (5)
  17. Überprüfung d. Systems nach Trojanerbefall+anschließender Wiederherstellung
    Log-Analyse und Auswertung - 09.08.2008 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Trojaner nach wiederherstellung des C-Laufwerks - Hallo Mein Antivirusschutzprogramm meldete mir 3 Trojaner 1 Dropper.Gen 2/3 Crypt.XPAC.gen als ich sie in quarantäne gestellt hatte fing mein Laptop an zu spinnen alle 10 min. kam der BlueScreen - Trojaner nach wiederherstellung des C-Laufwerks...
Archiv
Du betrachtest: Trojaner nach wiederherstellung des C-Laufwerks auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131