Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Dringend 80 Viren

Dringend 80 Viren


Plagegeister aller Art und deren Bekämpfung: Dringend 80 Viren

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 03.07.2012, 23:32   #1
rakam119
 
Dringend 80 Viren - Standard

Dringend 80 Viren


Hallo
Mein Computer ist seit ein paar Tagen langsamer geworden. Ich habe Malwarebytes laufen lassen und das Programm hat 80! Viren und Trojaner gefunden. Eine Logdatei gibt es.
Was ist jetzt am besten zu tun?




Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.07.03.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Alsenbesy :: ALSENBESY-VAIO [Administrator]

03/07/2012 22:51:11
mbam-log-2012-07-03 (22-51-11).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 214522
Laufzeit: 4 Minute(n), 1 Sekunde(n)

Infizierte Speicherprozesse: 1
C:\Users\Alsenbesy\AppData\Roaming\4114.exe (Trojan.FakeMS) -> 3328 -> Löschen bei Neustart.

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 9
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|zaber0 (Worm.Autorun.B) -> Daten: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1830\zaberg.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|newcontr4nd3 (Trojan.Downloader) -> Daten: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12341\newcont4rnd3.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|newcontr3nd3 (Trojan.Downloader) -> Daten: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12340\newcont3rnd3.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|newcontr1nd1 (Trojan.Downloader) -> Daten: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12300\newcont1rnd1.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|newcontr2nd2 (Trojan.Downloader) -> Daten: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12320\newcont2rnd2.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|newcontr9nd9 (Trojan.Downloader) -> Daten: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12399\newcont9rnd9.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|newcontr7nd7 (Trojan.Downloader) -> Daten: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12377\newcont7rnd7.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|newcontr8nd8 (Trojan.Downloader) -> Daten: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12388\newcont8rnd8.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Worm.AutoRun) -> Daten: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12388\newcont8rnd8.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12377\newcont7rnd7.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12399\newcont9rnd9.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12320\newcont2rnd2.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12300\newcont1rnd1.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12340\newcont3rnd3.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12341\newcont4rnd3.exe,explorer.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1830\zaberg.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 1
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Hijack.Shell) -> Bösartig: (C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12388\newcont8rnd8.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12377\newcont7rnd7.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12399\newcont9rnd9.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12320\newcont2rnd2.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12300\newcont1rnd1.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12340\newcont3rnd3.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12341\newcont4rnd3.exe,explorer.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1830\zaberg.exe) Gut: (Explorer.exe) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 1
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1830 (Worm.AutoRun) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 69
C:\Users\Alsenbesy\AppData\Roaming\4114.exe (Trojan.FakeMS) -> Löschen bei Neustart.
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1830\zaberg.exe (Worm.Autorun.B) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12341\newcont4rnd3.exe (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12340\newcont3rnd3.exe (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12300\newcont1rnd1.exe (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12320\newcont2rnd2.exe (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12399\newcont9rnd9.exe (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12377\newcont7rnd7.exe (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12388\newcont8rnd8.exe (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\15E0.exe (Trojan.FakeMS) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\196A.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\1CF2.exe (Trojan.FakeMS) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\1F38.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\208B.exe (Trojan.FakeMS) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\2DC9.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\3055.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\34CC.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\379D.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\497.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\51C9.exe (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\52A1.exe (Trojan.Spammer) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\5B6C.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\5CAF.exe (Trojan.Spammer) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\62D.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\6641.exe (Trojan.Spammer) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\69D9.exe (Trojan.FakeMS) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\6B31.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\6B62.exe (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\6C1C.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\7455.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\752F.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\7647.exe (Trojan.FakeMS) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\7A6F.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\7EC2.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\847E.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\85B6.exe (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\8CDD.exe (Trojan.FakeMS) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\8E8.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\974F.exe (Trojan.FakeMS) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\9A8F.exe (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\9EE2.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\A98D.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\A9F.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\AAFE.exe (Trojan.FakeMS) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\ABDF.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\B18.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\BB14.exe (Trojan.FakeMS) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\BC71.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\BFB.exe (Trojan.Agent.H) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\C061.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\C6DD.exe (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\C844.exe (Trojan.FakeMS) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\CB03.exe (Malware.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\D353.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\D7BF.exe (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\E1B9.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\E3ED.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\E4D9.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\E766.exe (Trojan.FakeMS) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\E93D.exe (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\EAFA.exe (Trojan.FakeMS) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\ED80.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\EDCA.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\EE69.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\F251.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\F344.exe (Trojan.FakeMS) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alsenbesy\AppData\Roaming\F872.exe (Trojan.BTSoft.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Tasks\Update23.job (Trojan.Jusched) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1830\Desktop.ini (Worm.AutoRun) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Alt 04.07.2012, 07:39   #2
Chris4You
 
Dringend 80 Viren - Standard

Dringend 80 Viren


Hi,

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
  • Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt (OTL.TXT und EXTRAS.TXT)
  • Poste die Logfiles hier in den Thread
  • Zusätzlich folgendes Programm runterladen LanmanCheck ausführen und Ausgabe abkopieren und posten

chris
__________________

__________________
Alt 04.07.2012, 13:40   #3
rakam119
 
Dringend 80 Viren - Standard

Dringend 80 Viren


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 04/07/2012 13:39:04 - Run 1
OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\Alsenbesy\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00001809 | Country: Irland | Language: ENI | Date Format: dd/MM/yyyy
 
3.86 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 51.60% Memory free
7.71 Gb Paging File | 5.04 Gb Available in Paging File | 65.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.14 Gb Total Space | 396.43 Gb Free Space | 87.10% Space Free | Partition Type: NTFS
 
Computer Name: ALSENBESY-VAIO | User Name: Alsenbesy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Alsenbesy\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Alsenbesy\AppData\Roaming\Mikogo 4\M4-Capture.exe ()
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Windows\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Users\Alsenbesy\AppData\Roaming\Mikogo 4\mikogo-host.exe ()
PRC - C:\Users\Alsenbesy\AppData\Roaming\Mikogo 4\M4-Service.exe ()
PRC - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation)
PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
PRC - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
PRC - C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe (Sony Corporation)
PRC - C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)
PRC - C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\AMT Media Manager\AMTDeviceService.exe ()
PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\avutil-51.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\avformat-54.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\avcodec-54.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\gcswf32.dll ()
MOD - C:\PROGRA~2\Google\Chrome\APPLIC~1\200113~1.47\gcswf32.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Yahoo!\Messenger\yui.dll ()
MOD - C:\Program Files (x86)\AMT Media Manager\AMTDeviceService.exe ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (SBSDWSCService) -- C:\Program Files\Spybot File not found
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (M4-Service) -- C:\Users\Alsenbesy\AppData\Roaming\Mikogo 4\M4-Service.exe ()
SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)
SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (VMCService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys ()
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC)
DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (gtstusbser_64) -- C:\Windows\SysNative\drivers\gtstusbser_64.sys (Option N.V.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (gtstusbser_64) -- C:\Windows\SysWOW64\drivers\gtstusbser_64.sys (Option N.V.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Hotmail, Entertainment, News, Sport, Lifestyle and Games at MSN Ireland
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A5 C7 08 54 D4 0C CC 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?FORM=IPGTDF&PC=IPGTDF&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{2718B482-2833-49AE-B551-6B2CB6D732E3}: "URL" = Shopping.com Deutschland - der große Produkt- und Preisvergleich
IE - HKCU\..\SearchScopes\{2B78B840-DEEA-48AF-AE01-BE502EDACA3D}: "URL" = hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search
IE - HKCU\..\SearchScopes\{39376645-4655-458A-A678-92206D85EE10}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}
IE - HKCU\..\SearchScopes\{3FA07013-7A05-4BE3-A3D2-44230EF23A83}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC_de___DE397
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={AD25DDA7-E076-4A76-BEF6-DB1FCA8A676F}&mid=e4648ee3536c47d1995a21328d29df48-6b9b6ec1e489b3c345477ad329072f58cb7fbb7a&lang=en&ds=AVG&pr=pr&d=2012-02-22 15:04:05&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Alsenbesy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
 
[2011/09/29 22:15:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alsenbesy\AppData\Roaming\mozilla\Extensions
[2012/02/22 15:04:01 | 000,003,747 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Alsenbesy\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Alsenbesy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Alsenbesy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
 
O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\BROWSE~1.DLL (Bandoo Media, inc)
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WI3C8A~1\Datamngr\BROWSE~1.DLL (Bandoo Media, inc)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AMTDeviceService] C:\Program Files (x86)\AMT Media Manager\AMTDeviceService.exe ()
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE (Bandoo Media, inc)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [NeroCheck] C:\Windows\SysWOW64\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [REGSHAVE] C:\Program Files (x86)\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
O4 - HKLM..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Alsenbesy\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Kxygyq] C:\Users\Alsenbesy\AppData\Roaming\Kxygyq.exe ()
O4 - HKCU..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5DB63988-98C6-4312-8B36-AA4B2FAA958F}: DhcpNameServer = 192.168.88.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D61CA8A8-A9C5-4B05-8B5C-1FF6CD0702CA}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll) - C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll) - C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{073e1bd0-c6c3-11e0-baef-f07bcbcd36bb}\Shell - "" = AutoRun
O33 - MountPoints2\{073e1bd0-c6c3-11e0-baef-f07bcbcd36bb}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{073e1bd5-c6c3-11e0-baef-f07bcbcd36bb}\Shell - "" = AutoRun
O33 - MountPoints2\{073e1bd5-c6c3-11e0-baef-f07bcbcd36bb}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{0e08291c-c112-11df-8863-f07bcbcd36bb}\Shell - "" = AutoRun
O33 - MountPoints2\{0e08291c-c112-11df-8863-f07bcbcd36bb}\Shell\AutoRun\command - "" = H:\QsSetup.exe
O33 - MountPoints2\{4ae19a2c-e45b-11df-bc47-f07bcbcd36bb}\Shell - "" = AutoRun
O33 - MountPoints2\{4ae19a2c-e45b-11df-bc47-f07bcbcd36bb}\Shell\AutoRun\command - "" = H:\MediaManager.exe
O33 - MountPoints2\{50623e1e-c093-11e0-946a-f07bcbcd36bb}\Shell - "" = AutoRun
O33 - MountPoints2\{50623e1e-c093-11e0-946a-f07bcbcd36bb}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{50623e29-c093-11e0-946a-f07bcbcd36bb}\Shell - "" = AutoRun
O33 - MountPoints2\{50623e29-c093-11e0-946a-f07bcbcd36bb}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{663cfaba-cd9d-11df-b65b-f07bcbcd36bb}\Shell - "" = AutoRun
O33 - MountPoints2\{663cfaba-cd9d-11df-b65b-f07bcbcd36bb}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{663cfabe-cd9d-11df-b65b-f07bcbcd36bb}\Shell - "" = AutoRun
O33 - MountPoints2\{663cfabe-cd9d-11df-b65b-f07bcbcd36bb}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{6fde1ed2-585f-11e0-becc-5442490fbe58}\Shell - "" = AutoRun
O33 - MountPoints2\{6fde1ed2-585f-11e0-becc-5442490fbe58}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{76e02415-cbc6-11df-8d1b-f07bcbcd36bb}\Shell - "" = AutoRun
O33 - MountPoints2\{76e02415-cbc6-11df-8d1b-f07bcbcd36bb}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{76e0241e-cbc6-11df-8d1b-f07bcbcd36bb}\Shell - "" = AutoRun
O33 - MountPoints2\{76e0241e-cbc6-11df-8d1b-f07bcbcd36bb}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{8e638f41-e07c-11df-92c0-f07bcbcd36bb}\Shell - "" = AutoRun
O33 - MountPoints2\{8e638f41-e07c-11df-92c0-f07bcbcd36bb}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ad2e9b00-cbe8-11df-92ce-f07bcbcd36bb}\Shell - "" = AutoRun
O33 - MountPoints2\{ad2e9b00-cbe8-11df-92ce-f07bcbcd36bb}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ad2e9b04-cbe8-11df-92ce-f07bcbcd36bb}\Shell - "" = AutoRun
O33 - MountPoints2\{ad2e9b04-cbe8-11df-92ce-f07bcbcd36bb}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{b0cc8180-4381-11e1-8d62-f07bcbcd36bb}\Shell - "" = AutoRun
O33 - MountPoints2\{b0cc8180-4381-11e1-8d62-f07bcbcd36bb}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{cb76c2f5-ccde-11df-ba5b-f07bcbcd36bb}\Shell - "" = AutoRun
O33 - MountPoints2\{cb76c2f5-ccde-11df-ba5b-f07bcbcd36bb}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ce7f5f84-4fe0-11e1-9092-f07bcbcd36bb}\Shell - "" = AutoRun
O33 - MountPoints2\{ce7f5f84-4fe0-11e1-9092-f07bcbcd36bb}\Shell\AutoRun\command - "" = I:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\MediaManager.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/07/03 23:50:06 | 000,000,000 | ---D | C] -- C:\Users\Alsenbesy\Documents\Mikogo4
[2012/07/03 23:50:06 | 000,000,000 | ---D | C] -- C:\Users\Alsenbesy\AppData\Local\Mikogo4
[2012/07/03 23:35:43 | 000,000,000 | ---D | C] -- C:\Users\Alsenbesy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mikogo 4
[2012/07/03 23:35:38 | 000,000,000 | ---D | C] -- C:\Users\Alsenbesy\AppData\Roaming\Mikogo 4
[2012/07/03 22:42:59 | 000,000,000 | ---D | C] -- C:\Users\Alsenbesy\AppData\Roaming\Malwarebytes
[2012/07/03 22:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/03 22:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/03 22:42:10 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/03 22:42:10 | 000,000,000 | ---D | C] -- C:\Windows\Malwarebytes' Anti-Malware
[2012/06/29 20:32:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/06/29 20:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/06/29 20:32:50 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012/06/26 21:40:19 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/26 21:40:19 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/26 21:40:19 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/26 21:40:08 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/26 21:40:08 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/26 21:40:07 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/26 21:39:58 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/26 21:39:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/24 14:24:42 | 000,000,000 | ---D | C] -- C:\Users\Alsenbesy\AppData\Local\Windows Live
[2012/06/24 14:24:42 | 000,000,000 | ---D | C] -- C:\Users\Alsenbesy\AppData\Local\{9B9CDE75-F4BD-4A8F-8DB6-778AB17F5E08}
[2012/06/14 09:15:45 | 000,918,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/06/14 09:15:45 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/06/14 09:15:32 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/06/14 09:15:31 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/06/14 09:15:31 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/06/14 09:15:30 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/06/14 09:15:30 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/06/14 09:15:30 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/06/14 09:15:30 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/06/14 09:13:55 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/06/14 09:13:53 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/06/14 09:13:52 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/06/14 09:13:51 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/06/14 09:13:43 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/06/14 09:13:42 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/06/14 09:13:03 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/06/14 09:13:03 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/06/14 09:13:03 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/06/07 20:31:39 | 000,000,000 | ---D | C] -- C:\RECYCLER
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[12 C:\Users\Alsenbesy\Desktop\*.tmp files -> C:\Users\Alsenbesy\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Alsenbesy\Documents\*.tmp files -> C:\Users\Alsenbesy\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/07/04 13:41:47 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/04 13:35:44 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3878420749-3662022685-3788773000-1000Core.job
[2012/07/04 13:30:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/04 13:27:19 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3878420749-3662022685-3788773000-1000UA.job
[2012/07/04 13:27:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/03 23:35:44 | 000,000,964 | ---- | M] () -- C:\Users\Alsenbesy\Desktop\Mikogo 4.lnk
[2012/07/03 23:08:28 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/03 23:08:28 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/03 23:06:56 | 001,569,702 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/03 23:06:56 | 000,684,372 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012/07/03 23:06:56 | 000,633,488 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/03 23:06:56 | 000,142,150 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012/07/03 23:06:56 | 000,116,736 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/03 23:00:33 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/03 22:49:14 | 000,000,987 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/07/03 21:17:48 | 000,045,056 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\2363.exe
[2012/07/03 14:53:42 | 000,045,056 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\7D7A.exe
[2012/07/03 14:53:36 | 000,049,664 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\6410.exe
[2012/07/03 11:59:36 | 000,049,664 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\68F1.exe
[2012/07/03 11:59:28 | 000,045,056 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\4AC6.exe
[2012/07/03 11:59:19 | 000,016,352 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\2635.exe
[2012/07/02 21:44:12 | 000,049,664 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\36EA.exe
[2012/07/02 21:44:00 | 000,045,056 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\9B1.exe
[2012/07/02 00:23:54 | 000,000,000 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\3C6B.exe
[2012/07/02 00:23:17 | 000,000,000 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\AA59.exe
[2012/07/02 00:23:04 | 000,028,616 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\7802.exe
[2012/07/01 21:54:55 | 000,045,056 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\D51B.exe
[2012/07/01 08:46:26 | 000,045,056 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\6C14.exe
[2012/07/01 08:46:10 | 000,000,000 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\2A81.exe
[2012/07/01 08:45:52 | 000,012,264 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\E621.exe
[2012/07/01 08:39:36 | 000,016,352 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\2725.exe
[2012/07/01 08:38:56 | 000,008,176 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\8C5B.exe
[2012/07/01 07:49:33 | 000,000,000 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\565B.exe
[2012/07/01 07:49:14 | 000,045,056 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\B08.exe
[2012/06/30 20:30:04 | 000,045,056 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\CFCD.exe
[2012/06/29 21:14:40 | 000,024,528 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\525F.exe
[2012/06/29 21:14:12 | 000,000,000 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\E5B7.exe
[2012/06/29 20:59:06 | 000,045,056 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\1454.exe
[2012/06/29 20:58:50 | 000,028,616 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\D550.exe
[2012/06/29 20:57:57 | 000,024,528 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\812.exe
[2012/06/29 20:50:55 | 000,001,409 | ---- | M] () -- C:\Users\Alsenbesy\Desktop\Spybot - Search & Destroy.lnk
[2012/06/29 19:13:10 | 000,000,000 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\15F4.exe
[2012/06/29 19:12:57 | 000,008,176 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\E5CF.exe
[2012/06/29 19:11:53 | 000,008,176 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\EA7F.exe
[2012/06/29 19:08:01 | 000,012,264 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\6103.exe
[2012/06/28 03:19:09 | 000,010,752 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/28 02:58:39 | 000,044,968 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\C90F.exe
[2012/06/28 02:49:08 | 000,012,135 | ---- | M] () -- C:\Users\Alsenbesy\Desktop\SevereUlcerative_Colitis12.jpg
[2012/06/28 02:48:25 | 000,007,604 | ---- | M] () -- C:\Users\Alsenbesy\Desktop\100802173715.jpg
[2012/06/28 02:46:36 | 000,026,264 | ---- | M] () -- C:\Users\Alsenbesy\Desktop\150px-cd_colitis_2.jpg
[2012/06/28 00:08:09 | 000,000,000 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\AE2B.exe
[2012/06/28 00:07:44 | 000,008,176 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\4EFA.exe
[2012/06/27 01:26:14 | 000,000,000 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\F1C7.exe
[2012/06/27 01:26:02 | 000,000,000 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\C00C.exe
[2012/06/27 01:25:39 | 000,024,528 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\6648.exe
[2012/06/27 00:47:51 | 000,008,176 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\CA33.exe
[2012/06/27 00:45:10 | 000,016,352 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\562A.exe
[2012/06/26 00:38:11 | 000,000,000 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\B0F1.exe
[2012/06/26 00:37:33 | 000,000,000 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\19A1.exe
[2012/06/25 22:51:12 | 000,098,952 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\5BE9.exe
[2012/06/25 21:53:42 | 000,098,952 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\B941.exe
[2012/06/25 01:35:17 | 000,024,528 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\8D46.exe
[2012/06/25 01:34:50 | 000,098,952 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\22FE.exe
[2012/06/25 01:24:31 | 000,000,000 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\AF92.exe
[2012/06/25 01:24:06 | 000,044,968 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\5003.exe
[2012/06/24 00:26:01 | 000,000,000 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\C765.exe
[2012/06/24 00:25:50 | 000,098,952 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\9A0D.exe
[2012/06/24 00:16:54 | 000,098,952 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\6D32.exe
[2012/06/24 00:16:07 | 000,000,000 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\B70C.exe
[2012/06/24 00:07:33 | 000,000,000 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\DF62.exe
[2012/06/24 00:07:22 | 000,098,952 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\B2C5.exe
[2012/06/23 23:54:55 | 000,032,704 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\4E66.exe
[2012/06/23 23:54:07 | 000,098,952 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\9044.exe
[2012/06/23 23:36:17 | 000,057,232 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\3EB8.exe
[2012/06/20 12:54:25 | 000,016,352 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\85C6.exe
[2012/06/20 12:14:44 | 000,024,528 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\2F4A.exe
[2012/06/20 12:12:33 | 000,098,952 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\2F59.exe
[2012/06/19 01:12:18 | 000,099,984 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\FB84.exe
[2012/06/19 00:38:56 | 000,099,984 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\70DC.exe
[2012/06/18 00:44:52 | 000,044,032 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\347D.exe
[2012/06/18 00:44:44 | 000,099,984 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\129A.exe
[2012/06/17 23:50:07 | 000,044,032 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\F825.exe
[2012/06/17 23:50:02 | 000,048,640 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\E5FB.exe
[2012/06/17 23:49:59 | 000,000,298 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\DC3A.exe
[2012/06/16 21:54:38 | 000,048,640 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\A39A.exe
[2012/06/16 21:54:36 | 000,099,984 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\9B50.exe
[2012/06/16 21:54:33 | 000,044,032 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\8E92.exe
[2012/06/16 21:50:30 | 000,044,032 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\D947.exe
[2012/06/16 21:50:25 | 000,048,640 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\C70E.exe
[2012/06/16 21:48:42 | 000,000,193 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\34EB.exe
[2012/06/16 21:06:11 | 000,000,180 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\4906.exe
[2012/06/16 21:06:09 | 000,048,640 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\41F3.exe
[2012/06/16 21:06:04 | 000,000,298 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\2BA4.exe
[2012/06/16 20:58:11 | 000,044,032 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\F46E.exe
[2012/06/16 20:58:05 | 000,048,640 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\DE8C.exe
[2012/06/16 20:57:59 | 000,099,984 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\C7A2.exe
[2012/06/16 20:48:57 | 000,454,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/15 15:09:05 | 000,210,058 | ---- | M] () -- C:\Users\Alsenbesy\Documents\cc_20120615_150832.reg
[2012/06/15 14:53:59 | 000,040,960 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\1357.exe
[2012/06/15 14:53:55 | 000,099,984 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\2E1.exe
[2012/06/15 13:41:01 | 000,040,960 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\4672.exe
[2012/06/15 13:40:59 | 000,099,984 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\3D1E.exe
[2012/06/14 21:27:53 | 000,040,960 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\D264.exe
[2012/06/14 21:27:48 | 000,099,984 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\BFDC.exe
[2012/06/14 17:51:30 | 000,099,984 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\B6F0.exe
[2012/06/14 17:51:26 | 000,040,960 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\AA81.exe
[2012/06/13 01:59:47 | 000,040,960 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\29E2.exe
[2012/06/13 01:59:43 | 000,000,298 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\1798.exe
[2012/06/13 01:30:25 | 000,040,960 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\46A2.exe
[2012/06/13 01:30:18 | 000,099,984 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\2961.exe
[2012/06/12 03:04:55 | 000,040,960 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\CA61.exe
[2012/06/12 03:04:53 | 000,099,984 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\C17B.exe
[2012/06/11 23:14:30 | 000,040,960 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\118E.exe
[2012/06/11 23:14:23 | 000,099,984 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\F804.exe
[2012/06/09 13:13:32 | 000,040,960 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\6CB7.exe
[2012/06/09 01:39:24 | 000,040,960 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\9020.exe
[2012/06/09 00:23:56 | 000,040,960 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\7003.exe
[2012/06/08 23:20:12 | 000,040,960 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\88D0.exe
[2012/06/08 22:21:32 | 000,040,960 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\C055.exe
[2012/06/08 21:48:44 | 000,040,960 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\B665.exe
[2012/06/08 19:22:45 | 000,040,960 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\37F2.exe
[2012/06/08 16:39:14 | 000,040,960 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\8536.exe
[2012/06/08 12:07:40 | 000,040,960 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\8E7.exe
[2012/06/08 12:07:34 | 000,113,792 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\F362.exe
[2012/06/08 01:46:56 | 000,040,960 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\6A19.exe
[2012/06/07 20:32:38 | 000,126,976 | -H-- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\Kxygyq.exe
[2012/06/07 20:31:23 | 000,113,792 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Roaming\E009.exe
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[12 C:\Users\Alsenbesy\Desktop\*.tmp files -> C:\Users\Alsenbesy\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Alsenbesy\Documents\*.tmp files -> C:\Users\Alsenbesy\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/07/03 23:35:44 | 000,000,964 | ---- | C] () -- C:\Users\Alsenbesy\Desktop\Mikogo 4.lnk
[2012/07/03 22:42:12 | 000,000,987 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/07/03 21:17:48 | 000,045,056 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\2363.exe
[2012/07/03 14:53:42 | 000,045,056 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\7D7A.exe
[2012/07/03 14:53:36 | 000,049,664 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\6410.exe
[2012/07/03 11:59:36 | 000,049,664 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\68F1.exe
[2012/07/03 11:59:28 | 000,045,056 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\4AC6.exe
[2012/07/03 11:59:19 | 000,016,352 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\2635.exe
[2012/07/02 21:44:12 | 000,049,664 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\36EA.exe
[2012/07/02 21:44:00 | 000,045,056 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\9B1.exe
[2012/07/02 00:23:54 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\3C6B.exe
[2012/07/02 00:23:17 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\AA59.exe
[2012/07/02 00:23:04 | 000,028,616 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\7802.exe
[2012/07/01 21:54:55 | 000,045,056 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\D51B.exe
[2012/07/01 08:46:26 | 000,045,056 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\6C14.exe
[2012/07/01 08:46:10 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\2A81.exe
[2012/07/01 08:45:52 | 000,012,264 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\E621.exe
[2012/07/01 08:39:36 | 000,016,352 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\2725.exe
[2012/07/01 08:38:56 | 000,008,176 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\8C5B.exe
[2012/07/01 07:49:33 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\565B.exe
[2012/07/01 07:49:14 | 000,045,056 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\B08.exe
[2012/06/30 20:30:04 | 000,045,056 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\CFCD.exe
[2012/06/29 21:14:40 | 000,024,528 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\525F.exe
[2012/06/29 21:14:12 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\E5B7.exe
[2012/06/29 20:59:06 | 000,045,056 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\1454.exe
[2012/06/29 20:58:50 | 000,028,616 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\D550.exe
[2012/06/29 20:57:57 | 000,024,528 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\812.exe
[2012/06/29 20:33:00 | 000,001,409 | ---- | C] () -- C:\Users\Alsenbesy\Desktop\Spybot - Search & Destroy.lnk
[2012/06/29 19:13:10 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\15F4.exe
[2012/06/29 19:12:57 | 000,008,176 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\E5CF.exe
[2012/06/29 19:11:53 | 000,008,176 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\EA7F.exe
[2012/06/29 19:08:01 | 000,012,264 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\6103.exe
[2012/06/28 02:58:39 | 000,044,968 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\C90F.exe
[2012/06/28 02:49:11 | 000,012,135 | ---- | C] () -- C:\Users\Alsenbesy\Desktop\SevereUlcerative_Colitis12.jpg
[2012/06/28 02:48:30 | 000,007,604 | ---- | C] () -- C:\Users\Alsenbesy\Desktop\100802173715.jpg
[2012/06/28 02:46:42 | 000,026,264 | ---- | C] () -- C:\Users\Alsenbesy\Desktop\150px-cd_colitis_2.jpg
[2012/06/28 00:08:09 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\AE2B.exe
[2012/06/28 00:07:44 | 000,008,176 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\4EFA.exe
[2012/06/27 01:26:14 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\F1C7.exe
[2012/06/27 01:26:02 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\C00C.exe
[2012/06/27 01:25:39 | 000,024,528 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\6648.exe
[2012/06/27 00:47:51 | 000,008,176 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\CA33.exe
[2012/06/27 00:45:10 | 000,016,352 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\562A.exe
[2012/06/26 22:00:37 | 000,033,381 | ---- | C] () -- C:\Users\Alsenbesy\Desktop\Bild46.jpg
[2012/06/26 17:01:31 | 000,000,115 | ---- | C] () -- C:\Users\Alsenbesy\Desktop\REDIRECT_1_.ASX
[2012/06/26 00:38:11 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\B0F1.exe
[2012/06/26 00:37:33 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\19A1.exe
[2012/06/25 22:51:12 | 000,098,952 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\5BE9.exe
[2012/06/25 21:53:42 | 000,098,952 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\B941.exe
[2012/06/25 01:35:17 | 000,024,528 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\8D46.exe
[2012/06/25 01:34:50 | 000,098,952 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\22FE.exe
[2012/06/25 01:24:31 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\AF92.exe
[2012/06/25 01:24:06 | 000,044,968 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\5003.exe
[2012/06/24 00:26:01 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\C765.exe
[2012/06/24 00:25:50 | 000,098,952 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\9A0D.exe
[2012/06/24 00:16:54 | 000,098,952 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\6D32.exe
[2012/06/24 00:16:07 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\B70C.exe
[2012/06/24 00:07:33 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\DF62.exe
[2012/06/24 00:07:22 | 000,098,952 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\B2C5.exe
[2012/06/23 23:54:55 | 000,032,704 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\4E66.exe
[2012/06/23 23:54:07 | 000,098,952 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\9044.exe
[2012/06/23 23:36:17 | 000,057,232 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\3EB8.exe
[2012/06/20 12:54:25 | 000,016,352 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\85C6.exe
[2012/06/20 12:14:44 | 000,024,528 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\2F4A.exe
[2012/06/20 12:12:33 | 000,098,952 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\2F59.exe
[2012/06/19 01:12:18 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\FB84.exe
[2012/06/19 00:38:56 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\70DC.exe
[2012/06/18 00:44:52 | 000,044,032 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\347D.exe
[2012/06/18 00:44:44 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\129A.exe
[2012/06/17 23:50:07 | 000,044,032 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\F825.exe
[2012/06/17 23:50:02 | 000,048,640 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\E5FB.exe
[2012/06/17 23:49:59 | 000,000,298 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\DC3A.exe
[2012/06/16 21:54:38 | 000,048,640 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\A39A.exe
[2012/06/16 21:54:36 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\9B50.exe
[2012/06/16 21:54:33 | 000,044,032 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\8E92.exe
[2012/06/16 21:50:30 | 000,044,032 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\D947.exe
[2012/06/16 21:50:25 | 000,048,640 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\C70E.exe
[2012/06/16 21:48:42 | 000,000,193 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\34EB.exe
[2012/06/16 21:06:11 | 000,000,180 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\4906.exe
[2012/06/16 21:06:09 | 000,048,640 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\41F3.exe
[2012/06/16 21:06:04 | 000,000,298 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\2BA4.exe
[2012/06/16 20:58:11 | 000,044,032 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\F46E.exe
[2012/06/16 20:58:05 | 000,048,640 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\DE8C.exe
[2012/06/16 20:57:59 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\C7A2.exe
[2012/06/15 15:08:40 | 000,210,058 | ---- | C] () -- C:\Users\Alsenbesy\Documents\cc_20120615_150832.reg
[2012/06/15 14:53:59 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\1357.exe
[2012/06/15 14:53:55 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\2E1.exe
[2012/06/15 13:41:01 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\4672.exe
[2012/06/15 13:40:59 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\3D1E.exe
[2012/06/14 21:27:53 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\D264.exe
[2012/06/14 21:27:48 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\BFDC.exe
[2012/06/14 17:51:30 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\B6F0.exe
[2012/06/14 17:51:26 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\AA81.exe
[2012/06/13 01:59:47 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\29E2.exe
[2012/06/13 01:59:43 | 000,000,298 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\1798.exe
[2012/06/13 01:30:25 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\46A2.exe
[2012/06/13 01:30:18 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\2961.exe
[2012/06/12 03:04:55 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\CA61.exe
[2012/06/12 03:04:53 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\C17B.exe
[2012/06/11 23:14:30 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\118E.exe
[2012/06/11 23:14:23 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\F804.exe
[2012/06/09 18:01:19 | 000,000,044 | ---- | C] () -- C:\Users\Alsenbesy\Documents\Track01.cda
[2012/06/09 13:13:32 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\6CB7.exe
[2012/06/09 01:39:24 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\9020.exe
[2012/06/09 00:23:56 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\7003.exe
[2012/06/08 23:20:12 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\88D0.exe
[2012/06/08 22:21:32 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\C055.exe
[2012/06/08 21:48:44 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\B665.exe
[2012/06/08 19:22:45 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\37F2.exe
[2012/06/08 16:39:14 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\8536.exe
[2012/06/08 12:07:40 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\8E7.exe
[2012/06/08 12:07:34 | 000,113,792 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\F362.exe
[2012/06/08 01:46:56 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\6A19.exe
[2012/06/07 20:32:38 | 000,126,976 | -H-- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\Kxygyq.exe
[2012/06/07 20:31:23 | 000,113,792 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\E009.exe
[2012/01/25 17:14:12 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Local\{3FDEB50D-5F7B-4830-9C6E-E83285D50839}
[2011/03/14 21:16:55 | 000,000,132 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\wklnhst.dat
[2011/02/20 20:45:33 | 000,000,007 | ---- | C] () -- C:\Windows\SysWow64\win.dll
[2011/02/20 20:45:32 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\Data(8).dll
[2011/02/20 20:45:32 | 000,001,583 | ---- | C] () -- C:\Windows\SysWow64\Data(6).dll
[2011/02/20 20:45:32 | 000,001,582 | ---- | C] () -- C:\Windows\SysWow64\Data(5).dll
[2011/02/20 20:45:32 | 000,000,461 | ---- | C] () -- C:\Windows\SysWow64\Data(2).dll
[2011/02/20 20:45:32 | 000,000,061 | ---- | C] () -- C:\Windows\SysWow64\Data(1).dll
[2011/02/20 20:45:32 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\Data(9).dll
[2011/02/20 20:45:32 | 000,000,003 | ---- | C] () -- C:\Windows\SysWow64\Data(4).dll
[2011/02/20 20:45:32 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\Data(10).dll
[2011/02/20 20:45:32 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Data(7).dll
[2011/01/17 21:06:20 | 000,000,097 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Local\fusioncache.dat
[2011/01/17 20:55:59 | 001,527,618 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/11/04 14:15:19 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/10/15 00:23:25 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL
[2010/10/15 00:13:05 | 000,010,752 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/28 13:32:56 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\qttask.exe
[2010/09/20 10:56:03 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml
[2010/09/16 23:33:08 | 000,001,040 | ---- | C] () -- C:\Windows\Mobile Partner Manager.INI
[2008/06/23 13:02:02 | 000,097,410 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008/05/23 17:48:50 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
 
========== Files - Unicode (All) ==========
[2012/05/08 13:28:33 | 000,000,000 | ---D | M](C:\Users\Alsenbesy\Desktop\??? ???????) -- C:\Users\Alsenbesy\Desktop\ملف الترقية
[2012/05/08 13:13:54 | 000,000,000 | ---D | C](C:\Users\Alsenbesy\Desktop\??? ???????) -- C:\Users\Alsenbesy\Desktop\ملف الترقية
[2012/03/29 13:34:39 | 000,000,000 | ---D | M](C:\Users\Alsenbesy\Desktop\????? ???????) -- C:\Users\Alsenbesy\Desktop\دمحمد السنبسى
[2012/03/19 12:12:14 | 000,000,000 | ---D | C](C:\Users\Alsenbesy\Desktop\????? ???????) -- C:\Users\Alsenbesy\Desktop\دمحمد السنبسى
[2012/03/19 04:00:39 | 000,549,376 | ---- | C] ()(C:\Users\Alsenbesy\Documents\?????.doc) -- C:\Users\Alsenbesy\Documents\دمحمد.doc
[2012/01/24 13:44:34 | 000,549,376 | ---- | M] ()(C:\Users\Alsenbesy\Documents\?????.doc) -- C:\Users\Alsenbesy\Documents\دمحمد.doc
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >
--- --- ---
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 04/07/2012 13:39:04 - Run 1
OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\Alsenbesy\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00001809 | Country: Irland | Language: ENI | Date Format: dd/MM/yyyy
 
3.86 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 51.60% Memory free
7.71 Gb Paging File | 5.04 Gb Available in Paging File | 65.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.14 Gb Total Space | 396.43 Gb Free Space | 87.10% Space Free | Partition Type: NTFS
 
Computer Name: ALSENBESY-VAIO | User Name: Alsenbesy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{025F358A-FDEE-4733-B245-2370B1911D61}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{06FDAE5A-3CCA-44E6-B1FF-0B42D58B0CB8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1263647F-E979-4144-9C73-F18F8EBEE120}" = lport=139 | protocol=6 | dir=in | app=system | 
"{1D949165-0785-488F-9898-54506D419705}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{251803C3-7CDC-4F3B-8AF0-97754609B0AC}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{3527B4E4-4A59-44AC-AEF7-999A5C3D623B}" = lport=445 | protocol=6 | dir=in | app=system | 
"{3D7F2CFD-2BAE-4233-B4E6-511FDB6D0B9A}" = lport=137 | protocol=17 | dir=in | app=system | 
"{424ABD0B-3B2A-499B-ADF7-BE35AEF5A51A}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{47D9111B-92BF-4EF4-B5B4-E71E4D81A987}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{4D0A1D05-A2D3-4409-BE28-538065B6CCD4}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{51FFCA5C-02C0-41F9-AE22-8D90CBF09330}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{56B26270-1CD0-4717-AD92-08D915B6DBBB}" = rport=138 | protocol=17 | dir=out | app=system | 
"{654FC9A8-F166-4111-A06A-D1E16B193BD7}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{66697842-5DA4-4CF4-8E92-021D33300744}" = rport=137 | protocol=17 | dir=out | app=system | 
"{6E3181D3-9961-497F-9746-F4296CC66F2D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{6F5B3808-B6C2-4973-A09F-F3A30EC532F9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{80EF71A4-2435-44C7-8E2D-EB69F59A1A7F}" = rport=445 | protocol=6 | dir=out | app=system | 
"{8B3F9336-C06C-4515-9514-8885BC3A8F9B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{936879AF-2253-4E2A-BC4C-E38010E5F891}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
"{94750CCA-D4E7-40CF-9607-00B84C1F6E86}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9BEBBE3F-D6C4-44D5-9F81-8662ADCADAC5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{AA65E431-4A40-4FE7-B203-BBDBBD335E0D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{AD541C14-3A87-4B8A-B8FC-45B917C72831}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AF72DABF-8D2D-4E4A-989A-3CF9FA3FBD96}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B42545EB-4689-49BA-AE67-2B8B00ADCC2F}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{B6EF890E-54A7-47A2-B646-1E90C6CC7598}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{BB191A24-7D27-4E62-B2FF-06C4EBDDA746}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{C71F36D2-C519-4F99-B3FB-60335180E6A4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D0800F9C-7A6F-45CF-B234-B0BE7A4E1257}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E2A5033E-CB48-4393-96D2-BF2C93670EE5}" = rport=139 | protocol=6 | dir=out | app=system | 
"{EA81BC9F-5D89-4B26-939B-1A2BFA79E456}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{EE3719E1-36F9-43C0-8F62-E68D2CFC490B}" = lport=138 | protocol=17 | dir=in | app=system | 
"{F0E33A84-CA7B-4D63-BEC1-5A391E6F16F3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F864E7A2-832F-4565-B75D-B8C11C224DE0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0467DB73-F38B-4CC3-B068-B4A0F6FC60BD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{0A72A68F-E0FF-45A5-BFD5-6A9614B64E67}" = protocol=17 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe | 
"{17539303-1861-46F4-8D00-76BA294A7F9C}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{1CDE1768-5BB8-48FB-9CEC-9F2A88C197C2}" = protocol=6 | dir=out | app=system | 
"{2FA61458-DA90-4A97-AEA2-C9CB08537563}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{37A28A8D-851C-47CF-B52D-CECCFF2F47F3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{39566D44-34DA-4517-8212-0D4DF496C18C}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{42CB7990-B5E1-4A40-91FF-CB27E66014F1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{52CE0CD4-4ABB-43D3-9B0A-2AADAEAE2692}" = dir=in | app=c:\program files (x86)\sony\vaio media plus\vmp.exe | 
"{576E3499-CE2C-4552-8498-85BBCB7FE92E}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe | 
"{6C36F13D-951D-4769-86A7-5C0D120D9638}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{6D204041-7F92-43FF-ACF1-389B753CADFA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{72A66B94-02D5-4F90-B0AC-DB2033108E25}" = protocol=6 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe | 
"{74C17095-D126-4CB9-AD2D-7B15B39B3550}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe | 
"{7A120638-7B31-4141-9A68-73EB5AA023CC}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe | 
"{7DADAA64-9BF1-40C1-BFB3-69EC812B92CE}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"{86DF2B2C-A30A-4462-A13D-9125BDA60722}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{87E73E03-D280-430E-A210-E2E3FC89C344}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{8E5C0475-1604-474F-8986-381804505A94}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{92A82086-8066-4FE6-BC56-9F02FA911054}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{94B4FD11-D45D-4D01-8244-00E91CA01FFE}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"{97DC0EE7-6C05-4F35-BCD2-7DC1BDD0E785}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{9A3ED7B2-E636-4961-9983-ACD834AE4537}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A224346F-432C-499C-B36C-9518593F11DD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{AAEEA8B1-F5A6-493C-862D-9D728CFEEFF4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{AB79174C-787C-4737-8356-568FEE78BC82}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B1F3247D-5C52-494C-BE67-916611578244}" = dir=in | app=c:\users\alsenbesy\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"{B5BAFA86-5132-4682-B342-88B98BB55274}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B8F88D29-E37D-4D58-B16B-9C1DBADD28FE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{BC0796FD-B37E-431E-8493-890BC9FA25E4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{BE5533B8-2233-49BA-8B93-64211664E4DD}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe | 
"{C627788F-EB56-4F44-B17E-012365687B8F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C7188C92-BD4B-461E-8031-73C1B4FAC545}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe | 
"{D06656EE-3688-4E60-90C4-8A5521C3DAAA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{E0C7F582-45EB-4EB0-90BD-EFC9B7934F38}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E817F209-13C1-4345-A59F-E5E0BD07330C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{EF203DA3-91FB-486F-BB36-8238275AD062}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{F526DC9B-4611-48D3-9171-5189B9EB996D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{11D25EF7-85FC-4B58-8278-485939C8637F}" = VAIO Update Merge Module x64
"{17B77355-3934-4D0E-8FAC-C420482C8E7D}" = Windows Live Family Safety
"{393A9268-A428-4F5A-9B20-BD753309A98E}" = Click to Disc MergeModules x64
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{7C3AC18F-F19B-4082-8D13-7D603848E06C}" = VAIO Update Merge Module x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D1163BE-5ECD-0303-87F7-35ED38BBB2E1}" = ATI Catalyst Install Manager
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A1F8353C-39A2-4327-867E-C6714131BEFC}" = Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BF456ADA-407C-BFA2-52DA-08ECE9E18549}" = ccc-utility64
"{C263ED32-78DB-40EB-8B12-2925C8213E28}" = HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät
"{C37B6246-7D4A-4E5C-BFB4-11C8660BDC99}" = VAIO Movie Story MergeModules x64
"{E743BA71-5955-420B-AA52-67508054AD66}" = VAIO Update Merge Module x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
"930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth  (09/09/2009 6.2.0.9405)
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care
"{08096C0A-B9B2-7F42-3760-BD9A1CBA9A6E}" = Catalyst Control Center Graphics Full Existing
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{10014C6B-F482-991B-8865-32BFEA347CE1}" = CCC Help Hungarian
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{1404E04F-C98C-5195-251E-9CED867E37D7}" = CCC Help French
"{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{1AA0193C-398B-D400-A156-C060CFDDF132}" = Catalyst Control Center Core Implementation
"{1E450972-E996-4EC1-A4C3-1518A46928D0}" = VAIO Content Metadata Intelligent Network Service Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1FD416D0-CC16-41D1-A25C-C9986CD8BBAB}" = VAIO Content Metadata Intelligent Analyzing Manager
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{208345BE-27BB-4367-B245-A5B6E764FDD0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{2110ECBD-BF15-4673-8852-8C68DDEB26AC}" = Media Gallery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{233C14B1-D05F-96A7-1509-C87417F899F8}" = CCC Help Turkish
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Einstellungen für VAIO-Inhaltsüberwachung
"{2637552C-A1EE-D6C9-3D9E-716BCB76081D}" = ccc-core-static
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 24
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{37531547-B1F4-45E6-98FC-8AF5F2F0EAA4}" = VAIO Content Metadata Manager Settings
"{395AB8C5-F3A8-4380-8718-7A11EC5829F6}" = iCON 210
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4427F384-B5BE-4769-B7D0-C784FC321EB1}" = VAIO Content Metadata Intelligent Network Service Manager
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{49939C5A-7835-120D-1195-7374E1AE1CAB}" = CCC Help Spanish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5490882C-6961-11D5-BAE5-00E0188E010B}" = FUJIFILM USB Driver
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5810367F-CB89-1257-0283-EC37270741E7}" = CCC Help Russian
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5A4C0B1D-2379-AAE0-4907-56E83D6D8A8C}" = CCC Help Italian
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{650CF18F-629C-3CF1-307D-5C93321B41CD}" = Catalyst Control Center Graphics Full New
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69131367-6458-6271-8277-25E408572433}" = CCC Help German
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D8ED20E-E792-4DAC-BB66-009836CBD80B}" = VAIO Content Monitoring Settings
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" = 
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{72A6B2E5-3286-4D77-8AAC-A4BE2A8FCB90}" = CCC Help Finnish
"{7392AA60-133D-4761-94DB-8FBC9B6CD5EA}" = VAIO Content Metadata Intelligent Network Service Manager
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Energie Verwaltung
"{80AAD9DF-7E64-40D2-80D2-BECA41593EEB}" = AMT Media Manager
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{87A29380-9FFF-6D32-BBF1-61569DFD5BEA}" = CCC Help Portuguese
"{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"{8D047BB8-0D97-4163-27CE-351BDF225D00}" = Catalyst Control Center Localization All
"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F862B8C-D3F7-74F5-6C08-F0F70F744FF7}" = CCC Help Japanese
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{931FE23C-BB40-4C7A-A594-DB35908D8E83}" = VAIO Quick Web Access
"{935B5086-C002-0FBC-0723-5741D2478EE7}" = Catalyst Control Center InstallProxy
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = 
"{96D8E26D-70CB-44DE-AE50-43095A39E5B2}" = VAIO Entertainment Platform
"{9B163B82-3B46-4CE5-BF01-A53E550A8E58}" = Sony Home Network Library
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DA53D22-D922-494C-B1D7-51CD9BCB9E4A}" = VAIO Hardware Diagnostics
"{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding
"{A0F4F993-C4A7-F093-CF8D-5F03B39252F2}" = CCC Help Thai
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A477F82B-F291-5BB0-74FF-6654A27B311A}" = CCC Help Dutch
"{A4EFAC49-5605-E9FA-5C1B-75D8AACF6139}" = Catalyst Control Center Graphics Light
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Funktion Einstellungen
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95187EF-BCF4-4468-B501-C0BAB976ADD1}" = VAIO Personalization Manager
"{AA668097-C081-B41E-DEDA-83BB12B7E85F}" = CCC Help Korean
"{AB259D46-F851-41B0-9AFA-AED8998AD68A}" = MusicStation
"{AC050677-EAFC-4B57-8F83-8205F65134D2}" = VAIO Content Metadata XML Interface Library
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.6 - Deutsch
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{B2F0AAB1-8C1C-1EFE-6594-417BBB023D6B}" = CCC Help Czech
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{BCA907B6-5A0F-473E-8C63-0FF0CFAEB7B7}" = VAIO Personalization Manager
"{C0618520-5C63-1583-B78A-CEE1139EF1E6}" = CCC Help Polish
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}" = Vodafone Mobile Connect Lite
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C84E8865-5E2B-5A46-99F2-B8A35917B8BF}" = Catalyst Control Center Graphics Previews Common
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D36B6249-71E7-9E85-A9D6-E2239783301E}" = CCC Help Norwegian
"{D3AA158A-9421-4883-8767-E771B0964A1D}" = ImageMixer VCD for FinePix
"{D5DC1775-F67A-6399-BE1D-960FC2254F91}" = CCC Help Chinese Standard
"{D604D3C7-337D-FE67-09DE-A641D3B4D886}" = CCC Help Danish
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7 ESD
"{DD23714B-A2C6-A6D2-9309-75AFAFF1F8E6}" = CCC Help English
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3DC1111-5D32-40F9-BB81-64E31294C1A4}" = VAIO Personalization Manager
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E7D5D189-E71D-EA01-419F-699F57B1ED65}" = Catalyst Control Center Graphics Previews Vista
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings
"{F2894826-BF35-CE79-5EA6-7BAD1DF6F8BF}" = CCC Help Greek
"{F392063E-8736-7812-47E7-7598F0B56D9D}" = CCC Help Swedish
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = 
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FF4EB4E5-55BB-D9AF-B5A2-3D6F359E7472}" = CCC Help Chinese Traditional
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Canon MP280 series Benutzerregistrierung" = Canon MP280 series Benutzerregistrierung
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"GOM Player" = GOM Player
"GOM Video Converter" = GOM Video Converter
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photo Creations" = HP Photo Creations
"iLivid" = iLivid
"InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"Intelli-studio" = SAMSUNG Intelli-studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MarketingTools" = VAIO Marketing Tools
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"Product_Name" = ÇáÞÇãæÓ ÇáÊÌÇÑì
"QuickTime" = QuickTime
"RealAlt_is1" = Real Alternative 1.8.2
"Searchqu 406 MediaBar" = Windows iLivid Toolbar
"Shockwave" = Shockwave
"splashtop" = VAIO Quick Web Access
"UlexOEM" = Bertelsmann Universallexikon 2001 OEM
"VAIO Help and Support" = 
"VAIO Premium Partners" = VAIO Premium Partners
"VAIO screensaver" = VAIO screensaver
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mikogo 4" = Mikogo 4
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 03/07/2012 08:51:40 | Computer Name = Alsenbesy-VAIO | Source = VMCService | ID = 0
Description = GetLoggedOnUser
 
Error - 03/07/2012 08:52:12 | Computer Name = Alsenbesy-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
 Zeitstempel: 0x4d672ee4  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
 Zeitstempel: 0x4ec4aa8e  Ausnahmecode: 0xc0000022  Fehleroffset: 0x00000000000cd7d8
ID
 des fehlerhaften Prozesses: 0xfc0  Startzeit der fehlerhaften Anwendung: 0x01cd591a97be90cf
Pfad
 der fehlerhaften Anwendung: C:\Windows\Explorer.EXE  Pfad des fehlerhaften Moduls:
 C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: e7b50792-c50d-11e1-9a7e-f07bcbcd36bb
 
Error - 03/07/2012 08:52:14 | Computer Name = Alsenbesy-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
 Zeitstempel: 0x4d672ee4  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
 Zeitstempel: 0x4ec4aa8e  Ausnahmecode: 0xc000041d  Fehleroffset: 0x00000000000cd7d8
ID
 des fehlerhaften Prozesses: 0xfc0  Startzeit der fehlerhaften Anwendung: 0x01cd591a97be90cf
Pfad
 der fehlerhaften Anwendung: C:\Windows\Explorer.EXE  Pfad des fehlerhaften Moduls:
 C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: e976eba5-c50d-11e1-9a7e-f07bcbcd36bb
 
Error - 03/07/2012 09:33:34 | Computer Name = Alsenbesy-VAIO | Source = Application Hang | ID = 1002
Description = Programm chrome.exe, Version 20.0.1132.47 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: b04    Startzeit: 
01cd59204e6ccf3b    Endzeit: 47    Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID:
 aa4deb1a-c513-11e1-9a7e-f07bcbcd36bb  
 
Error - 03/07/2012 15:12:45 | Computer Name = Alsenbesy-VAIO | Source = Google Update | ID = 20
Description = 
 
Error - 03/07/2012 17:00:46 | Computer Name = Alsenbesy-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})
 (Fehlercode = 0x80042000)
 
Error - 03/07/2012 17:00:46 | Computer Name = Alsenbesy-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 03/07/2012 17:00:50 | Computer Name = Alsenbesy-VAIO | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 03/07/2012 17:01:00 | Computer Name = Alsenbesy-VAIO | Source = VMCService | ID = 0
Description = GetLoggedOnUser
 
Error - 03/07/2012 17:59:09 | Computer Name = Alsenbesy-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mikogo-viewer.exe, Version: 0.0.0.0,
 Zeitstempel: 0x4fd1f2c5  Name des fehlerhaften Moduls: mikogo-viewer.exe, Version:
 0.0.0.0, Zeitstempel: 0x4fd1f2c5  Ausnahmecode: 0xc0000005  Fehleroffset: 0x001a4681
ID
 des fehlerhaften Prozesses: 0x1144  Startzeit der fehlerhaften Anwendung: 0x01cd5965cf489985
Pfad
 der fehlerhaften Anwendung: C:\Users\Alsenbesy\Downloads\mikogo-viewer.exe  Pfad 
des fehlerhaften Moduls: C:\Users\Alsenbesy\Downloads\mikogo-viewer.exe  Berichtskennung:
 5034d2dc-c55a-11e1-ba86-f07bcbcd36bb
 
[ Media Center Events ]
Error - 11/05/2012 14:37:06 | Computer Name = Alsenbesy-VAIO | Source = MCUpdate | ID = 0
Description = 20:37:01 - Fehler beim Herstellen der Internetverbindung.  20:37:01 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 14/05/2012 11:37:38 | Computer Name = Alsenbesy-VAIO | Source = MCUpdate | ID = 0
Description = 17:37:38 - Fehler beim Herstellen der Internetverbindung.  17:37:38 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 14/05/2012 11:37:49 | Computer Name = Alsenbesy-VAIO | Source = MCUpdate | ID = 0
Description = 17:37:44 - Fehler beim Herstellen der Internetverbindung.  17:37:44 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 14/05/2012 12:37:54 | Computer Name = Alsenbesy-VAIO | Source = MCUpdate | ID = 0
Description = 18:37:54 - Fehler beim Herstellen der Internetverbindung.  18:37:54 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 14/05/2012 12:38:00 | Computer Name = Alsenbesy-VAIO | Source = MCUpdate | ID = 0
Description = 18:37:59 - Fehler beim Herstellen der Internetverbindung.  18:37:59 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 16/05/2012 08:43:21 | Computer Name = Alsenbesy-VAIO | Source = MCUpdate | ID = 0
Description = 14:43:13 - Fehler beim Herstellen der Internetverbindung.  14:43:13 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 16/05/2012 19:19:12 | Computer Name = Alsenbesy-VAIO | Source = MCUpdate | ID = 0
Description = 01:19:12 - Fehler beim Herstellen der Internetverbindung.  01:19:12 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 16/05/2012 19:19:25 | Computer Name = Alsenbesy-VAIO | Source = MCUpdate | ID = 0
Description = 01:19:17 - Fehler beim Herstellen der Internetverbindung.  01:19:17 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 19/05/2012 14:15:10 | Computer Name = Alsenbesy-VAIO | Source = MCUpdate | ID = 0
Description = 20:15:10 - Fehler beim Herstellen der Internetverbindung.  20:15:10 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 19/05/2012 14:15:21 | Computer Name = Alsenbesy-VAIO | Source = MCUpdate | ID = 0
Description = 20:15:15 - Fehler beim Herstellen der Internetverbindung.  20:15:15 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ OSession Events ]
Error - 11/12/2011 18:54:10 | Computer Name = Alsenbesy-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 11/12/2011 18:54:37 | Computer Name = Alsenbesy-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 11/12/2011 19:11:30 | Computer Name = Alsenbesy-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 11/12/2011 19:21:00 | Computer Name = Alsenbesy-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 18/12/2011 15:57:56 | Computer Name = Alsenbesy-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 18/12/2011 15:58:08 | Computer Name = Alsenbesy-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 18/12/2011 15:58:33 | Computer Name = Alsenbesy-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 18/12/2011 15:58:59 | Computer Name = Alsenbesy-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 18/12/2011 15:59:42 | Computer Name = Alsenbesy-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 18/05/2012 16:04:17 | Computer Name = Alsenbesy-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session 
lasted 30627 seconds with 180 seconds of active time.  This session ended with a
 crash.
 
[ System Events ]
Error - 03/07/2012 05:40:47 | Computer Name = Alsenbesy-VAIO | Source = Application Popup | ID = 262200
Description = Treiber RISD hat eine ungültige ID für das untergeordnete Gerät (0001)
 zurückgegeben.
 
Error - 03/07/2012 05:40:59 | Computer Name = Alsenbesy-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 03/07/2012 05:41:04 | Computer Name = Alsenbesy-VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "VAIO Media plus Digital Media Server" wurde mit folgendem
 Fehler beendet:   %%-2147195126
 
Error - 03/07/2012 08:51:11 | Computer Name = Alsenbesy-VAIO | Source = Application Popup | ID = 262200
Description = Treiber RISD hat eine ungültige ID für das untergeordnete Gerät (0001)
 zurückgegeben.
 
Error - 03/07/2012 08:51:22 | Computer Name = Alsenbesy-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 03/07/2012 08:51:27 | Computer Name = Alsenbesy-VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "VAIO Media plus Digital Media Server" wurde mit folgendem
 Fehler beendet:   %%-2147195126
 
Error - 03/07/2012 17:00:34 | Computer Name = Alsenbesy-VAIO | Source = Application Popup | ID = 262200
Description = Treiber RISD hat eine ungültige ID für das untergeordnete Gerät (0001)
 zurückgegeben.
 
Error - 03/07/2012 17:00:44 | Computer Name = Alsenbesy-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 03/07/2012 17:00:49 | Computer Name = Alsenbesy-VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "VAIO Media plus Digital Media Server" wurde mit folgendem
 Fehler beendet:   %%-2147195126
 
Error - 03/07/2012 17:35:56 | Computer Name = Alsenbesy-VAIO | Source = Service Control Manager | ID = 7030
Description = Der Dienst "M4-Service" ist als interaktiver Dienst gekennzeichnet.
 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 
 
< End of report >
--- --- ---
DLL im Lanmanworkstation Schlüssel: %SystemRoot%\System32\wkssvc.dll
Geladene DLL: C:\Windows\System32\wkssvc.dll
Signatur der DLL: Microsoft Windows
Rückgabe der Signaturermittlung: Der Vorgang wurde erfolgreich beendet.

MD5 der DLL: 851A1382EED3E3A7476DB004F4EE3E1A

Alles OK, der Rechner ist nicht vom Lanmanworkstation Trojaner befallen!
__________________
Alt 04.07.2012, 13:58   #4
Chris4You
 
Dringend 80 Viren - Standard

Dringend 80 Viren


Hi,

das gibt Mengenrabatt ;o)...

Fix für OTL:
  • Doppelklick auf die OTL.exe, um das Programm auszuführen.
  • Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
  • Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"

Code:
ATTFilter
:OTL
[2012/07/03 21:17:48 | 000,045,056 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\2363.exe
[2012/07/03 14:53:42 | 000,045,056 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\7D7A.exe
[2012/07/03 14:53:36 | 000,049,664 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\6410.exe
[2012/07/03 11:59:36 | 000,049,664 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\68F1.exe
[2012/07/03 11:59:28 | 000,045,056 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\4AC6.exe
[2012/07/03 11:59:19 | 000,016,352 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\2635.exe
[2012/07/02 21:44:12 | 000,049,664 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\36EA.exe
[2012/07/02 21:44:00 | 000,045,056 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\9B1.exe
[2012/07/02 00:23:54 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\3C6B.exe
[2012/07/02 00:23:17 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\AA59.exe
[2012/07/02 00:23:04 | 000,028,616 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\7802.exe
[2012/07/01 21:54:55 | 000,045,056 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\D51B.exe
[2012/07/01 08:46:26 | 000,045,056 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\6C14.exe
[2012/07/01 08:46:10 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\2A81.exe
[2012/07/01 08:45:52 | 000,012,264 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\E621.exe
[2012/07/01 08:39:36 | 000,016,352 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\2725.exe
[2012/07/01 08:38:56 | 000,008,176 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\8C5B.exe
[2012/07/01 07:49:33 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\565B.exe
[2012/07/01 07:49:14 | 000,045,056 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\B08.exe
[2012/06/30 20:30:04 | 000,045,056 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\CFCD.exe
[2012/06/29 21:14:40 | 000,024,528 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\525F.exe
[2012/06/29 21:14:12 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\E5B7.exe
[2012/06/29 20:59:06 | 000,045,056 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\1454.exe
[2012/06/29 20:58:50 | 000,028,616 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\D550.exe
[2012/06/29 20:57:57 | 000,024,528 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\812.exe
[2012/06/29 19:13:10 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\15F4.exe
[2012/06/29 19:12:57 | 000,008,176 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\E5CF.exe
[2012/06/29 19:11:53 | 000,008,176 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\EA7F.exe
[2012/06/29 19:08:01 | 000,012,264 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\6103.exe
[2012/06/28 02:58:39 | 000,044,968 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\C90F.exe
[2012/06/28 00:08:09 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\AE2B.exe
[2012/06/28 00:07:44 | 000,008,176 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\4EFA.exe
[2012/06/27 01:26:14 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\F1C7.exe
[2012/06/27 01:26:02 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\C00C.exe
[2012/06/27 01:25:39 | 000,024,528 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\6648.exe
[2012/06/27 00:47:51 | 000,008,176 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\CA33.exe
[2012/06/27 00:45:10 | 000,016,352 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\562A.exe
[2012/06/09 13:13:32 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\6CB7.exe
[2012/06/09 01:39:24 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\9020.exe
[2012/06/09 00:23:56 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\7003.exe
[2012/06/08 23:20:12 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\88D0.exe
[2012/06/08 22:21:32 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\C055.exe
[2012/06/08 21:48:44 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\B665.exe
[2012/06/08 19:22:45 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\37F2.exe
[2012/06/08 16:39:14 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\8536.exe
[2012/06/08 12:07:40 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\8E7.exe
[2012/06/08 12:07:34 | 000,113,792 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\F362.exe
[2012/06/08 01:46:56 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\6A19.exe
[2012/06/07 20:32:38 | 000,126,976 | -H-- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\Kxygyq.exe
[2012/06/07 20:31:23 | 000,113,792 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\E009.exe
[2012/06/15 14:53:59 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\1357.exe
[2012/06/15 14:53:55 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\2E1.exe
[2012/06/15 13:41:01 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\4672.exe
[2012/06/15 13:40:59 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\3D1E.exe
[2012/06/14 21:27:53 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\D264.exe
[2012/06/14 21:27:48 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\BFDC.exe
[2012/06/14 17:51:30 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\B6F0.exe
[2012/06/14 17:51:26 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\AA81.exe
[2012/06/13 01:59:47 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\29E2.exe
[2012/06/13 01:59:43 | 000,000,298 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\1798.exe
[2012/06/13 01:30:25 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\46A2.exe
[2012/06/13 01:30:18 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\2961.exe
[2012/06/12 03:04:55 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\CA61.exe
[2012/06/12 03:04:53 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\C17B.exe
[2012/06/11 23:14:30 | 000,040,960 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\118E.exe
[2012/06/11 23:14:23 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\F804.exe
[2012/06/26 00:38:11 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\B0F1.exe
[2012/06/26 00:37:33 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\19A1.exe
[2012/06/25 22:51:12 | 000,098,952 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\5BE9.exe
[2012/06/25 21:53:42 | 000,098,952 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\B941.exe
[2012/06/25 01:35:17 | 000,024,528 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\8D46.exe
[2012/06/25 01:34:50 | 000,098,952 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\22FE.exe
[2012/06/25 01:24:31 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\AF92.exe
[2012/06/25 01:24:06 | 000,044,968 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\5003.exe
[2012/06/24 00:26:01 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\C765.exe
[2012/06/24 00:25:50 | 000,098,952 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\9A0D.exe
[2012/06/24 00:16:54 | 000,098,952 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\6D32.exe
[2012/06/24 00:16:07 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\B70C.exe
[2012/06/24 00:07:33 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\DF62.exe
[2012/06/24 00:07:22 | 000,098,952 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\B2C5.exe
[2012/06/23 23:54:55 | 000,032,704 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\4E66.exe
[2012/06/23 23:54:07 | 000,098,952 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\9044.exe
[2012/06/23 23:36:17 | 000,057,232 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\3EB8.exe
[2012/06/20 12:54:25 | 000,016,352 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\85C6.exe
[2012/06/20 12:14:44 | 000,024,528 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\2F4A.exe
[2012/06/20 12:12:33 | 000,098,952 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\2F59.exe
[2012/06/19 01:12:18 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\FB84.exe
[2012/06/19 00:38:56 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\70DC.exe
[2012/06/18 00:44:52 | 000,044,032 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\347D.exe
[2012/06/18 00:44:44 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\129A.exe
[2012/06/17 23:50:07 | 000,044,032 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\F825.exe
[2012/06/17 23:50:02 | 000,048,640 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\E5FB.exe
[2012/06/17 23:49:59 | 000,000,298 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\DC3A.exe
[2012/06/16 21:54:38 | 000,048,640 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\A39A.exe
[2012/06/16 21:54:36 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\9B50.exe
[2012/06/16 21:54:33 | 000,044,032 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\8E92.exe
[2012/06/16 21:50:30 | 000,044,032 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\D947.exe
[2012/06/16 21:50:25 | 000,048,640 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\C70E.exe
[2012/06/16 21:48:42 | 000,000,193 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\34EB.exe
[2012/06/16 21:06:11 | 000,000,180 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\4906.exe
[2012/06/16 21:06:09 | 000,048,640 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\41F3.exe
[2012/06/16 21:06:04 | 000,000,298 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\2BA4.exe
[2012/06/16 20:58:11 | 000,044,032 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\F46E.exe
[2012/06/16 20:58:05 | 000,048,640 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\DE8C.exe
[2012/06/16 20:57:59 | 000,099,984 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\C7A2.exe
O4 - HKCU..\Run: [Kxygyq] C:\Users\Alsenbesy\AppData\Roaming\Kxygyq.exe ()
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.

:Commands
[emptytemp]
[Reboot]
  • Den roten Run Fixes! Button anklicken.
  • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
  • Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
  • %systemroot%\_OTL

Danach MAM updaten und Fullscan, Log posten!

Combofix
Lade Combo Fix von http://download.bleepingcomputer.com/sUBs/ComboFix.exe und speichert es auf den Desktop.

Achtung: In einigen wenigen Fällen kann es vorkommen, das der Rechner nicht mehr booten kann und Neuaufgesetzt werden muß!

Alle Fenster schliessen und combofix.exe starten und bestätige die folgende Abfrage mit 1 und drücke Enter.

Der Scan mit Combofix kann einige Zeit in Anspruch nehmen, also habe etwas Geduld. Während des Scans bitte nichts am Rechner unternehmen
Es kann möglich sein, dass der Rechner zwischendurch neu gestartet wird.
Nach Scanende wird ein Report (ComboFix.txt) angezeigt, den bitte kopieren und in deinem Thread einfuegen. Das Log solltest Du unter C:\ComboFix.txt finden...

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 10.07.2012, 12:51   #5
rakam119
 
Dringend 80 Viren - Standard

Dringend 80 Viren


Hallo,
danke für Hilfe. was ist ein MAM update??
liebe Grüsse



All processes killed
========== OTL ==========
C:\Users\Alsenbesy\AppData\Roaming\2363.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\7D7A.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\6410.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\68F1.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\4AC6.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\2635.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\36EA.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\9B1.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\3C6B.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\AA59.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\7802.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\D51B.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\6C14.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\2A81.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\E621.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\2725.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\8C5B.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\565B.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\B08.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\CFCD.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\525F.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\E5B7.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\1454.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\D550.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\812.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\15F4.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\E5CF.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\EA7F.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\6103.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\C90F.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\AE2B.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\4EFA.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\F1C7.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\C00C.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\6648.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\CA33.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\562A.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\6CB7.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\9020.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\7003.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\88D0.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\C055.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\B665.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\37F2.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\8536.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\8E7.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\F362.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\6A19.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\Kxygyq.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\E009.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\1357.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\2E1.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\4672.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\3D1E.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\D264.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\BFDC.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\B6F0.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\AA81.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\29E2.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\1798.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\46A2.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\2961.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\CA61.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\C17B.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\118E.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\F804.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\B0F1.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\19A1.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\5BE9.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\B941.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\8D46.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\22FE.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\AF92.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\5003.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\C765.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\9A0D.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\6D32.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\B70C.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\DF62.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\B2C5.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\4E66.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\9044.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\3EB8.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\85C6.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\2F4A.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\2F59.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\FB84.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\70DC.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\347D.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\129A.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\F825.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\E5FB.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\DC3A.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\A39A.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\9B50.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\8E92.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\D947.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\C70E.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\34EB.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\4906.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\41F3.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\2BA4.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\F46E.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\DE8C.exe moved successfully.
C:\Users\Alsenbesy\AppData\Roaming\C7A2.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Kxygyq deleted successfully.
File C:\Users\Alsenbesy\AppData\Roaming\Kxygyq.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Alsenbesy
->Temp folder emptied: 1729940 bytes
->Temporary Internet Files folder emptied: 3400064 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 42793295 bytes
->Google Chrome cache emptied: 59538542 bytes
->Flash cache emptied: 851 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33227 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 438816 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5728 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 211805 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 761 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 684178 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 769 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 104.00 mb


OTL by OldTimer - Version 3.2.53.1 log created on 07042012_152534

Files\Folders moved on Reboot...
C:\Users\Alsenbesy\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Alsenbesy\AppData\Local\Temp\~DF0443A4691C807A9D.TMP not found!
File\Folder C:\Users\Alsenbesy\AppData\Local\Temp\~DF1F511BB91E279BF5.TMP not found!
File\Folder C:\Users\Alsenbesy\AppData\Local\Temp\~DF31C69DB2002A6590.TMP not found!
File\Folder C:\Users\Alsenbesy\AppData\Local\Temp\~DF43D7BB4C369E16B3.TMP not found!
File\Folder C:\Users\Alsenbesy\AppData\Local\Temp\~DF4E638FB92AFD54BA.TMP not found!
File\Folder C:\Users\Alsenbesy\AppData\Local\Temp\~DF97E83AD9E44FEE73.TMP not found!
File\Folder C:\Users\Alsenbesy\AppData\Local\Temp\~DFAD2423D7BF2661CF.TMP not found!
File\Folder C:\Users\Alsenbesy\AppData\Local\Temp\~DFAD963EA266E94AB8.TMP not found!
File\Folder C:\Users\Alsenbesy\AppData\Local\Temp\~DFB947639A76E39546.TMP not found!
File\Folder C:\Users\Alsenbesy\AppData\Local\Temp\~DFBB5EB3DEC4B301BA.TMP not found!
File\Folder C:\Users\Alsenbesy\AppData\Local\Temp\~DFEE2AE0263CE1FC29.TMP not found!
File\Folder C:\Users\Alsenbesy\AppData\Local\Temp\~DFF932EBE8A05D7B8E.TMP not found!

PendingFileRenameOperations files...
File C:\Users\Alsenbesy\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
File C:\Users\Alsenbesy\AppData\Local\Temp\~DF0443A4691C807A9D.TMP not found!
File C:\Users\Alsenbesy\AppData\Local\Temp\~DF1F511BB91E279BF5.TMP not found!
File C:\Users\Alsenbesy\AppData\Local\Temp\~DF31C69DB2002A6590.TMP not found!
File C:\Users\Alsenbesy\AppData\Local\Temp\~DF43D7BB4C369E16B3.TMP not found!
File C:\Users\Alsenbesy\AppData\Local\Temp\~DF4E638FB92AFD54BA.TMP not found!
File C:\Users\Alsenbesy\AppData\Local\Temp\~DF97E83AD9E44FEE73.TMP not found!
File C:\Users\Alsenbesy\AppData\Local\Temp\~DFAD2423D7BF2661CF.TMP not found!
File C:\Users\Alsenbesy\AppData\Local\Temp\~DFAD963EA266E94AB8.TMP not found!
File C:\Users\Alsenbesy\AppData\Local\Temp\~DFB947639A76E39546.TMP not found!
File C:\Users\Alsenbesy\AppData\Local\Temp\~DFBB5EB3DEC4B301BA.TMP not found!
File C:\Users\Alsenbesy\AppData\Local\Temp\~DFEE2AE0263CE1FC29.TMP not found!
File C:\Users\Alsenbesy\AppData\Local\Temp\~DFF932EBE8A05D7B8E.TMP not found!

Registry entries deleted on Reboot...


Alt 10.07.2012, 16:46   #6
Chris4You
 
Dringend 80 Viren - Standard

Dringend 80 Viren


Hi,

bitte noch das Log von comboFix posten...

chris
__________________
--> Dringend 80 Viren

Alt 10.07.2012, 21:44   #7
rakam119
 
Dringend 80 Viren - Standard

Dringend 80 Viren


Combofix Logfile:
Code:
ATTFilter
ComboFix 12-07-04.04 - Alsenbesy 04/07/2012  22:26:04.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3950.2181 [GMT 2:00]
ausgeführt von:: c:\users\Alsenbesy\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Alsenbesy\4.0
c:\users\Alsenbesy\Documents\~WRL0003.tmp
c:\windows\IsUn0407.exe
c:\windows\SysWow64\FF05DA0D.dll
c:\windows\SysWow64\SystemFiles
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-06-04 bis 2012-07-04  ))))))))))))))))))))))))))))))
.
.
2012-07-04 20:34 . 2012-07-04 20:34	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-07-04 20:33 . 2012-07-04 20:33	69000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{05595C7F-530A-4EF4-A31F-D3696EEA0253}\offreg.dll
2012-07-04 13:25 . 2012-07-04 13:25	--------	d-----w-	C:\_OTL
2012-07-03 21:50 . 2012-07-03 21:50	--------	d-----w-	c:\users\Alsenbesy\AppData\Local\Mikogo4
2012-07-03 21:35 . 2012-07-03 21:41	--------	d-----w-	c:\users\Alsenbesy\AppData\Roaming\Mikogo 4
2012-07-03 20:42 . 2012-07-03 20:42	--------	d-----w-	c:\users\Alsenbesy\AppData\Roaming\Malwarebytes
2012-07-03 20:42 . 2012-07-03 20:42	--------	d-----w-	c:\programdata\Malwarebytes
2012-07-03 20:42 . 2012-07-03 20:49	--------	d-----w-	c:\windows\Malwarebytes' Anti-Malware
2012-07-03 20:42 . 2012-04-04 13:56	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-07-03 19:24 . 2012-05-31 04:04	9013136	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{05595C7F-530A-4EF4-A31F-D3696EEA0253}\mpengine.dll
2012-06-29 18:32 . 2012-07-03 21:02	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2012-06-29 18:32 . 2012-06-29 18:33	--------	d-----w-	c:\program files\Spybot - Search & Destroy
2012-06-26 19:40 . 2012-06-02 22:19	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-26 19:40 . 2012-06-02 22:19	57880	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-26 19:40 . 2012-06-02 22:19	44056	----a-w-	c:\windows\system32\wups2.dll
2012-06-26 19:40 . 2012-06-02 22:15	2622464	----a-w-	c:\windows\system32\wucltux.dll
2012-06-26 19:40 . 2012-06-02 22:19	38424	----a-w-	c:\windows\system32\wups.dll
2012-06-26 19:40 . 2012-06-02 22:15	99840	----a-w-	c:\windows\system32\wudriver.dll
2012-06-26 19:40 . 2012-06-02 22:19	701976	----a-w-	c:\windows\system32\wuapi.dll
2012-06-26 19:39 . 2012-06-02 13:19	186752	----a-w-	c:\windows\system32\wuwebv.dll
2012-06-26 19:39 . 2012-06-02 13:15	36864	----a-w-	c:\windows\system32\wuapp.exe
2012-06-24 12:27 . 2012-06-24 12:27	537432	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\a901545a1cd520429\DXSETUP.exe
2012-06-24 12:27 . 2012-06-24 12:27	1801048	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\a901545a1cd520429\dsetup32.dll
2012-06-24 12:27 . 2012-06-24 12:27	89944	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\a901545a1cd520429\DSETUP.dll
2012-06-24 12:27 . 2012-06-24 12:27	94040	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\a5da660a1cd520428\DSETUP.dll
2012-06-24 12:27 . 2012-06-24 12:27	525656	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\a5da660a1cd520428\DXSETUP.exe
2012-06-24 12:27 . 2012-06-24 12:27	1691480	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\a5da660a1cd520428\dsetup32.dll
2012-06-24 12:24 . 2012-06-24 12:24	--------	d-----w-	c:\users\Alsenbesy\AppData\Local\Windows Live
2012-06-14 07:14 . 2012-05-01 05:40	209920	----a-w-	c:\windows\system32\profsvc.dll
2012-06-14 07:14 . 2012-04-28 03:55	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-19 19:16 . 2010-10-01 21:55	2300696	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-05-19 19:15 . 2010-10-01 21:54	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-05-17 00:20 . 2010-10-03 17:06	2300696	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-05-17 00:19 . 2010-10-03 17:05	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-05-15 10:54 . 2010-10-01 21:54	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-05-11 19:37 . 2010-10-03 17:05	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]
"Facebook Update"="c:\users\Alsenbesy\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-10-21 137536]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-13 98304]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2009-10-24 597792]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2010-02-23 26624]
"REGSHAVE"="c:\program files (x86)\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
"AMTDeviceService"="c:\program files (x86)\AMT Media Manager\AMTDeviceService.exe" [2009-01-21 184320]
"NeroCheck"="c:\windows\SysWOW64\NeroCheck.exe" [2001-07-09 155648]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SHTtray.exe"="c:\program files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe" [2009-10-15 99624]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 21:03	98304	----a-w-	c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\WI3C8A~1\Datamngr\datamngr.dll c:\progra~2\WI3C8A~1\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-23 133104]
R2 M4-Service;M4-Service;c:\users\Alsenbesy\AppData\Roaming\Mikogo 4\M4-Service.exe [2012-01-16 1007472]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856]
R2 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-15 427304]
R3 gtstusbser_64;Option210 USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\gtstusbser_64.sys [2008-11-18 118016]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-23 133104]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2009-11-13 151936]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-12-16 244736]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-01 361840]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-19 115568]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-21 1255736]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-01-27 202752]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimssne64.sys [2009-11-06 93696]
S2 risdsnpe;risdsnpe;c:\windows\system32\DRIVERS\risdsne64.sys [2009-09-15 75776]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-15 120104]
S2 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-15 70952]
S2 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-15 75048]
S2 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-15 91432]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-14 642416]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-19 529776]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-07-04 14336]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2009-11-25 821760]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-11-18 52264]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-11-18 35104]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-12-14 56344]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-08-19 11392]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-11-12 395264]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3878420749-3662022685-3788773000-1000Core.job
- c:\users\Alsenbesy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-21 00:35]
.
2012-07-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3878420749-3662022685-3788773000-1000UA.job
- c:\users\Alsenbesy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-21 00:35]
.
2012-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-23 08:03]
.
2012-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-23 08:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\progra~2\WI3C8A~1\Datamngr\x64\datamngr.dll c:\progra~2\WI3C8A~1\Datamngr\x64\IEBHO.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Kxygyq - c:\users\Alsenbesy\AppData\Roaming\Kxygyq.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
AddRemove-UlexOEM - c:\windows\IsUn0407.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-07-04  22:37:45
ComboFix-quarantined-files.txt  2012-07-04 20:37
.
Vor Suchlauf: 20 Verzeichnis(se), 425,304,604,672 Bytes frei
Nach Suchlauf: 26 Verzeichnis(se), 424,931,852,288 Bytes frei
.
- - End Of File - - 58AB3575E8088859B9FB5BC6180288F2
--- --- ---
Alt 12.07.2012, 06:56   #8
Chris4You
 
Dringend 80 Viren - Standard

Dringend 80 Viren


Hi,

soweit so gut, Du hast eine Toolbar (oder sowas ähnliches) auf dem Rechner:
Code:
ATTFilter
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\progra~2\WI3C8A~1\Datamngr\x64\datamngr.dll c:\progra~2\WI3C8A~1\Datamngr\x64\IEBHO.dll
Soll die weg?

MAM update-> Antimalwarebytes updaten und noch mal Fullscann, dann:

Superantispyware (SASW):
http://www.trojaner-board.de/51871-a...tispyware.html

Poste auch noch ein neues OTL-ScanLog...

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 16.07.2012, 20:00   #9
rakam119
 
Dringend 80 Viren - Standard

Dringend 80 Viren


Hallo
was ist bitte MAM update? wie kann ich das durchführen?
Danke

Alt 17.07.2012, 06:39   #10
Chris4You
 
Dringend 80 Viren - Standard

Dringend 80 Viren


Hi,

Antimalwarebytes starten -> Reiter "Aktualisierung"-> "Suche nach Aktualisierung", dann Fullscan durchführen, Log posten...

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 17.07.2012, 18:35   #11
rakam119
 
Dringend 80 Viren - Standard

Dringend 80 Viren


Malwarebytes Anti-Malware 1.62.0.1300
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.07.17.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Alsenbesy :: ALSENBESY-VAIO [Administrator]

17/07/2012 13:28:24
mbam-log-2012-07-17 (13-28-24).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 365080
Laufzeit: 5 Stunde(n), 54 Minute(n), 19 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 07/17/2012 at 11:09 PM

Application Version : 5.5.1006

Core Rules Database Version : 8914
Trace Rules Database Version: 6726

Scan type : Complete Scan
Total Scan Time : 01:11:26

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 602
Memory threats detected : 0
Registry items scanned : 67748
Registry threats detected : 0
File items scanned : 53579
File threats detected : 163

Adware.Tracking Cookie
C:\Users\Alsenbesy\AppData\Roaming\Microsoft\Windows\Cookies\0EQ2RJ1Y.txt [ /c.atdmt.com ]
C:\Users\Alsenbesy\AppData\Roaming\Microsoft\Windows\Cookies\2TJL67NE.txt [ /atdmt.com ]
C:\Users\Alsenbesy\AppData\Roaming\Microsoft\Windows\Cookies\FHWAOQHE.txt [ /atdmt.combing.com ]
C:\USERS\ALSENBESY\AppData\Roaming\Microsoft\Windows\Cookies\Low\1OHV8425.txt [ Cookie:alsenbesy@msnportal.112.2o7.net/ ]
C:\USERS\ALSENBESY\AppData\Roaming\Microsoft\Windows\Cookies\Low\6F0ZAYDR.txt [ Cookie:alsenbesy@atdmt.com/ ]
C:\USERS\ALSENBESY\Cookies\2TJL67NE.txt [ Cookie:alsenbesy@atdmt.com/ ]
C:\USERS\ALSENBESY\Cookies\FHWAOQHE.txt [ Cookie:alsenbesy@atdmt.combing.com/ ]
.doubleclick.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cdn.lfstmedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cdn.lfstmedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cdn.lfstmedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.sim-technik.de [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad4.adfarm1.adition.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox-affiliate.de [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yadro.ru [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
counters.gigya.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adfarm1.adition.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
viewad.exchangecash.de [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
viewad.exchangecash.de [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad3.adfarm1.adition.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
media.mtvnservices.com [ C:\USERS\ALSENBESY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VJHMD77K ]
secure-us.imrworldwide.com [ C:\USERS\ALSENBESY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VJHMD77K ]

Trojan.Agent/Gen-Zusy
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\4672.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\118E.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\1357.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\29E2.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\46A2.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\6CB7.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\AA81.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\CA61.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\D264.EXE

Trojan.Agent/Gen
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\129A.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\2961.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\2E1.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\37F2.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\3D1E.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\41F3.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\6A19.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\7003.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\70DC.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\8536.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\88D0.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\8E7.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\9020.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\9B50.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\A39A.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\B665.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\B6F0.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\BFDC.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\C055.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\C17B.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\C70E.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\C7A2.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\DE8C.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\E009.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\E5FB.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\F362.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\F804.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\FB84.EXE

Trojan.Agent/Gen-Dropper
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\22FE.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\2F59.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\3EB8.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\5003.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\5BE9.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\6D32.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\85C6.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\9044.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\9A0D.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\B2C5.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\B941.EXE

Trojan.Agent/Gen-Lethic
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\347D.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\8E92.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\D947.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\F46E.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\F825.EXE

Trojan.Agent/Gen-Pushbot
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\36EA.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\68F1.EXE

Trojan.Agent/Gen-Kazy
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\4AC6.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\9B1.EXE

Trojan.Agent/Gen-Jorik
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\KXYGYQ.EXE

Alt 18.07.2012, 06:40   #12
Chris4You
 
Dringend 80 Viren - Standard

Dringend 80 Viren


Hi,

alle Funde von SUPERAntiSpyware löschen lassen, erstelle und poste ein neues OTL-Log...

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 18.07.2012, 12:17   #13
rakam119
 
Dringend 80 Viren - Standard

Dringend 80 Viren


SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 07/17/2012 at 11:09 PM

Application Version : 5.5.1006

Core Rules Database Version : 8914
Trace Rules Database Version: 6726

Scan type : Complete Scan
Total Scan Time : 01:11:26

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 602
Memory threats detected : 0
Registry items scanned : 67748
Registry threats detected : 0
File items scanned : 53579
File threats detected : 163

Adware.Tracking Cookie
C:\Users\Alsenbesy\AppData\Roaming\Microsoft\Windows\Cookies\0EQ2RJ1Y.txt [ /c.atdmt.com ]
C:\Users\Alsenbesy\AppData\Roaming\Microsoft\Windows\Cookies\2TJL67NE.txt [ /atdmt.com ]
C:\Users\Alsenbesy\AppData\Roaming\Microsoft\Windows\Cookies\FHWAOQHE.txt [ /atdmt.combing.com ]
C:\USERS\ALSENBESY\AppData\Roaming\Microsoft\Windows\Cookies\Low\1OHV8425.txt [ Cookie:alsenbesy@msnportal.112.2o7.net/ ]
C:\USERS\ALSENBESY\AppData\Roaming\Microsoft\Windows\Cookies\Low\6F0ZAYDR.txt [ Cookie:alsenbesy@atdmt.com/ ]
C:\USERS\ALSENBESY\Cookies\2TJL67NE.txt [ Cookie:alsenbesy@atdmt.com/ ]
C:\USERS\ALSENBESY\Cookies\FHWAOQHE.txt [ Cookie:alsenbesy@atdmt.combing.com/ ]
.doubleclick.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cdn.lfstmedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cdn.lfstmedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cdn.lfstmedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.sim-technik.de [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad4.adfarm1.adition.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox-affiliate.de [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yadro.ru [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
counters.gigya.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adfarm1.adition.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
viewad.exchangecash.de [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
viewad.exchangecash.de [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad3.adfarm1.adition.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\ALSENBESY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
media.mtvnservices.com [ C:\USERS\ALSENBESY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VJHMD77K ]
secure-us.imrworldwide.com [ C:\USERS\ALSENBESY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VJHMD77K ]

Trojan.Agent/Gen-Zusy
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\4672.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\118E.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\1357.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\29E2.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\46A2.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\6CB7.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\AA81.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\CA61.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\D264.EXE

Trojan.Agent/Gen
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\129A.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\2961.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\2E1.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\37F2.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\3D1E.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\41F3.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\6A19.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\7003.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\70DC.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\8536.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\88D0.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\8E7.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\9020.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\9B50.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\A39A.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\B665.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\B6F0.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\BFDC.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\C055.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\C17B.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\C70E.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\C7A2.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\DE8C.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\E009.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\E5FB.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\F362.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\F804.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\FB84.EXE

Trojan.Agent/Gen-Dropper
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\22FE.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\2F59.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\3EB8.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\5003.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\5BE9.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\6D32.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\85C6.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\9044.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\9A0D.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\B2C5.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\B941.EXE

Trojan.Agent/Gen-Lethic
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\347D.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\8E92.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\D947.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\F46E.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\F825.EXE

Trojan.Agent/Gen-Pushbot
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\36EA.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\68F1.EXE

Trojan.Agent/Gen-Kazy
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\4AC6.EXE
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\9B1.EXE

Trojan.Agent/Gen-Jorik
C:\_OTL\MOVEDFILES\07042012_152534\C_USERS\ALSENBESY\APPDATA\ROAMING\KXYGYQ.EXE

Alt 18.07.2012, 12:54   #14
Chris4You
 
Dringend 80 Viren - Standard

Dringend 80 Viren


Hi,

sieht irgendwie nicht wie ein neues OTL-Log aus, eher wie das SASW-Log von vorhin ;o)...

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 20.07.2012, 08:57   #15
rakam119
 
Dringend 80 Viren - Standard

Dringend 80 Viren


Hallo,OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 20/07/2012 03:02:10 - Run 3
OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\Alsenbesy\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00001809 | Country: Irland | Language: ENI | Date Format: dd/MM/yyyy
 
3.86 Gb Total Physical Memory | 2.06 Gb Available Physical Memory | 53.41% Memory free
7.71 Gb Paging File | 5.28 Gb Available in Paging File | 68.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.14 Gb Total Space | 398.71 Gb Free Space | 87.60% Space Free | Partition Type: NTFS
Drive H: | 38.23 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: ALSENBESY-VAIO | User Name: Alsenbesy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Users\Alsenbesy\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Alsenbesy\AppData\Roaming\Mikogo 4\M4-Capture.exe ()
PRC - C:\Users\Alsenbesy\AppData\Roaming\Mikogo 4\M4-Service.exe ()
PRC - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation)
PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
PRC - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
PRC - C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe (Sony Corporation)
PRC - C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)
PRC - C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\AMT Media Manager\AMTDeviceService.exe ()
PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\avutil-51.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\avformat-54.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\avcodec-54.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\gcswf32.dll ()
MOD - C:\PROGRA~2\Google\Chrome\APPLIC~1\200113~1.57\gcswf32.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\054fcff18035c210487b0888e6461192\System.Security.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files (x86)\Yahoo!\Messenger\yui.dll ()
MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
MOD - C:\Program Files (x86)\AMT Media Manager\AMTDeviceService.exe ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (SBSDWSCService) -- C:\Program Files\Spybot File not found
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (M4-Service) -- C:\Users\Alsenbesy\AppData\Roaming\Mikogo 4\M4-Service.exe ()
SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
SRV - (!SASCORE) -- C:\Programme\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)
SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (VMCService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys ()
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC)
DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (gtstusbser_64) -- C:\Windows\SysNative\drivers\gtstusbser_64.sys (Option N.V.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (gtstusbser_64) -- C:\Windows\SysWOW64\drivers\gtstusbser_64.sys (Option N.V.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A5 C7 08 54 D4 0C CC 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?FORM=IPGTDF&PC=IPGTDF&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{2718B482-2833-49AE-B551-6B2CB6D732E3}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363
IE - HKCU\..\SearchScopes\{2B78B840-DEEA-48AF-AE01-BE502EDACA3D}: "URL" = hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search
IE - HKCU\..\SearchScopes\{39376645-4655-458A-A678-92206D85EE10}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}
IE - HKCU\..\SearchScopes\{3FA07013-7A05-4BE3-A3D2-44230EF23A83}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC_de___DE397
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={AD25DDA7-E076-4A76-BEF6-DB1FCA8A676F}&mid=e4648ee3536c47d1995a21328d29df48-6b9b6ec1e489b3c345477ad329072f58cb7fbb7a&lang=en&ds=AVG&pr=pr&d=2012-02-22 15:04:05&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Alsenbesy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
 
[2011/09/29 22:15:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alsenbesy\AppData\Roaming\mozilla\Extensions
[2012/02/22 15:04:01 | 000,003,747 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Alsenbesy\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Alsenbesy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Alsenbesy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
 
O1 HOSTS File: ([2012/07/04 22:34:02 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AMTDeviceService] C:\Program Files (x86)\AMT Media Manager\AMTDeviceService.exe ()
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE (Bandoo Media, inc)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [NeroCheck] C:\Windows\SysWOW64\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [REGSHAVE] C:\Program Files (x86)\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
O4 - HKLM..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Alsenbesy\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Kxygyq] C:\Users\Alsenbesy\AppData\Roaming\Kxygyq.exe File not found
O4 - HKCU..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D61CA8A8-A9C5-4B05-8B5C-1FF6CD0702CA}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll) - C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll) - C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKCU Winlogon: Shell - (Explorer.exe) - Explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - VESWinlogon.dll (Sony Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/07/17 21:54:43 | 000,000,000 | ---D | C] -- C:\Users\Alsenbesy\AppData\Roaming\SUPERAntiSpyware.com
[2012/07/17 21:54:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/07/17 21:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/07/17 21:54:34 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/07/11 21:03:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/07/11 21:03:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/07/11 21:03:22 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/07/11 21:03:20 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/07/11 21:03:19 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/07/04 23:49:55 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/07/04 22:37:47 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/07/04 22:24:04 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/07/04 22:24:04 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/07/04 22:24:04 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/07/04 22:23:49 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/07/04 22:23:35 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/07/04 15:25:34 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/07/03 23:50:06 | 000,000,000 | ---D | C] -- C:\Users\Alsenbesy\Documents\Mikogo4
[2012/07/03 23:50:06 | 000,000,000 | ---D | C] -- C:\Users\Alsenbesy\AppData\Local\Mikogo4
[2012/07/03 23:35:43 | 000,000,000 | ---D | C] -- C:\Users\Alsenbesy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mikogo 4
[2012/07/03 23:35:38 | 000,000,000 | ---D | C] -- C:\Users\Alsenbesy\AppData\Roaming\Mikogo 4
[2012/07/03 22:42:59 | 000,000,000 | ---D | C] -- C:\Users\Alsenbesy\AppData\Roaming\Malwarebytes
[2012/07/03 22:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/03 22:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/03 22:42:10 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/03 22:42:10 | 000,000,000 | ---D | C] -- C:\Windows\Malwarebytes' Anti-Malware
[2012/06/29 20:32:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/06/29 20:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/06/29 20:32:50 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012/06/26 21:40:19 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/26 21:40:19 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/26 21:40:19 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/26 21:40:08 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/26 21:40:08 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/26 21:40:07 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/26 21:39:58 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/26 21:39:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/24 14:24:42 | 000,000,000 | ---D | C] -- C:\Users\Alsenbesy\AppData\Local\Windows Live
[2012/06/24 14:24:42 | 000,000,000 | ---D | C] -- C:\Users\Alsenbesy\AppData\Local\{9B9CDE75-F4BD-4A8F-8DB6-778AB17F5E08}
[12 C:\Users\Alsenbesy\Desktop\*.tmp files -> C:\Users\Alsenbesy\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/07/20 09:47:49 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/20 09:47:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/20 09:46:24 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3878420749-3662022685-3788773000-1000UA.job
[2012/07/20 03:06:35 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/20 03:06:35 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/20 03:01:13 | 001,569,702 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/20 03:01:13 | 000,684,372 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012/07/20 03:01:13 | 000,633,488 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/20 03:01:13 | 000,142,150 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012/07/20 03:01:13 | 000,116,736 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/20 02:56:07 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/20 02:55:15 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/19 20:05:06 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3878420749-3662022685-3788773000-1000Core.job
[2012/07/17 21:54:40 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/07/17 13:25:20 | 000,000,987 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/07/16 22:52:35 | 000,004,222 | ---- | M] () -- C:\Users\Alsenbesy\Desktop\20452_1243355999133_624243_n.jpg
[2012/07/16 02:03:35 | 000,012,067 | ---- | M] () -- C:\Users\Alsenbesy\Desktop\534545_391137150951110_1905478023_n.jpg
[2012/07/16 02:02:44 | 000,014,245 | ---- | M] () -- C:\Users\Alsenbesy\Desktop\165811_413173028728915_1866485103_n.jpg
[2012/07/16 01:54:35 | 000,022,551 | ---- | M] () -- C:\Users\Alsenbesy\Desktop\388982_443308129052390_1059556981_n.jpg
[2012/07/13 00:32:53 | 000,454,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/05 00:04:33 | 000,036,390 | ---- | M] () -- C:\Users\Alsenbesy\Desktop\Pancreas_07.jpg
[2012/07/05 00:01:50 | 000,003,605 | ---- | M] () -- C:\Users\Alsenbesy\Desktop\images.jpg
[2012/07/04 22:34:02 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/07/04 14:53:27 | 000,016,624 | ---- | M] () -- C:\Users\Alsenbesy\Desktop\BlackLifestyleLeather_large.jpg
[2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/06/29 20:50:55 | 000,001,409 | ---- | M] () -- C:\Users\Alsenbesy\Desktop\Spybot - Search & Destroy.lnk
[2012/06/28 03:19:09 | 000,010,752 | ---- | M] () -- C:\Users\Alsenbesy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/28 02:49:08 | 000,012,135 | ---- | M] () -- C:\Users\Alsenbesy\Desktop\SevereUlcerative_Colitis12.jpg
[2012/06/28 02:48:25 | 000,007,604 | ---- | M] () -- C:\Users\Alsenbesy\Desktop\100802173715.jpg
[2012/06/28 02:46:36 | 000,026,264 | ---- | M] () -- C:\Users\Alsenbesy\Desktop\150px-cd_colitis_2.jpg
[12 C:\Users\Alsenbesy\Desktop\*.tmp files -> C:\Users\Alsenbesy\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/07/17 21:54:40 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/07/16 22:52:41 | 000,004,222 | ---- | C] () -- C:\Users\Alsenbesy\Desktop\20452_1243355999133_624243_n.jpg
[2012/07/16 02:03:40 | 000,012,067 | ---- | C] () -- C:\Users\Alsenbesy\Desktop\534545_391137150951110_1905478023_n.jpg
[2012/07/16 02:02:49 | 000,014,245 | ---- | C] () -- C:\Users\Alsenbesy\Desktop\165811_413173028728915_1866485103_n.jpg
[2012/07/16 01:54:42 | 000,022,551 | ---- | C] () -- C:\Users\Alsenbesy\Desktop\388982_443308129052390_1059556981_n.jpg
[2012/07/05 00:04:39 | 000,036,390 | ---- | C] () -- C:\Users\Alsenbesy\Desktop\Pancreas_07.jpg
[2012/07/05 00:01:56 | 000,003,605 | ---- | C] () -- C:\Users\Alsenbesy\Desktop\images.jpg
[2012/07/04 22:24:04 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/07/04 22:24:04 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/07/04 22:24:04 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/07/04 22:24:04 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/07/04 22:24:04 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/07/04 14:53:39 | 000,016,624 | ---- | C] () -- C:\Users\Alsenbesy\Desktop\BlackLifestyleLeather_large.jpg
[2012/07/03 22:42:12 | 000,000,987 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/06/29 20:33:00 | 000,001,409 | ---- | C] () -- C:\Users\Alsenbesy\Desktop\Spybot - Search & Destroy.lnk
[2012/06/28 02:49:11 | 000,012,135 | ---- | C] () -- C:\Users\Alsenbesy\Desktop\SevereUlcerative_Colitis12.jpg
[2012/06/28 02:48:30 | 000,007,604 | ---- | C] () -- C:\Users\Alsenbesy\Desktop\100802173715.jpg
[2012/06/28 02:46:42 | 000,026,264 | ---- | C] () -- C:\Users\Alsenbesy\Desktop\150px-cd_colitis_2.jpg
[2012/01/25 17:14:12 | 000,000,000 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Local\{3FDEB50D-5F7B-4830-9C6E-E83285D50839}
[2011/03/14 21:16:55 | 000,000,132 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Roaming\wklnhst.dat
[2011/02/20 20:45:33 | 000,000,007 | ---- | C] () -- C:\Windows\SysWow64\win.dll
[2011/02/20 20:45:32 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\Data(8).dll
[2011/02/20 20:45:32 | 000,001,583 | ---- | C] () -- C:\Windows\SysWow64\Data(6).dll
[2011/02/20 20:45:32 | 000,001,582 | ---- | C] () -- C:\Windows\SysWow64\Data(5).dll
[2011/02/20 20:45:32 | 000,000,461 | ---- | C] () -- C:\Windows\SysWow64\Data(2).dll
[2011/02/20 20:45:32 | 000,000,061 | ---- | C] () -- C:\Windows\SysWow64\Data(1).dll
[2011/02/20 20:45:32 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\Data(9).dll
[2011/02/20 20:45:32 | 000,000,003 | ---- | C] () -- C:\Windows\SysWow64\Data(4).dll
[2011/02/20 20:45:32 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\Data(10).dll
[2011/02/20 20:45:32 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Data(7).dll
[2011/01/17 21:06:20 | 000,000,097 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Local\fusioncache.dat
[2011/01/17 20:55:59 | 001,527,618 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/11/04 14:15:19 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/10/15 00:23:25 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL
[2010/10/15 00:13:05 | 000,010,752 | ---- | C] () -- C:\Users\Alsenbesy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/28 13:32:56 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\qttask.exe
[2010/09/20 10:56:03 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml
[2010/09/16 23:33:08 | 000,001,040 | ---- | C] () -- C:\Windows\Mobile Partner Manager.INI
[2008/06/23 13:02:02 | 000,097,410 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008/05/23 17:48:50 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
 
========== Files - Unicode (All) ==========
[2012/05/08 13:28:33 | 000,000,000 | ---D | M](C:\Users\Alsenbesy\Desktop\??? ???????) -- C:\Users\Alsenbesy\Desktop\ملف الترقية
[2012/05/08 13:13:54 | 000,000,000 | ---D | C](C:\Users\Alsenbesy\Desktop\??? ???????) -- C:\Users\Alsenbesy\Desktop\ملف الترقية
[2012/03/29 13:34:39 | 000,000,000 | ---D | M](C:\Users\Alsenbesy\Desktop\????? ???????) -- C:\Users\Alsenbesy\Desktop\دمحمد السنبسى
[2012/03/19 12:12:14 | 000,000,000 | ---D | C](C:\Users\Alsenbesy\Desktop\????? ???????) -- C:\Users\Alsenbesy\Desktop\دمحمد السنبسى
[2012/03/19 04:00:39 | 000,549,376 | ---- | C] ()(C:\Users\Alsenbesy\Documents\?????.doc) -- C:\Users\Alsenbesy\Documents\دمحمد.doc
[2012/01/24 13:44:34 | 000,549,376 | ---- | M] ()(C:\Users\Alsenbesy\Documents\?????.doc) -- C:\Users\Alsenbesy\Documents\دمحمد.doc
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >
--- --- ---
Antwort
Seite 1 von 2 1 2

Themen zu Dringend 80 Viren
a.exe, administrator, autostart, b.exe, computer, dateien, desktop.ini, explorer, explorer.exe, heuristiks/extra, heuristiks/shuriken, hijack.shell, langsamer, malware.gen, malwarebytes, speicher, trojan.agent.h, trojan.btsoft.gen, trojan.downloader, trojan.fakems, trojan.jusched, trojan.spammer, worm.autorun, worm.autorun.b


« incredibar my start blockiert firefox tab | Mehrere Trojaner/Viren entfernen?, Internet funktioniert nicht »


Ähnliche Themen: Dringend 80 Viren


  1. Acer Windows 7-Rechner * Befall von Viren und Trojanern? * Antivir Rescue CD beseitigt Viren/Trojanernicht
    Plagegeister aller Art und deren Bekämpfung - 14.12.2014 (15)
  2. Jeder Viren chutz erkennt bei normalen Programmen über 300 Viren auf meinem PC
    Log-Analyse und Auswertung - 01.08.2013 (9)
  3. Jeder Viren Schutz erkennt bei normalen Programmen über 300 Viren auf meinem PC
    Mülltonne - 31.07.2013 (1)
  4. These: Avira installiert eigene Viren bzw. parallel AV-Programme, die Viren enthalten ...
    Antiviren-, Firewall- und andere Schutzprogramme - 13.05.2013 (7)
  5. 74 Viren gefunden, Firewall down, 95p und Media.. Viren
    Plagegeister aller Art und deren Bekämpfung - 29.12.2011 (1)
  6. Java-Viren, dringend
    Log-Analyse und Auswertung - 19.07.2010 (5)
  7. Viren befall kein viren programm geht
    Plagegeister aller Art und deren Bekämpfung - 06.01.2010 (22)
  8. Viren....Hilfe...überall Viren....
    Mülltonne - 04.11.2008 (0)
  9. POPUPS und VERSCHIEDENE VIREN VIREN UND TROJANER !
    Mülltonne - 10.10.2008 (0)
  10. infiziert mit Trojanern und Viren; brauche dringend Hilfe
    Plagegeister aller Art und deren Bekämpfung - 26.05.2008 (1)
  11. Viren!! brauch dringend hilfe
    Mülltonne - 23.01.2008 (1)
  12. Woher kommen so viele Viren ? Hilfe dringend gesucht..
    Plagegeister aller Art und deren Bekämpfung - 02.01.2008 (0)
  13. Viren bekämpfen ohne Anti Viren Programm
    Plagegeister aller Art und deren Bekämpfung - 28.11.2007 (22)
  14. Brauche dringend Hilfe!Habe mit hoher Wahrscheinlichkeit Viren eingefangen!
    Log-Analyse und Auswertung - 20.08.2007 (2)
  15. War eine ganze Weile fei von Viren aber jetzt habe ich Viren Bursters !!!
    Log-Analyse und Auswertung - 17.12.2006 (1)
  16. kaspersky findet angeblich viren ind java dateien - sind es wirklich viren ?
    Plagegeister aller Art und deren Bekämpfung - 22.08.2005 (6)
  17. Dringend!!!! Verdacht auf Viren!!!
    Log-Analyse und Auswertung - 17.09.2004 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Dringend 80 Viren - Hallo Mein Computer ist seit ein paar Tagen langsamer geworden. Ich habe Malwarebytes laufen lassen und das Programm hat 80! Viren und Trojaner gefunden. Eine Logdatei gibt es. Was ist - Dringend 80 Viren...
Archiv
Du betrachtest: Dringend 80 Viren auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130