Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Ukash-Trojaner auf französisch!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 22.09.2012, 12:51   #1
Leezchen
 
Ukash-Trojaner auf französisch! - Standard

Ukash-Trojaner auf französisch!



Halloooo,

ich habe einen Laptop mit Vista drauf und nun auch diesen Ukash-Trojaner, der mir alles in französisch anzeigt.

Ich habe die notwendiges files erstellt und hoffe dass ihr mir helfen könnt denn es wäre sehr dringend da ich grade mitten im abschluss meiner forschungsarbeit stecke....
die notwendigen daten habe ich bereits gesichert.

liebe grüße
lisa

Malwarebytes Anti-Malware (Test) 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.22.03

Windows Vista x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 7.0.6000.16982
Lisa :: SUNNY [Administrator]

Schutz: Deaktiviert

22.09.2012 12:10:54
mbam-log-2012-09-22 (13-06-03).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 377601
Laufzeit: 54 Minute(n), 2 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 7
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\System Progressive Protection (Trojan.LameShield) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Keine Aktion durchgeführt.
HKCR\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> Keine Aktion durchgeführt.
HKCR\ToolBand.XTTBPos00.1 (Trojan.BHO) -> Keine Aktion durchgeführt.
HKCR\ToolBand.XTTBPos00 (Trojan.BHO) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|595D5536B32A2DA9002A595D2B075B52 (Trojan.LameShield) -> Daten: C:\ProgramData\595D5536B32A2DA9002A595D2B075B52\595D5536B32A2DA9002A595D2B075B52.exe -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 2
HKCR\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32| (Trojan.0Access) -> Bösartig: (C:\$Recycle.Bin\S-1-5-18\$4a3626ea289aa41a16b8c930aaad1b09\n.) Gut: (fastprox.dll) -> Keine Aktion durchgeführt.
HKCR\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\InProcServer32| (Trojan.0Access) -> Bösartig: (C:\$Recycle.Bin\S-1-5-21-1286297480-2126307865-3878806651-1000\$4a3626ea289aa41a16b8c930aaad1b09\n.) Gut: (shell32.dll) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 1
C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Progressive Protection (Rogue.SystemProgressiveProtection) -> Keine Aktion durchgeführt.

Infizierte Dateien: 12
C:\ProgramData\595D5536B32A2DA9002A595D2B075B52\595D5536B32A2DA9002A595D2B075B52.exe (Trojan.LameShield) -> Keine Aktion durchgeführt.
C:\$Recycle.Bin\S-1-5-18\$4a3626ea289aa41a16b8c930aaad1b09\n (Trojan.0Access) -> Keine Aktion durchgeführt.
C:\$Recycle.Bin\S-1-5-18\$4a3626ea289aa41a16b8c930aaad1b09\U\00000001.@ (Trojan.0Access) -> Keine Aktion durchgeführt.
C:\$Recycle.Bin\S-1-5-18\$4a3626ea289aa41a16b8c930aaad1b09\U\80000000.@ (Trojan.0Access) -> Keine Aktion durchgeführt.
C:\$Recycle.Bin\S-1-5-18\$4a3626ea289aa41a16b8c930aaad1b09\U\800000cb.@ (Trojan.0Access) -> Keine Aktion durchgeführt.
C:\$Recycle.Bin\S-1-5-21-1286297480-2126307865-3878806651-1000\$4a3626ea289aa41a16b8c930aaad1b09\n (Trojan.0Access) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Local\Fontcore\Fontcore.exe (Spyware.Zeus) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XOL6KNUS\setup[1].exe (Trojan.Zbot) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Local\Temp\msimg32.dll (Rootkit.0Access) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Local\Temp\wpbt0.dll (Trojan.Zbot) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Desktop\System Progressive Protection.lnk (Rogue.SystemProgressiveProtection) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Progressive Protection\System Progressive Protection.lnk (Rogue.SystemProgressiveProtection) -> Keine Aktion durchgeführt.

(Ende)
________________________________________________________________




OTL logfile created on: 22.09.2012 13:07:46 - Run 1
OTL by OldTimer - Version 3.2.65.1 Folder = C:\Users\Lisa\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,70 Gb Available Physical Memory | 56,75% Memory free
6,19 Gb Paging File | 5,21 Gb Available in Paging File | 84,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 175,77 Gb Total Space | 77,37 Gb Free Space | 44,02% Space Free | Partition Type: NTFS
Drive D: | 3,74 Gb Total Space | 0,00 Gb Free Space | 0,01% Space Free | Partition Type: FAT32
Drive G: | 450,37 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: SUNNY | User Name: Lisa | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.09.22 12:16:31 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe
PRC - [2012.09.10 16:58:16 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2012.09.07 17:04:44 | 000,981,656 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012.07.31 17:28:16 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2006.11.02 14:36:04 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe


========== Modules (No Company Name) ==========

MOD - [2012.07.31 17:28:15 | 002,003,424 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2011.11.29 21:29:08 | 006,276,768 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2007.09.20 18:34:58 | 000,129,024 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (CLTNetCnService)
SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.07.31 17:28:15 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.05.01 16:16:50 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.07.04 23:32:45 | 000,428,200 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2011.07.04 23:32:45 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.05.01 14:09:05 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.09.30 12:27:24 | 002,397,512 | ---- | M] (O&O Software GmbH) [Auto | Stopped] -- C:\Programme\OO Software\Defrag\oodag.exe -- (OODefragAgent)
SRV - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () [Auto | Stopped] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008.11.04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.10.27 02:17:00 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007.10.25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007.10.18 11:31:54 | 000,098,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2007.09.20 19:52:32 | 000,079,136 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2007.08.28 17:27:12 | 000,131,072 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2007.08.28 17:27:10 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2007.08.14 21:05:18 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007.06.28 09:53:04 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2007.06.28 09:52:48 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2007.06.20 16:35:06 | 002,523,136 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2007.06.20 16:34:52 | 000,499,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2007.06.20 16:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP)
SRV - [2007.06.20 16:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP)
SRV - [2007.06.20 16:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP)
SRV - [2007.06.20 16:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP)
SRV - [2007.01.10 17:51:06 | 000,745,472 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2007.01.04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Stopped] -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006.12.14 03:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006.12.14 03:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006.12.14 02:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006.11.02 14:36:04 | 000,895,488 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.12.01 15:27:00 | 000,053,248 | ---- | M] (GEAR Software) [Auto | Stopped] -- C:\Windows\System32\gearsec.exe -- (gearsec)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vpnva.sys -- (vpnva)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbfake.sys -- (hwusbfake)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.09.22 12:10:41 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.08.28 02:32:09 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.08.02 18:38:44 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2011.07.04 23:32:46 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.04 23:32:46 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.06.22 21:01:00 | 000,112,128 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.06.22 20:38:22 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.06.22 20:26:04 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.06.18 17:49:16 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2007.10.30 02:33:23 | 007,115,072 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007.10.30 02:00:32 | 000,075,008 | ---- | M] (Ricoh) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2007.10.30 02:00:32 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2007.10.27 02:17:08 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007.10.05 02:02:21 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.09.19 14:38:18 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007.09.19 05:29:09 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.08.29 03:58:45 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2007.06.10 02:12:18 | 000,140,800 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007.06.06 02:00:39 | 000,812,544 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007.04.17 21:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2007.02.13 20:06:36 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {54AD2F42-E765-4130-BB75-30059D868F74}
IE - HKLM\..\SearchScopes\{54AD2F42-E765-4130-BB75-30059D868F74}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://partnerpage.google.com/eu.s [Binary data over 200 bytes]
IE - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://partnerpage.google.com/eu.s [Binary data over 200 bytes]
IE - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?AF=109989&babsrc=HP_ss&mntrId=2a2f2da9000000000000001f3b28a5a9
IE - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=109989&babsrc=SP_ss&mntrId=2a2f2da9000000000000001f3b28a5a9
IE - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\..\SearchScopes\{54AD2F42-E765-4130-BB75-30059D868F74}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SNYK_en
IE - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = hxxp://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=DVS
IE - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..extensions.enabledAddons: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.1.9
FF - prefs.js..extensions.enabledAddons: {800b5000-a755-47e1-992b-48a1c1357f07}:1.5.3
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10
FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: toolbar@ask.com:3.15.4.100015
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.2.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.14.1.100010
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.06.05 12:41:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.31 17:28:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.27 11:55:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.31 17:28:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.27 11:55:05 | 000,000,000 | ---D | M]

[2008.06.24 12:03:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\mozilla\Extensions
[2012.09.20 13:53:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\otyxfm3a.default\extensions
[2010.10.26 10:36:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\otyxfm3a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.07.26 13:32:04 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\otyxfm3a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.05.24 10:11:03 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\otyxfm3a.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.03.17 17:25:07 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\otyxfm3a.default\extensions\ffxtlbr@babylon.com
[2012.09.20 13:53:31 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\otyxfm3a.default\extensions\ich@maltegoetz.de
[2009.09.14 16:32:58 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\otyxfm3a.default\extensions\moveplayer@movenetworks.com
[2012.09.20 13:53:45 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\otyxfm3a.default\extensions\toolbar@ask.com
[2012.07.26 13:21:21 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2008.11.29 16:43:29 | 000,000,681 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\ask.xml
[2012.09.21 12:42:54 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-1.xml
[2011.09.05 13:59:36 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-10.xml
[2011.09.08 10:37:12 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-11.xml
[2011.09.29 19:40:52 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-12.xml
[2011.11.10 14:52:05 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-13.xml
[2011.11.25 00:23:48 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-14.xml
[2012.01.30 22:59:31 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-15.xml
[2012.02.11 00:48:45 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-16.xml
[2012.03.08 23:44:31 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-17.xml
[2012.03.15 13:10:00 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-18.xml
[2012.03.17 16:31:31 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-19.xml
[2010.11.02 11:28:28 | 000,000,961 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-2.xml
[2012.04.02 18:16:55 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-20.xml
[2012.06.05 11:21:26 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-21.xml
[2012.07.01 16:53:05 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-22.xml
[2012.07.01 22:47:49 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-23.xml
[2012.07.31 11:28:00 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-24.xml
[2012.08.01 15:56:58 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-25.xml
[2011.03.09 15:13:23 | 000,000,961 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-3.xml
[2011.03.15 19:13:20 | 000,000,961 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-4.xml
[2011.03.27 21:13:28 | 000,000,961 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-5.xml
[2011.05.03 12:38:07 | 000,000,961 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-6.xml
[2011.06.28 22:23:04 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-7.xml
[2011.07.05 00:20:45 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-8.xml
[2011.07.11 21:38:47 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin-9.xml
[2010.06.21 17:35:24 | 000,001,042 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\otyxfm3a.default\searchplugins\icqplugin.xml
[2012.03.15 12:35:32 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.07.31 17:28:16 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.03.13 07:23:34 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.17 17:22:15 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.03.13 07:06:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.03.13 07:23:34 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.13 07:23:34 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.13 07:23:34 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.13 07:23:34 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - default_search_provider: ICQ Search ()
CHR - default_search_provider: search_url = hxxp://search.icq.com/search/results/?q={searchTerms}&ch_id=icq-fx-plug
CHR - default_search_provider: suggest_url =

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Programme\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000..\RunOnce: [595D5536B32A2DA9002A595D2B075B52] C:\ProgramData\595D5536B32A2DA9002A595D2B075B52\595D5536B32A2DA9002A595D2B075B52.exe ()
O4 - Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fontcore.lnk = C:\Users\Lisa\AppData\Local\Fontcore\Fontcore.exe ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = [binary data]
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Lisa\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Lisa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: HP Sammelmappe - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Intelligente Auswahl - {700259D7-1666-479a-93B1-3250410481E8} - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (JavaBeansBridge Object)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 vpnweb.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3AB6A73D-12EF-4A7A-9E9F-7ED55578B29D}: DhcpNameServer = 193.189.244.225 193.189.244.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A001A87-FEFE-410D-AA11-05202DFB62A5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9EAC5AAE-E66E-459A-9EEB-AC7605986802}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-1286297480-2126307865-3878806651-1000 Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.04.12 02:50:34 | 000,024,576 | R--- | M] () - G:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2003.07.15 14:27:56 | 000,000,027 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{08cca82e-980d-11e0-a951-8dbc19feed0d}\Shell - "" = AutoRun
O33 - MountPoints2\{08cca82e-980d-11e0-a951-8dbc19feed0d}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2005.04.12 02:50:34 | 000,024,576 | R--- | M] ()
O33 - MountPoints2\{6c12259d-8467-11e0-8f6e-c622d58d9a2c}\Shell - "" = AutoRun
O33 - MountPoints2\{6c12259d-8467-11e0-8f6e-c622d58d9a2c}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2005.04.12 02:50:34 | 000,024,576 | R--- | M] ()
O33 - MountPoints2\{71fb26a6-f62f-11df-a3b7-b687a06e610f}\Shell - "" = AutoRun
O33 - MountPoints2\{71fb26a6-f62f-11df-a3b7-b687a06e610f}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2005.04.12 02:50:34 | 000,024,576 | R--- | M] ()
O33 - MountPoints2\{8a06f765-e1ac-11df-beae-f5f873741ce9}\Shell - "" = AutoRun
O33 - MountPoints2\{8a06f765-e1ac-11df-beae-f5f873741ce9}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{9be1e2bf-e068-11df-aeab-b8bc4ce9a308}\Shell - "" = AutoRun
O33 - MountPoints2\{9be1e2bf-e068-11df-aeab-b8bc4ce9a308}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{9be1e2cc-e068-11df-aeab-f105d078c38b}\Shell - "" = AutoRun
O33 - MountPoints2\{9be1e2cc-e068-11df-aeab-f105d078c38b}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{9be59dbe-e5d9-11df-89f5-9a052d99fbab}\Shell - "" = AutoRun
O33 - MountPoints2\{9be59dbe-e5d9-11df-89f5-9a052d99fbab}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{b9a35c86-f7a9-11df-a07e-f761237d4dad}\Shell - "" = AutoRun
O33 - MountPoints2\{b9a35c86-f7a9-11df-a07e-f761237d4dad}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2005.04.12 02:50:34 | 000,024,576 | R--- | M] ()
O33 - MountPoints2\{d513707b-41bd-11dd-a7a6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d513707b-41bd-11dd-a7a6-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AUTORUN.EXE
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\autorun.exe -- [2005.04.12 02:50:34 | 000,024,576 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012.09.22 12:16:30 | 000,600,576 | ---- | C] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe
[2012.09.22 12:10:02 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.09.22 12:10:02 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Malwarebytes
[2012.09.22 12:09:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.22 12:09:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.22 12:09:51 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.09.22 12:09:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.09.22 12:09:12 | 010,524,080 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Lisa\Desktop\mbam-setup-1.65.0.1400.exe
[2012.09.22 01:38:40 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Progressive Protection
[2012.09.22 01:37:37 | 000,000,000 | --SD | C] -- C:\Users\Lisa\AppData\Local\Fontcore
[2012.09.22 01:37:35 | 000,000,000 | ---D | C] -- C:\ProgramData\595D5536B32A2DA9002A595D2B075B52
[2012.09.20 17:17:32 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2012.09.20 17:17:32 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2012.09.20 17:17:13 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\TuneUp Software
[2012.09.20 17:16:58 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2012
[2012.09.20 17:16:54 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012.09.20 17:16:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.09.20 17:16:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.09.20 13:47:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2012.09.20 13:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.09.20 13:44:12 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.09.20 13:44:03 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.09.20 13:44:03 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012.09.12 09:20:33 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\AnnasStick
[2011.07.05 22:10:40 | 001,681,426 | ---- | C] (Frank Böpple ) -- C:\Users\Lisa\setup.exe
[2009.06.05 20:17:04 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Lisa\AppData\Roaming\pcouffin.sys
[5 C:\Users\Lisa\Documents\*.tmp files -> C:\Users\Lisa\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.09.22 12:37:26 | 000,008,944 | ---- | M] () -- C:\Users\Lisa\AppData\Local\d3d9caps.dat
[2012.09.22 12:16:31 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe
[2012.09.22 12:10:41 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.09.22 12:09:53 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.22 12:09:22 | 010,524,080 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Lisa\Desktop\mbam-setup-1.65.0.1400.exe
[2012.09.22 11:47:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.22 11:47:07 | 000,468,292 | ---- | M] () -- C:\Windows\System32\oodbs.lor
[2012.09.22 09:47:31 | 000,194,112 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\nvModes.001
[2012.09.22 09:46:58 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.22 09:46:58 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.22 01:47:28 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.09.22 01:38:40 | 000,002,045 | ---- | M] () -- C:\Users\Lisa\Desktop\System Progressive Protection.lnk
[2012.09.21 15:38:41 | 000,237,230 | ---- | M] () -- C:\Users\Lisa\Documents\neueMaske_Lisa_Juli2012.sav
[2012.09.20 18:45:46 | 322,296,417 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.09.20 17:27:32 | 009,344,584 | ---- | M] () -- C:\Users\Lisa\Desktop\Marteria, Yasha & Miss Platnum - Lila Wolken.m4r.mp3
[2012.09.20 13:46:09 | 000,001,697 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.09.17 10:16:58 | 000,641,344 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.09.17 10:16:58 | 000,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.09.17 10:16:58 | 000,116,706 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.09.17 10:16:58 | 000,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.09.12 09:50:45 | 000,043,520 | ---- | M] () -- C:\Users\Lisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[5 C:\Users\Lisa\Documents\*.tmp files -> C:\Users\Lisa\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.09.22 12:09:53 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.22 01:38:40 | 000,002,045 | ---- | C] () -- C:\Users\Lisa\Desktop\System Progressive Protection.lnk
[2012.09.20 17:31:09 | 009,344,584 | ---- | C] () -- C:\Users\Lisa\Desktop\Marteria, Yasha & Miss Platnum - Lila Wolken.m4r.mp3
[2012.09.20 17:17:30 | 000,001,910 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2012.09.20 13:46:09 | 000,001,697 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.09.12 09:30:08 | 000,033,264 | ---- | C] () -- C:\Users\Lisa\Desktop\32_fZf7VxwwP0c4eav.jpg
[2012.07.26 14:05:03 | 109,426,774 | ---- | C] () -- C:\Users\Lisa\MALLORCA.cpr
[2011.11.25 23:36:18 | 000,001,122 | ---- | C] () -- C:\Users\Lisa\Bildbestellung.html
[2011.11.25 17:47:11 | 052,737,289 | ---- | C] () -- C:\Users\Lisa\basti fotobuch.cpr
[2011.11.25 13:48:58 | 049,448,513 | ---- | C] () -- C:\Users\Lisa\FOTObasti2.cpr
[2011.11.25 13:48:38 | 049,448,461 | ---- | C] () -- C:\Users\Lisa\FOTOBASTI.cpr
[2011.07.05 22:10:40 | 000,425,984 | ---- | C] () -- C:\Users\Lisa\Kalo4.mdb
[2011.07.05 22:10:40 | 000,000,187 | ---- | C] () -- C:\Users\Lisa\File_Id.diz
[2010.09.25 17:15:49 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth2.dll
[2010.09.25 17:15:49 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth1.dll
[2010.09.25 17:15:49 | 000,000,100 | ---- | C] () -- C:\Windows\System32\prsgrc.dll
[2010.09.25 17:10:03 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2010.09.25 17:10:03 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2009.11.17 15:01:56 | 000,005,097 | ---- | C] () -- C:\ProgramData\hsqvmxbo.uxh
[2009.06.05 20:17:04 | 000,087,608 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\inst.exe
[2009.06.05 20:17:04 | 000,007,887 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\pcouffin.cat
[2009.06.05 20:17:04 | 000,001,144 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\pcouffin.inf
[2008.06.30 12:53:10 | 000,000,324 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\NMM-MetaData.db
[2008.06.24 09:43:14 | 000,043,520 | ---- | C] () -- C:\Users\Lisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.06.24 09:34:43 | 000,008,944 | ---- | C] () -- C:\Users\Lisa\AppData\Local\d3d9caps.dat
[2008.06.24 09:34:33 | 000,194,112 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\nvModes.dat
[2008.06.24 09:34:33 | 000,194,112 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\nvModes.001

========== ZeroAccess Check ==========

[2008.01.09 18:02:03 | 000,000,000 | ---D | M] -- C:\Users\All Users\Sony Corporation\SonicStage Mastering Studio\Audio Filter\Data\Image\Chainer\EffectConnect\bt_input\L
[2008.01.09 18:02:03 | 000,000,000 | ---D | M] -- C:\Users\All Users\Sony Corporation\SonicStage Mastering Studio\Audio Filter\Data\Image\Chainer\EffectConnect\bt_output_Off\L
[2008.01.09 18:02:03 | 000,000,000 | ---D | M] -- C:\Users\All Users\Sony Corporation\SonicStage Mastering Studio\Audio Filter\Data\Image\Chainer\EffectConnect\bt_output_On\L
[2008.01.09 18:02:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Sony Corporation\SonicStage Mastering Studio\Audio Filter\Data\Image\Chainer\EffectConnect\bt_output_On_Inactive\L
[2008.01.09 18:01:26 | 000,000,000 | ---D | M] -- C:\Users\All Users\Sony Corporation\SonicStage Mastering Studio\Data\Image\Chainer\EffectConnect\bt_input\L
[2008.01.09 18:01:26 | 000,000,000 | ---D | M] -- C:\Users\All Users\Sony Corporation\SonicStage Mastering Studio\Data\Image\Chainer\EffectConnect\bt_output_Off\L
[2008.01.09 18:01:27 | 000,000,000 | ---D | M] -- C:\Users\All Users\Sony Corporation\SonicStage Mastering Studio\Data\Image\Chainer\EffectConnect\bt_output_On\L
[2008.01.09 18:01:27 | 000,000,000 | ---D | M] -- C:\Users\All Users\Sony Corporation\SonicStage Mastering Studio\Data\Image\Chainer\EffectConnect\bt_output_On_Inactive\L
[2009.02.13 12:16:45 | 000,000,219 | ---- | M] () -- C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L7MJ5H94\l
[2011.05.02 22:19:13 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\LocalLow\Microsoft\Silverlight\is\vgnfz25o.bof\ekxivelt.icw\1\l
[2012.06.20 13:12:58 | 000,000,076 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\otyxfm3a.default\extensions\toolbar@ask.com\chrome\skin\l.png
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

========== LOP Check ==========

[2012.03.17 17:22:05 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Babylon
[2010.10.25 21:20:47 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Bytemobile
[2011.08.28 02:33:41 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\DAEMON Tools Lite
[2012.09.20 17:15:30 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\DVDVideoSoft
[2012.07.31 17:23:38 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.05.22 22:37:33 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\ICQ
[2008.08.06 09:54:43 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\ICQ Toolbar
[2008.06.24 20:03:57 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\InterVideo
[2008.10.23 17:23:10 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\KRyLack Password Decryptor
[2009.04.05 13:41:25 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Meebo
[2009.11.17 15:02:32 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\MOVAVI
[2008.06.30 12:53:10 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Nokia
[2009.05.04 23:57:04 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Nokia Multimedia Player
[2012.09.20 17:15:29 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\OpenCandy
[2008.06.30 12:49:42 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\PC Suite
[2008.12.10 13:35:36 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\studiVZ-Fotobuch
[2008.12.02 21:17:24 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\TeamViewer
[2008.08.11 09:39:02 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Thunderbird
[2011.11.20 13:10:06 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\TS3Client
[2012.09.20 17:17:13 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\TuneUp Software
[2009.04.01 12:45:02 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\uTorrent
[2010.10.25 21:21:16 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Vodafone
[2010.10.25 21:30:00 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Vodafone Mobile Connect
[2011.03.17 15:35:42 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Vso

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2010.02.24 11:39:10 | 004,817,024 | ---- | M] ()(C:\Users\Lisa\Documents\rihanna-hard. ?.mp3) -- C:\Users\Lisa\Documents\rihanna-hard. ♥.mp3
[2010.02.24 11:39:10 | 004,817,024 | ---- | C] ()(C:\Users\Lisa\Documents\rihanna-hard. ?.mp3) -- C:\Users\Lisa\Documents\rihanna-hard. ♥.mp3

< End of report >




OTL Extras logfile created on: 22.09.2012 13:07:46 - Run 1
OTL by OldTimer - Version 3.2.65.1 Folder = C:\Users\Lisa\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,70 Gb Available Physical Memory | 56,75% Memory free
6,19 Gb Paging File | 5,21 Gb Available in Paging File | 84,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 175,77 Gb Total Space | 77,37 Gb Free Space | 44,02% Space Free | Partition Type: NTFS
Drive D: | 3,74 Gb Total Space | 0,00 Gb Free Space | 0,01% Space Free | Partition Type: FAT32
Drive G: | 450,37 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: SUNNY | User Name: Lisa | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1286297480-2126307865-3878806651-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 1
"FirewallOverride" = 0

========== Firewall Settings ==========

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc
"{009E7FB7-1775-4D89-8956-F5C9A1C019FC}" = DSD Playback Plug-in
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.2000
"{04441EE4-3631-43DB-813A-9D031380C8E5}" = MarketingReg
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{07D8511D-C9FE-4A93-933F-EAA5C8F20095}" = IDT Audio
"{09EEB39E-9CDC-4376-917A-E9AF098C40DC}" = O&O Defrag Professional
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 22
"{27835C21-47DA-4381-898C-8767145339B3}" = MixMeister Pro 6 Demo
"{28549656-3CB3-44B6-9FAB-925A18DAC796}" = VAIO Movie Story
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2B091530-69AA-442E-AB09-39ED06B58220}" = Windows Live Messenger
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{364E69C4-8E6B-4045-8822-805C4C6E8584}" = KRyLack Password Decryptor
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{4203C377-8F5B-4B3C-9096-6FC7C2CB9BC5}" = VAIO Content Metadata XML Interface Library
"{46B65150-F8AA-42F2-94FB-2729A8AE5F7E}" = SPSS Statistics 17.0
"{481463D7-E5D9-4331-B154-B75D6D3C15F8}" = Worms 3D Demo
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{4F1DCA42-2030-437C-A94E-736692A499C1}" = Nokia Connectivity Cable Driver
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{533D0A8A-D7E7-4F15-BC9E-FF2916A6BAA7}" = DSD Direct Player
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.5
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{69351E9E-23ED-41D5-B146-EDBF83C63B66}" = VAIO Content Metadata Manager Setting
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.1
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}" = Windows Live installer
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{802889F8-6AF5-45A5-9764-CA5B999E50FC}" = VAIO Power Management
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{870F1750-BA89-11DA-A94D-0800200C9A66}_is1" = VSO CopyToDVD 4
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CC68433-5837-4075-B81F-EA7E4F14CE60}" = iCloud
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95B7C0F4-7434-4DFB-B900-201BFC00C00B}" = Movavi Video Editor 4
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB83A3C-604D-4B4F-AA25-A23A3FC39844}" = ArcSoft Magic-i Visual Effects Installer
"{9C05FA75-0337-4523-AA57-9D3511018887}" = Nokia PC Suite
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{9FA8B5F5-4BDC-4CF4-9202-AA97FF79AE98}" = VAIO Media
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{AA346790-8BF2-4826-9E30-18E9BB547663}" = VAIO Content Metadata Manager Setting
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{ACA85783-8EEA-4f0a-B2A3-A8173F30209F}" = C4200_doccd
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{B09BCBF6-87EE-4403-A336-3A9510856535}" = HP Photosmart All-In-One Software 9.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5E2DF30-1061-4DB4-AF28-08996C8E5680}" = VAIO Content Metadata XML Interface Library
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Easy Media Creator Home
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BFDE4176-5DFE-4db9-AA00-8F30CB001BDA}" = c4200_Help
"{C39E671D-0528-4c5e-A034-8470C5BC393A}" = C4200
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D8B7A682-20DA-4797-8415-B1FB14D4D32B}" = PS_AIO_Software
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E28750A2-45F2-4b63-99F7-9F81A94B1E2D}" = PS_AIO_Software_min
"{E66BB7B9-EC7B-45A6-B479-AD43A9B32AA0}" = SonicStage Mastering Studio
"{E6707034-D7A4-49B1-94D0-F5AACE46F06C}" = Instant Mode
"{E86E5246-AA7E-11D4-88C9-00105ADBE398}" = O&O Defrag 2000 Freeware Edition
"{E89D31F3-7F6C-47A3-8669-0A8DDE27B664}" = VAIO Media Registration Tool
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F5397A82-641F-4643-8200-51D7F0016511}" = Click to Disc
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FD7F242B-9AA0-40c3-941E-3A9821D19C09}" = PS_AIO_ProductContext
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"5513-1208-7298-9440" = JDownloader 0.9
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"ArcSoft PhotoStudio 2000" = ArcSoft PhotoStudio 2000
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BabylonToolbar" = Babylon toolbar on IE
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows-Treiberpaket - Nokia Modem (03/05/2008 3.7)
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX-Setup
"dt icon module" =
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Windows-Treiberpaket - Nokia Modem (03/13/2008 6.86.0.1)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.8
"Free Studio_is1" = Free Studio version 4.2
"Free YouTube Download_is1" = Free YouTube Download version 3.1.31.706
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918
"gtfirstboot Setting Request" =
"Half-Life" = Half-Life
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"HPOCR" = HP OCR Software 9.0
"ICQToolbar" = ICQ Toolbar
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"KaloMa_is1" = KaloMa 4.72
"Longman iBT" = Longman iBT
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"MarketingTools" = Vaio Marketing Tools
"McAfee Security Scan" = McAfee Security Scan Plus
"MFU Module" =
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-15-19-01
"Rossmann Fotowelt Software" = Rossmann Fotowelt Software 4.9
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Sierra Utilities" = Sierra Utilities
"Steam App 240" = Counter-Strike: Source
"Steam App 260" = Counter-Strike: Source Beta
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Uninstall_is1" = Uninstall 1.0.0.1
"VAIO Help and Support" =
"VAIO_My Club VAIO" = My Club VAIO
"VAIO_Photoshop" =
"VAIO_Premiere" =
"VAIO_Standard" =
"VLC media player" = VLC media player 1.1.11
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1286297480-2126307865-3878806651-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Meebo Notifier" = Meebo Notifier
"System Progressive Protection" = System Progressive Protection

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 21.09.2012 19:45:19 | Computer Name = Sunny | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 21.09.2012 19:45:19 | Computer Name = Sunny | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 21.09.2012 19:45:19 | Computer Name = Sunny | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 21.09.2012 19:45:19 | Computer Name = Sunny | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 21.09.2012 19:45:20 | Computer Name = Sunny | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 22.09.2012 03:44:53 | Computer Name = Sunny | Source = EventSystem | ID = 4609
Description =

Error - 22.09.2012 03:47:06 | Computer Name = Sunny | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)

Error - 22.09.2012 03:49:38 | Computer Name = Sunny | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 22.09.2012 03:54:23 | Computer Name = Sunny | Source = EventSystem | ID = 4609
Description =

Error - 22.09.2012 05:48:16 | Computer Name = Sunny | Source = EventSystem | ID = 4609
Description =

[ Cisco AnyConnect VPN Client Events ]
Error - 08.01.2010 04:58:56 | Computer Name = Sunny | Source = vpnui | ID = 67108866
Description = Function: MSSaxErrorHandlerImpl::fatalError File: .\Xml\MSSaxErrorHandlerImpl.cpp
Line:
31 Invoked Function: CVCMSSaxParser Return Code: -1072897499 (0xC00CE225) Description:
WINDOWS_ERROR_CODE XML Parser fatal error: Fehler bei der Überprüfung.

Error - 08.01.2010 04:58:56 | Computer Name = Sunny | Source = vpnui | ID = 67108866
Description = Function: CCompanyLogo::GetResourcePath File: c:\temp\build\thehoff\release_2.40.272611419497-thu-17-dec-2009-22-17-25\release_2.4\gui\winxp\CompanyLogo.h
Line:
83 Invoked Function: REGKEY_QUERY_STRING_VALUE Return Code: 2 (0x00000002) Description:
Das System kann die angegebene Datei nicht finden.

Error - 08.01.2010 04:58:56 | Computer Name = Sunny | Source = vpnui | ID = 67108866
Description = Function: CCompanyLogo::GetResourcePath File: c:\temp\build\thehoff\release_2.40.272611419497-thu-17-dec-2009-22-17-25\release_2.4\gui\winxp\CompanyLogo.h
Line:
83 Invoked Function: REGKEY_QUERY_STRING_VALUE Return Code: 2 (0x00000002) Description:
Das System kann die angegebene Datei nicht finden.

Error - 08.01.2010 04:58:56 | Computer Name = Sunny | Source = vpnui | ID = 67108866
Description = Function: CCompanyLogo::GetResourcePath File: c:\temp\build\thehoff\release_2.40.272611419497-thu-17-dec-2009-22-17-25\release_2.4\gui\winxp\CompanyLogo.h
Line:
83 Invoked Function: REGKEY_QUERY_STRING_VALUE Return Code: 2 (0x00000002) Description:
Das System kann die angegebene Datei nicht finden.

Error - 08.01.2010 04:58:57 | Computer Name = Sunny | Source = vpnui | ID = 67108866
Description = Function: CSocketTransport::connectTransport File: .\IPC\SocketTransport.cpp
Line:
766 Invoked Function: ::WSAConnect Return Code: 10061 (0x0000274D) Description: Es
konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung
verweigerte.

Error - 08.01.2010 04:58:57 | Computer Name = Sunny | Source = vpnui | ID = 67108866
Description = Function: CIpcTransport::connectIpc File: .\IPC\IPCTransport.cpp Line:
246 Invoked Function: CSocketTransport::connectTransport Return Code: -31522804 (0xFE1F000C)
Description:
SOCKETTRANSPORT_ERROR_CONNECT

Error - 08.01.2010 04:58:57 | Computer Name = Sunny | Source = vpnui | ID = 67108866
Description = Function: CIpcTransport::terminateIpcConnection File: .\IPC\IPCTransport.cpp
Line:
385 Invoked Function: CSocketTransport::writeSocketBlocking Return Code: -31522783
(0xFE1F0021) Description: SOCKETTRANSPORT_ERROR_NOT_CONNECTED

Error - 08.01.2010 04:58:57 | Computer Name = Sunny | Source = vpnui | ID = 67108866
Description = Function: ApiIpc::initIpc File: .\ApiIpc.cpp Line: 165 Invoked Function:
CIpcTransport::connectIpc Return Code: -31522804 (0xFE1F000C) Description: SOCKETTRANSPORT_ERROR_CONNECT


Error - 08.01.2010 04:58:57 | Computer Name = Sunny | Source = vpnui | ID = 67108866
Description = Function: ClientIfcBase::attach File: .\ClientIfcBase.cpp Line: 347 Invoked
Function: ClientIfcBase :: attach Return Code: -33554423 (0xFE000009) Description:
GLOBAL_ERROR_UNEXPECTED Client failed to attach.

Error - 08.01.2010 04:58:57 | Computer Name = Sunny | Source = vpnui | ID = 67108866
Description = Function: CMainFrame::OnCreate File: .\mainfrm.cpp Line: 165 Invoked
Function: ClienfIfc::attach Return Code: -33554423 (0xFE000009) Description: GLOBAL_ERROR_UNEXPECTED


[ OSession Events ]
Error - 09.11.2008 12:09:17 | Computer Name = Sunny | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 16732
seconds with 660 seconds of active time. This session ended with a crash.

Error - 05.01.2009 18:53:41 | Computer Name = Sunny | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 50531
seconds with 1560 seconds of active time. This session ended with a crash.

Error - 19.02.2009 14:52:59 | Computer Name = Sunny | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 34945
seconds with 1440 seconds of active time. This session ended with a crash.

Error - 19.04.2009 17:43:24 | Computer Name = Sunny | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 34764
seconds with 3900 seconds of active time. This session ended with a crash.

Error - 03.07.2011 14:54:16 | Computer Name = Sunny | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 10338
seconds with 2100 seconds of active time. This session ended with a crash.

Error - 13.07.2011 02:17:16 | Computer Name = Sunny | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4234
seconds with 780 seconds of active time. This session ended with a crash.

Error - 01.09.2011 03:21:43 | Computer Name = Sunny | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2001
seconds with 1080 seconds of active time. This session ended with a crash.

Error - 29.11.2011 11:40:58 | Computer Name = Sunny | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4017
seconds with 1860 seconds of active time. This session ended with a crash.

Error - 06.03.2012 18:38:52 | Computer Name = Sunny | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14631
seconds with 1380 seconds of active time. This session ended with a crash.

Error - 19.09.2012 12:06:57 | Computer Name = Sunny | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 771
seconds with 720 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 22.09.2012 05:48:16 | Computer Name = Sunny | Source = DCOM | ID = 10005
Description =

Error - 22.09.2012 05:48:18 | Computer Name = Sunny | Source = DCOM | ID = 10005
Description =

Error - 22.09.2012 05:48:36 | Computer Name = Sunny | Source = Service Control Manager | ID = 7001
Description =

Error - 22.09.2012 05:48:36 | Computer Name = Sunny | Source = Service Control Manager | ID = 7001
Description =

Error - 22.09.2012 05:48:36 | Computer Name = Sunny | Source = Service Control Manager | ID = 7001
Description =

Error - 22.09.2012 05:48:36 | Computer Name = Sunny | Source = Service Control Manager | ID = 7001
Description =

Error - 22.09.2012 05:48:36 | Computer Name = Sunny | Source = Service Control Manager | ID = 7026
Description =

Error - 22.09.2012 05:48:36 | Computer Name = Sunny | Source = DCOM | ID = 10005
Description =

Error - 22.09.2012 06:36:22 | Computer Name = Sunny | Source = DCOM | ID = 10005
Description =

Error - 22.09.2012 06:36:22 | Computer Name = Sunny | Source = DCOM | ID = 10005
Description =


< End of report >

Alt 22.09.2012, 13:38   #2
markusg
/// Malware-holic
 
Ukash-Trojaner auf französisch! - Standard

Ukash-Trojaner auf französisch!



hi
da bist ja auch mal, sorry, echt selbst schuld drann.
warum hat dieses betriebssystem noch nie updates gesehen???

wenn du onlinebanking machst, rufe bitte die bank an, notfall nummer:
116 116
lasse es sperren wegen des rootkits.zero access.
da man dieses nicht 100 %ig sicher los wird:
der pc muss neu aufgesetzt und dann abgesichert werden
1. Datenrettung:2. Formatieren, Windows neu instalieren:3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________

__________________

Alt 22.09.2012, 13:57   #3
Leezchen
 
Ukash-Trojaner auf französisch! - Standard

Ukash-Trojaner auf französisch!



hallo, vielen dank für die antwort.

zu 1. datenrettung, ich bin im abgesicherten modus und wie dort beschrieben, kann ich autorun nicht ausschalten. habe windows vista drauf aber damit gehts nicht.

zu 2. ich habe keine windows cd. habe einen vaio sony laptop.


tut mir leid, ich hab da einfach keine ahnung von
__________________

Alt 22.09.2012, 17:21   #4
markusg
/// Malware-holic
 
Ukash-Trojaner auf französisch! - Standard

Ukash-Trojaner auf französisch!



autorun geht zu deaktivieren, versuche es entweder per programm, oder über services.msc, oder per systemsteuerung, da sind ja einige methoden beschrieben :-)
wegen der formatierung, das geht trotzdem, melde dich dann nach der datensicherung.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Ukash-Trojaner auf französisch!
32 bit, antivir, avira, avira searchfree toolbar, babylon toolbar, babylontoolbar, bka-trojaner, bonjour, browser, converter, desktop, dringend, error, excel, failed, fatal error, firefox, flash player, helper, home, install.exe, jdownloader, logfile, mozilla, mp3, nodrives, office 2007, picasa, plug-in, progressive, progressive protection, recycle.bin, registry, rogue.systemprogressiveprotection, rundll, safer networking, scan, security, sierra, software, symantec, system progressive protection.lnk, teamspeak, trojaner, ukash, vista




Ähnliche Themen: Ukash-Trojaner auf französisch!


  1. Suche Plugins oder andere für den Import in Notepad++ wichtige Daten für Einzelsprachen wie Deutsch, Französisch usw.
    Diskussionsforum - 26.02.2015 (1)
  2. GVU Trojaner hat Windows 7 gesperrt - Webcam - paysafecard oder ukash - Trojaner-Board
    Plagegeister aller Art und deren Bekämpfung - 26.06.2013 (3)
  3. Ukash-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 08.11.2012 (12)
  4. Ukash GVU Trojaner
    Plagegeister aller Art und deren Bekämpfung - 03.11.2012 (11)
  5. UKASH BKA-Trojaner
    Log-Analyse und Auswertung - 01.11.2012 (22)
  6. Ukash-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 21.10.2012 (2)
  7. Ukash Trojaner 2.07
    Log-Analyse und Auswertung - 20.10.2012 (13)
  8. BKA Trojaner, Ukash
    Plagegeister aller Art und deren Bekämpfung - 22.08.2012 (7)
  9. Ukash Trojaner..
    Plagegeister aller Art und deren Bekämpfung - 14.08.2012 (16)
  10. Ukash Trojaner 100€
    Plagegeister aller Art und deren Bekämpfung - 05.08.2012 (1)
  11. Win 7: BKA Trojaner - Ukash
    Plagegeister aller Art und deren Bekämpfung - 26.07.2012 (16)
  12. (2x) UKash Trojaner 100€
    Mülltonne - 21.05.2012 (1)
  13. BKA-trojaner, ukash
    Log-Analyse und Auswertung - 20.01.2012 (10)
  14. Ukash-BKA Trojaner
    Log-Analyse und Auswertung - 06.05.2011 (68)
  15. Ukash - BKA - Trojaner
    Log-Analyse und Auswertung - 02.05.2011 (25)
  16. BKA-Ukash-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 29.04.2011 (3)

Zum Thema Ukash-Trojaner auf französisch! - Halloooo, ich habe einen Laptop mit Vista drauf und nun auch diesen Ukash-Trojaner, der mir alles in französisch anzeigt. Ich habe die notwendiges files erstellt und hoffe dass ihr mir - Ukash-Trojaner auf französisch!...
Archiv
Du betrachtest: Ukash-Trojaner auf französisch! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.