Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
unerwünschtes Programm 'TR/Agent.qazy.1472'

unerwünschtes Programm 'TR/Agent.qazy.1472'


Log-Analyse und Auswertung: unerwünschtes Programm 'TR/Agent.qazy.1472'

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 26.04.2010, 13:05   #4
Xara
 
unerwünschtes Programm 'TR/Agent.qazy.1472' - Standard

unerwünschtes Programm 'TR/Agent.qazy.1472'


Hier der erste OTL:

OTL Extras logfile created on: 10-04-26 14:00:43 - Run 1
OTL by OldTimer - Version 3.2.3.0 Folder = C:\Dokumente und Einstellungen\Peter\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: DEU | Date Format: yy-MM-dd

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 63.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 189.92 Gb Total Space | 10.76 Gb Free Space | 5.67% Space Free | Partition Type: NTFS
Drive D: | 41.20 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
Drive F: | 5.12 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PEDA
Current User Name: Peter
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\ICQ\Icq.exe" = C:\Programme\ICQ\Icq.exe:*:Enabled:ICQ -- (ICQ Inc.)
"C:\Spiele\The Lord of the Rings Online\lotroclient.exe" = C:\Spiele\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient -- File not found
"C:\Programme\ICQLite\ICQLite.exe" = C:\Programme\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite -- File not found
"C:\Spiele\Darkstar One\DarkStarOne.exe" = C:\Spiele\Darkstar One\DarkStarOne.exe:*:EnabledarkStar -- File not found
"C:\Programme\Codemasters\Der Herr de Ringe Online\lotroclient.exe" = C:\Programme\Codemasters\Der Herr de Ringe Online\lotroclient.exe:*:Enabled:lotroclient.exe -- File not found
"C:\Spiele\Hellgate London\Launcher.exe" = C:\Spiele\Hellgate London\Launcher.exe:*:Enabled:Hellgate: London -- (Flagship Studios)
"C:\Programme\ICQ6\ICQ.exe" = C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Spiele\Pro Evolution Soccer 2008\PES2008.exe" = C:\Spiele\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008 -- File not found
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Spiele\Pro Evolution Soccer 2010\pes2010.exe" = C:\Spiele\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010 -- (Konami Digital Entertainment Co., Ltd.)
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Steam\Steam.exe" = C:\Programme\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Programme\Steam\steamapps\common\grand theft auto iv\RGSC\RGSCLauncher.exe" = C:\Programme\Steam\steamapps\common\grand theft auto iv\RGSC\RGSCLauncher.exe:*:Enabled:Grand Theft Auto IV -- File not found
"C:\Programme\Mass Effect\Binaries\MassEffect.exe" = C:\Programme\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game -- (BioWare)
"C:\Programme\Mass Effect\MassEffectLauncher.exe" = C:\Programme\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher -- (BioWare)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{08F8FD7C-44A5-4423-B87C-EBD3D94C9F87}" = Vampire - The Masquerade Bloodlines
"{111E336D-30BF-4CD4-8D69-4541732AFB27}" = Peter Jackson's King Kong - The Official Game of the Movie
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series" = Canon MP620 series MP Drivers
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1AEC8F41-4701-415D-9782-F69CFB535463}" = Creative Zen MicroPhoto
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1B2DBF55-05D4-4072-87D8-689141E262BD}" = Creative ZEN
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{2FDFD600-7338-4738-90D5-FC4ACA08DC36}" = Pro Evolution Soccer 2008
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{362D5167-9716-44BE-89FD-BF9EB6EF814B}" = DawnOfWar
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3E4B349F-10B5-4586-9D99-489A90A8B228}" = Sid Meier's Civilization 4 - Warlords
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{475E0AAF-8865-4D39-AFBF-A8EB447D3D17}" = IKEA HomePlanner Office
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5C79D312-F68F-4B04-8A4F-E28A0AE1ECBB}" = CrissCross 8.00
"{5D601655-6D54-4384-B52C-17EC5385FBBD}" = iTunes
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528D}" = Command & Conquer Die ersten 10 Jahre
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{7D71FCA2-DB4A-497D-AF6F-B0D88DA92F88}" = FEAR SP Demo
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{90885A82-9673-49EA-AB39-AF776639C67C}" = InterVideo WinDVD 7
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A111D34B-7021-44CE-BEFB-3C17688F463B}" = SoulSeekkor's TQ Defiler
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B4455D-1046-4732-BFBC-0821BEFC07BC}" = Hellgate: London
"{A8E2EF8F-73EF-4DD8-BB38-31FCCAF50103}" = Dark Messiah
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A70800000002}" = Adobe Reader 7.0.8 - Deutsch
"{AE585DDE-7230-4B57-926B-428C94AA5850}" = Adobe Setup
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam-Software
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE7CB214-DB11-4B5D-A6AF-3B4ED47C68B7}" = Microsoft Game Studios Common Redistributables Pack 1
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{D8D8B308-B172-43DB-96F1-6A3F84851D61}" = iTunes Art Importer
"{DD8408E9-9421-484F-979D-DB6361E3E828}" = Dawn Of War - Winter Assault
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE91E474-9298-47B8-817F-8E0042408998}" = Risen Hotfix 1.01
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FC338210-F594-11D3-BA24-00001C3AB4DF}" = cyberJack Base Components
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_8fbf74eb27c84640370f87306e8981b" = Adobe InDesign CS3
"Age of Empires 2.0" = Microsoft Age of Empires II
"Ashampoo Burning Studio 6" = Ashampoo Burning Studio 6
"Audiograbber" = Audiograbber 1.83 SE
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS DVD Player_is1" = AVS DVD Player version 2.4
"Beyond Good and Evil_is1" = Beyond Good and Evil
"Bink and Smacker" = Bink and Smacker
"BPS MP3-WAV Converter_is1" = BPS MP3-WAV Converter version 5.0.0.0
"BVTech Photo Publisher" = BVTech Photo Publisher
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CCleaner" = CCleaner (remove only)
"Chipcard master_is1" = Chipcard master 6.24
"CKM Gehörbildung" = CKM Gehörbildung
"CoreVorbis Audio Decoder" = CoreVorbis Audio Decoder (remove only)
"Creative Removable Disk Manager" = Creative Removable Disk Manager
"CSCLIB" = Canon Camera Support Core Library
"CTDVDAudio Plugin" = Creative DVD Audio Plugin for Audigy Series
"DirectVobSub" = DirectVobSub (remove only)
"DivX Content Uploader" = DivX Content Uploader
"Drakensang_is1" = Drakensang
"Dunkle Magie Mod" = Dunkle Magie Mod
"DVD Ripper Wizard" = DVD Ripper Wizard
"Easy MP3 Cutter_is1" = Easy MP3 Cutter 2.9
"EAX Unified" = EAX Unified
"eMusic Promotion" = eMusic - 50 Free MP3 offer
"EOS Utility" = Canon Utilities EOS Utility
"Finale NotePad 2006" = Finale NotePad 2006
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"GoogleVideoPlayer" = Google Video Player
"Hexenfeuermod" = Hexenfeuermod
"HijackThis" = HijackThis 2.0.2
"ICQ" = ICQ
"ie8" = Windows Internet Explorer 8
"InstallShield_{2FDFD600-7338-4738-90D5-FC4ACA08DC36}" = Pro Evolution Soccer 2008
"InstallShield_{362D5167-9716-44BE-89FD-BF9EB6EF814B}" = DawnOfWar
"InstallShield_{471BB1D9-6F59-4093-B46D-373772D5C111}" = Far Cry Demo
"Internet Explorer Security Plugin 2006" = Internet Explorer Security Plugin 2006
"Internet Security Add-On" = Internet Security Add-On
"IrfanView" = IrfanView (remove only)
"Klomanager Gold" = Klomanager Gold
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"MixWDemo" = MixWDemo
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4)
"MSNINST" = MSN
"Neophyte" = Neophyte
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Patch 1.2 zu: Dunkle Magie Mod" = Patch 1.2 zu: Dunkle Magie Mod
"Pest-Capture" = Pest-Capture
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa 3" = Picasa 3
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Public Messenger ver 2.03" = Public Messenger ver 2.03
"QcDrv" = Logitech® Camera-Treiber
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 6.0" = RealPlayer
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Respawnmod" = Respawnmod
"Rune Halls of Valhalla Full Update_is1" = Rune Halls of Valhalla 1.08
"ScummVM Tools_is1" = ScummVM Tools 0.11.0
"Shady Midnight Demo 1.13" = Shady Midnight Demo 1.13
"Skype_is1" = Skype 2.5
"ST6UNST #1" = PCGH Oblivion-Tuner
"Steam App 12210" = Grand Theft Auto IV
"SysInfo" = Creative Systeminformationen
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"ToolbarICQToolbar.ICQToolbarObjectIEToolbar" = ICQ Toolbar
"Totalcmd" = Total Commander (Remove or Repair)
"Video Access ActiveX Object" = Video Access ActiveX Object 2.07
"Videoload Manager" = Videoload Manager 1.0.1514
"VLC media player" = VLC media player 0.9.8a
"Warhammer Online - Age of Reckoning_is1" = Warhammer Online - Age of Reckoning
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"WMFDist11" = Windows Media Format 11 runtime
"WMV9APDMOE" = Windows Media Video 9 Advanced Profile Codec
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Gothic Texture Patch - Freddy" = Freddy's Texture Patch BETA
"Lemmini" = Lemmini
"Move Media Player" = Move Media Player
"World of Warcraft Trial" = Probeversion von World of Warcraft

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10-01-13 12:17:44 | Computer Name = PEDA | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung GTAIV.exe, Version 1.0.0.4, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 10-01-15 10:11:39 | Computer Name = PEDA | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung TOTALCMD.EXE, Version 6.5.4.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 10-01-24 06:28:59 | Computer Name = PEDA | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application winword.exe, version 10.0.2627.0, faulting module
winword.exe, version 10.0.2627.0, fault address 0x00025f20.

Error - 10-01-24 06:29:10 | Computer Name = PEDA | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application winword.exe, version 10.0.2627.0, faulting module
winword.exe, version 10.0.2627.0, fault address 0x00025f20.

Error - 10-01-24 07:43:20 | Computer Name = PEDA | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application winword.exe, version 10.0.2627.0, faulting module
winword.exe, version 10.0.2627.0, fault address 0x00025f20.

Error - 10-01-31 15:24:20 | Computer Name = PEDA | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung vlc.exe, Version 0.9.8.1, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 10-01-31 15:27:40 | Computer Name = PEDA | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung vlc.exe, Version 0.9.8.1, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 10-02-03 13:16:39 | Computer Name = PEDA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung vlc.exe, Version 0.9.8.1, fehlgeschlagenes
Modul liblibmpeg2_plugin.dll, Version 0.0.0.0, Fehleradresse 0x0001c2d1.

Error - 10-02-05 08:49:24 | Computer Name = PEDA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung autorun.exe, Version 0.0.0.0, fehlgeschlagenes
Modul autorun.exe, Version 0.0.0.0, Fehleradresse 0x00001173.

Error - 10-02-22 17:37:35 | Computer Name = PEDA | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Picasa3.exe, Version 3.6.95.25, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

[ System Events ]
Error - 10-04-17 11:18:29 | Computer Name = PEDA | Source = Service Control Manager | ID = 7034
Description = Dienst "Hardware management services" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.

Error - 10-04-20 16:31:40 | Computer Name = PEDA | Source = Service Control Manager | ID = 7034
Description = Dienst "Hardware management services" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.

Error - 10-04-21 04:22:23 | Computer Name = PEDA | Source = Service Control Manager | ID = 7034
Description = Dienst "TCP/IP-NetBIOS-Hilfsprogramm" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.

Error - 10-04-21 04:22:23 | Computer Name = PEDA | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Remote-Registrierung" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden
durchgeführt: Starten Sie den Dienst neu..

Error - 10-04-21 04:22:23 | Computer Name = PEDA | Source = Service Control Manager | ID = 7034
Description = Dienst "SSDP-Suchdienst" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.

Error - 10-04-21 04:22:23 | Computer Name = PEDA | Source = Service Control Manager | ID = 7034
Description = Dienst "WebClient" wurde unerwartet beendet. Dies ist bereits 1 Mal
passiert.

Error - 10-04-21 04:22:34 | Computer Name = PEDA | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Remoteprozeduraufruf (RPC)" wurde unerwartet beendet.
Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000
Millisekunden durchgeführt: Starten Sie den Computer neu..

Error - 10-04-21 04:38:07 | Computer Name = PEDA | Source = Service Control Manager | ID = 7034
Description = Dienst "Hardware management services" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.

Error - 10-04-21 04:41:08 | Computer Name = PEDA | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
nvata

Error - 10-04-26 07:57:44 | Computer Name = PEDA | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
nvata


< End of report >

 

Themen zu unerwünschtes Programm 'TR/Agent.qazy.1472'
antivir, antivir guard, avira, bho, bonjour, browser, canon, cdburnerxp, desktop, excel, firefox, frage, google, gupdate, hijack, hijackthis, hkus\s-1-5-18, internet, internet explorer, logfile, mozilla, mozilla thunderbird, object, picasa, plug-in, programm, software, system, trojan, virus, wenig ahnung, windows, windows xp


« TR/Agent.qazy.1472 & TR/Trash.gen die Streitrosse des Teufels | Error Code -2147023174 »


Ähnliche Themen: unerwünschtes Programm 'TR/Agent.qazy.1472'


  1. McAffe hat ein unerwünschtes Programm gefunden: Crossrider
    Log-Analyse und Auswertung - 07.10.2015 (13)
  2. Avira : unerwünschtes Programm `TR/ATRAPS.Gen` wurde Blockiert
    Plagegeister aller Art und deren Bekämpfung - 14.12.2014 (14)
  3. Windows Vista SP2 64-bit - Virus / unerwünschtes Programm?
    Plagegeister aller Art und deren Bekämpfung - 09.11.2014 (9)
  4. Plötzlich unerwünschtes Programm installiert
    Log-Analyse und Auswertung - 19.03.2014 (11)
  5. unerwünschtes Programm TR\ATRAPS.Gen2
    Log-Analyse und Auswertung - 29.01.2013 (3)
  6. Unerwünschtes Programm oder Virus gefunden
    Log-Analyse und Auswertung - 12.01.2013 (7)
  7. Trojaner?Unerwünschtes Programm
    Alles rund um Windows - 15.03.2012 (1)
  8. Trojaner, Virus, unerwünschtes Programm an Bord
    Plagegeister aller Art und deren Bekämpfung - 19.03.2011 (1)
  9. Unerwünschtes Programm?
    Plagegeister aller Art und deren Bekämpfung - 03.09.2010 (1)
  10. unerwünschtes Programm 'TR/Spy.Banker.AG.1' [trojan] gefunden
    Plagegeister aller Art und deren Bekämpfung - 21.06.2010 (17)
  11. TR/Agent.qazy.1472 & TR/Trash.gen die Streitrosse des Teufels
    Log-Analyse und Auswertung - 26.04.2010 (32)
  12. Verdacht auf unerwünschtes Programm!
    Log-Analyse und Auswertung - 20.04.2010 (15)
  13. System32\kbdqelt.dll Virus oder unerwünschtes Programm TR/Agent.ruo [trojan] gefunden
    Plagegeister aller Art und deren Bekämpfung - 01.04.2010 (4)
  14. unerwünschtes Programm 'TR/FraudPack.TNB.9' gefunden.
    Log-Analyse und Auswertung - 30.09.2009 (3)
  15. AntiVir findet Virus oder unerwünschtes Programm TR/Agent.105720
    Plagegeister aller Art und deren Bekämpfung - 25.02.2009 (3)
  16. Antivir hat Virus oder unerwünschtes Programm gefunden "BDS/Agent.ZNC"
    Log-Analyse und Auswertung - 05.09.2008 (13)
  17. wurde ein Virus oder unerwünschtes Programm 'BDS/Agent.elw'
    Log-Analyse und Auswertung - 18.02.2008 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema unerwünschtes Programm 'TR/Agent.qazy.1472' - Hier der erste OTL: OTL Extras logfile created on: 10-04-26 14:00:43 - Run 1 OTL by OldTimer - Version 3.2.3.0 Folder = C:\Dokumente und Einstellungen\Peter\Desktop Windows XP Professional Edition Service - unerwünschtes Programm 'TR/Agent.qazy.1472'...
Archiv
Du betrachtest: unerwünschtes Programm 'TR/Agent.qazy.1472' auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131