![]() |
Plagegeister aller Art und deren Bekämpfung: win32.agent.fbx wie bekomme ich den weg?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
![]() |
![]() | #1 |
| ![]() win32.agent.fbx wie bekomme ich den weg? Hallo, ich hoffe mir kann jemand helfen..habe denn trojaner win32.agent.fbx auf meinem pc, wie bekomme ich denn runter???? Habe ihn durch spybot gefunden. Ich kenne mich nicht so gut aus,daher hoffe ich mir kann jemand helfen. lg janina |
![]() | #2 |
| ![]() win32.agent.fbx wie bekomme ich den weg? Malwarebytes' Anti-Malware 1.46
__________________www.malwarebytes.org Datenbank Version: 4320 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18928 17.07.2010 10:39:06 mbam-log-2010-07-17 (10-39-06).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|) Durchsuchte Objekte: 278254 Laufzeit: 1 Stunde(n), 33 Minute(n), 12 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 6 Infizierte Registrierungswerte: 6 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 5 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CLASSES_ROOT\CLSID\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xpatlvgh (Trojan.Agent.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\getdo (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mscj.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rundll32.exe (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\wab (Trojan.Agent) -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\Program Files\YouTube Downloader Toolbar\WidgiHelper.exe (Adware.WidgiToolbar) -> Quarantined and deleted successfully. C:\Program Files\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully. C:\Users\Daniel Janina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DUG7WJES\loaders_yyy2010061600[1].exe (Trojan.Vilsel) -> Quarantined and deleted successfully. C:\Users\Daniel Janina\Downloads\Speed-Downloading_setup.exe (Adware.NaviPromo) -> Quarantined and deleted successfully. C:\Users\Daniel Janina\AppData\Roaming\Macromedia\Common\389fe03c19.exe (Trojan.Agent) -> Quarantined and deleted successfully. |
![]() | #3 |
| ![]() win32.agent.fbx wie bekomme ich den weg? OTL EXTRAS Logfile:
ATTFilter OTL Extras logfile created on: 17.07.2010 10:55:48 - Run 1 OTL by OldTimer - Version Folder = C:\Users\Daniel Janina\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 116,44 Gb Total Space | 20,73 Gb Free Space | 17,80% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 114,98 Gb Total Space | 114,89 Gb Free Space | 99,92% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DANIELJANINA-PC Current User Name: Daniel Janina Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-880424369-814009208-3409472215-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [dm Fotowelt.exe] -- "C:\Program Files\dm\dm Fotowelt\dm Fotowelt.exe" "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 1 "InternetSettingsDisableNotify" = 1 "AutoUpdateDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00A60032-FA97-4AD8-B81E-BBD945E4DC26}" = rport=139 | protocol=6 | dir=out | app=system | "{3FEA432C-7855-4BA2-9C66-23183EA71245}" = lport=137 | protocol=17 | dir=in | app=system | "{54BC221D-06DD-4FF4-B3C9-95F0B10D0E39}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{74E496A1-77B5-4C8A-A7DD-14ECE3B199C7}" = rport=137 | protocol=17 | dir=out | app=system | "{7E4F3475-75F4-40D7-891A-55F2E1954004}" = rport=445 | protocol=6 | dir=out | app=system | "{83E95F3A-8D88-46FE-8B65-5B6D10B02E2D}" = rport=138 | protocol=17 | dir=out | app=system | "{8998266A-F928-4DE4-B0DB-3502560562F9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{BFAE5CCA-D943-46B1-B84E-A92BED45716C}" = lport=139 | protocol=6 | dir=in | app=system | "{C68EEB5E-814A-4C25-AAAC-5F49023DD9DA}" = lport=445 | protocol=6 | dir=in | app=system | "{D5B1AECE-CAD9-41AA-88C9-D111F217BA05}" = lport=138 | protocol=17 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{22DEA79D-CEC9-49B4-A04F-D87E746F889D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{2A565E7C-A40F-4B6E-A128-8F944E86E3A2}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{3FEA612A-8B26-4ADD-BB78-3AFCDF06F448}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{60422466-7E92-4FED-8F64-52EC3AF37E67}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{801EC9EC-7134-4CAD-91E7-918A03C9F58E}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{B803989D-90EA-49DB-96F9-AB74F89D0387}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{B99B5CE4-71E2-4D92-8761-D467DBF0CED9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{C656705D-CC77-4B28-8F52-32224B3BB859}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{FB3785B1-5732-4567-BC09-ABA30A6B3AB8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{FD319CBE-374F-4D86-83E1-C2C5F55C7C1C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "TCP Query User{29E50ECA-8598-4BC3-B4DA-43051FD4FF8A}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | "TCP Query User{4A57DB16-6837-42C8-BD4A-CB957B399130}C:\program files\google\google desktop search\googledesktop.exe" = protocol=6 | dir=in | app=c:\program files\google\google desktop search\googledesktop.exe | "TCP Query User{57288F53-7665-404F-A365-D667FDF2DD09}C:\program files\nero\nero 7\nero home\nerohome.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero 7\nero home\nerohome.exe | "TCP Query User{72D60F32-BA0E-4F9C-9232-E83587D99D08}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | "TCP Query User{77961782-F724-4FFD-8829-60B3C544BF94}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | "TCP Query User{AC8E4859-A3FE-4277-B369-18D3CF03AFC0}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | "TCP Query User{C908F0C1-3468-4C9F-B5F4-E7A49D8C1791}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | "UDP Query User{0B15C53E-0A55-4105-B1ED-31B510DE2A03}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | "UDP Query User{170ACECE-F729-473D-8412-40A2F1B02A75}C:\program files\nero\nero 7\nero home\nerohome.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero 7\nero home\nerohome.exe | "UDP Query User{88FDBAEB-82A7-46E0-B5E6-A7D4B65CAE06}C:\program files\google\google desktop search\googledesktop.exe" = protocol=17 | dir=in | app=c:\program files\google\google desktop search\googledesktop.exe | "UDP Query User{8FA3E09D-5901-4ED3-9704-1E4F845CA945}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | "UDP Query User{910F87CF-F77B-4275-8378-D6CC3EF798BD}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | "UDP Query User{977CA6D8-55A2-4621-86A9-6AF9B5BE2A28}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | "UDP Query User{F0E85CE1-AC9C-4E4A-8BAA-8DB5B3074FAD}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{004098A1-0362-4C42-A1C3-CAD436CFF4A1}" = YouTube Downloader Toolbar v1.0 "{04CB6099-90D2-896A-8E01-8F1228499D93}" = Catalyst Control Center Localization Dutch "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{068138BE-11F5-8F56-8D88-13837314558E}" = CCC Help German "{0A2F0BB6-D45B-AF3C-C19A-6950342AF6B1}" = Catalyst Control Center Localization Turkish "{0BAA36F4-8138-AD8A-3791-44A7F0DD63E7}" = CCC Help Japanese "{0C2B0B35-CF80-1384-D2F0-14F119F1784E}" = Catalyst Control Center Localization Chinese Standard "{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver "{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.5 "{1A998953-E64F-CE34-4517-C58EF5092157}" = CCC Help Turkish "{1AED74D3-4C54-3CAA-65DE-4EAB7B589AE1}" = Catalyst Control Center Localization Greek "{228A2F09-4557-92B9-44A9-E13D41FFAD02}" = Catalyst Control Center Localization Hungarian "{228D6BCB-7B30-39F5-5442-A99CD76A9762}" = Catalyst Control Center Localization Danish "{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information "{242BCCDC-B37B-4792-A52C-BCDDB1030AF9}" = Zoo Empire "{2672817F-EB60-5FA1-9691-FE03D3E674F9}" = CCC Help French "{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 20 "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program "{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime "{2CC25320-CD83-B987-4B0A-B53B8413CC87}" = CCC Help Italian "{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6 "{33A0D18A-019E-8F30-6EDA-776CDC319771}" = CCC Help Norwegian "{34537704-7E4C-F552-AFC7-E3FDB0A4FDC1}" = Catalyst Control Center Localization Italian "{357D2DAA-1743-AC07-D88B-0077FC725DF6}" = Catalyst Control Center Graphics Full Existing "{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba "{3899B709-95BD-752E-B320-1686DACA370E}" = CCC Help Portuguese "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E84E56E-FC81-4E08-AA90-E8B2FDC02557}" = Catalyst Control Center Localization Norwegian "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{469DFB95-185F-CA9E-3D5E-0036754B5033}" = Catalyst Control Center Localization German "{475BF3D4-E418-18CF-34FC-1D8DD3E67F46}" = Catalyst Control Center Localization Chinese Traditional "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4D881F9F-90B1-6992-BA30-72333A6BC669}" = CCC Help Danish "{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works "{51035563-B7F5-01AF-0BE4-47533DEE5B51}" = Catalyst Control Center Localization Russian "{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password "{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup "{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5AC66835-7850-401E-AC93-65AD4D6A7E2E}" = Catalyst Control Center Localization Portuguese "{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6789E743-FF41-3E96-8C59-0F43ADE6D9E6}" = Catalyst Control Center Localization French "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{698CEC51-8E29-5B7C-2C88-20CDE9DC3DFF}" = ccc-core-static "{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{74E2F60E-5C4D-3200-3AB5-6A5C1806A64F}" = CCC Help Hungarian "{759D7567-3027-5605-BF42-9363090FAF71}" = CCC Help Czech "{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour "{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree "{7B63B2922B174135AFC0E1377DD81EC2}" = "{85737D46-5FDE-7798-02BA-68AC06CD0B17}" = CCC Help Spanish "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista "{892DB0A0-CF31-DA46-8142-2B3953CA7B38}" = CCC Help English "{8AB6D950-AF93-4FBB-9599-A7F09BD1EE6E}" = Music-DVD on CD and DVD "{8F2E8ADC-871F-7B91-708D-BC2899C7D986}" = Catalyst Control Center Localization Swedish "{8FC9A62D-90DB-7122-09F3-587C42EE9FAC}" = Catalyst Control Center Localization Czech "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{9128A108-FE27-997F-A118-E6C65FAE2256}" = CCC Help Korean "{9809A7E4-3B3B-4547-3B80-0073E0115EB4}" = Catalyst Control Center Graphics Previews Vista "{9842DEA7-806B-08CA-608C-9717F5F5D7F3}" = Catalyst Control Center Graphics Light "{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9C6ABCF3-A9BF-2A09-0974-777B6C421E28}" = CCC Help Swedish "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer "{A6D4234C-CB02-4048-AC3E-AD09404FA35A}" = Emdedded IR Driver "{A6F2C0CD-E0A2-BCC1-5BEF-600AC4D9AE62}" = Catalyst Control Center Localization Spanish "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1031-7B44-A70900000002}" = Adobe Reader 7.0.9 - Deutsch "{AED8FA19-763C-BA3F-A243-3136EEF255E8}" = CCC Help Russian "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support "{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser "{BA98E840-DCB3-10B7-D016-8890E4F8F4CC}" = Catalyst Control Center Graphics Full New "{BC1ADEAD-99F1-4707-B31B-CDB222D5BB68}" = Catalyst Control Center - Branding "{C1F4123D-6C93-D087-F50F-8D7AC51AFE76}" = ATI Catalyst Install Manager "{C3E7A3AD-142E-2433-0107-D2CA4D85F19F}" = CCC Help Greek "{C5A5F901-08F3-7E96-3049-A950A80ACCF4}" = Catalyst Control Center Graphics Previews Common "{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser "{CB082B01-F65B-05DA-3048-8979BF7B5BD2}" = CCC Help Dutch "{CC0E0442-B3BA-6FB5-3E94-C5F96B9B8915}" = Skins "{CCD90636-D97D-4130-A44A-3AD4E63B9220}" = OpenOffice.org 2.4 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba "{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}" = Search Settings 1.2 "{D281F20C-FA11-D09A-8A20-B78D771222F8}" = Catalyst Control Center Localization Japanese "{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI "{DD766B16-BE10-F87C-73A7-A6FC09148633}" = CCC Help Polish "{DDF91F62-6CBF-2932-93BA-D487B60635B5}" = Catalyst Control Center Core Implementation "{DEB9671A-3CFC-4D38-B3B0-F48D6C581031}" = Nero 7 Essentials "{DEC00B1F-5E63-D40F-6291-A2A531414613}" = CCC Help Chinese Traditional "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{DF066D23-C0C8-8755-8244-A8A78B8798A5}" = CCC Help Thai "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe "{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities "{EC2F2081-6B46-810C-8408-EC04D29EDFF0}" = Catalyst Control Center Localization Thai "{F0EF93AE-6B13-DB6A-3C03-8CB5A51D0A7A}" = CCC Help Finnish "{F0FFE43C-7FCC-55F3-6BDE-11F6E9F9FB4A}" = CCC Help Chinese Standard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1E1E2E3-2F93-E548-7675-10A78CDD04A6}" = Catalyst Control Center Localization Finnish "{F20B6876-0F18-1A47-D858-D0D9F6888B99}" = Catalyst Control Center Localization Polish "{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA "{F400ED9E-848C-DB0B-CED5-F69DAA2CE8AD}" = ccc-utility "{F5EFBB2D-2CD6-FD3D-FA53-DFB962BFD14C}" = Catalyst Control Center Localization Korean "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth "{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package "320 Solitaires" = 320 Solitaires "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Ad-Aware" = Ad-Aware "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop 7.0" = Adobe Photoshop 7.0 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "BassAudio Player" = BassAudio Player "CloneDVD2" = CloneDVD2 "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "DivX Setup.divx.com" = DivX-Setup "dm Fotowelt" = dm Fotowelt "EPSON Printer and Utilities" = EPSON Printer Software "eqkmiak" = Favorit "Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition (D) "Foto-Mosaik_is1" = Foto-Mosaik 4.1.0 "Free Video Converter_is1" = Free Video Converter V 2.1 "Gitarrero Rock 'n Pop Maxi Demo XP_is1" = Gitarrero RocknPop 1.00 Demo "Google Updater" = Google Updater "Guitar Explorer 1.0" = Guitar Explorer 1.0 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{242BCCDC-B37B-4792-A52C-BCDDB1030AF9}" = Zoo Empire "InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort "InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup "InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility "InstallShield_{A6D4234C-CB02-4048-AC3E-AD09404FA35A}" = Emdedded IR Driver "InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers. "InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package "MAGIX Digital Foto Maker SE D" = MAGIX Digital Foto Maker SE (D) "MAGIX Foto Suite D" = MAGIX Foto Suite (D) "MAGIX Online Druck Service D" = MAGIX Online Druck Service (D) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6) "My Program_is1" = LANPoker Version "myphotobook" = myphotobook 3.1 "PhotoScape" = PhotoScape "PokerStars.net" = PokerStars.net "QCad" = QCad "TOSHIBA Software Modem" = TOSHIBA Software Modem "TrekStor DVB-T Stick_is1" = TrekStor DVB-T Stick "Windows Media Encoder 9" = Windows Media Encoder 9-Reihe "WinGimp-2.0_is1" = GIMP 2.6.7 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 25.11.2009 17:50:34 | Computer Name = DanielJanina-PC | Source = EventSystem | ID = 4621 Description = Error - 26.11.2009 18:01:40 | Computer Name = DanielJanina-PC | Source = EventSystem | ID = 4621 Description = Error - 27.11.2009 04:14:33 | Computer Name = DanielJanina-PC | Source = EventSystem | ID = 4621 Description = Error - 27.11.2009 10:47:51 | Computer Name = DanielJanina-PC | Source = EventSystem | ID = 4621 Description = Error - 27.11.2009 17:18:12 | Computer Name = DanielJanina-PC | Source = EventSystem | ID = 4621 Description = Error - 28.11.2009 19:40:26 | Computer Name = DanielJanina-PC | Source = EventSystem | ID = 4621 Description = Error - 29.11.2009 11:32:36 | Computer Name = DanielJanina-PC | Source = Application Hang | ID = 1002 Description = Programm firefox.exe, Version arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen. Prozess-ID: 1188 Anfangszeit: 01ca70f99e79826f Zeitpunkt der Beendigung: 14 Error - 29.11.2009 17:15:32 | Computer Name = DanielJanina-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18828, Zeitstempel 0x4a9600c9, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821, Ausnahmecode 0xc0000005, Fehleroffset 0x00066739, Prozess-ID 0x1508, Anwendungsstartzeit 01ca7135a3873ac7. Error - 30.11.2009 07:02:59 | Computer Name = DanielJanina-PC | Source = EventSystem | ID = 4621 Description = Error - 01.12.2009 08:11:04 | Computer Name = DanielJanina-PC | Source = EventSystem | ID = 4621 Description = [ System Events ] Error - 16.07.2010 16:20:59 | Computer Name = DanielJanina-PC | Source = DCOM | ID = 10000 Description = Error - 16.07.2010 17:43:38 | Computer Name = DanielJanina-PC | Source = DCOM | ID = 10010 Description = Error - 17.07.2010 02:48:36 | Computer Name = DanielJanina-PC | Source = Service Control Manager | ID = 7000 Description = Error - 17.07.2010 02:48:36 | Computer Name = DanielJanina-PC | Source = Service Control Manager | ID = 7000 Description = Error - 17.07.2010 03:02:48 | Computer Name = DanielJanina-PC | Source = DCOM | ID = 10000 Description = Error - 17.07.2010 04:47:35 | Computer Name = DanielJanina-PC | Source = Service Control Manager | ID = 7000 Description = Error - 17.07.2010 04:47:35 | Computer Name = DanielJanina-PC | Source = Service Control Manager | ID = 7000 Description = Error - 17.07.2010 04:49:01 | Computer Name = DanielJanina-PC | Source = Service Control Manager | ID = 7009 Description = Error - 17.07.2010 04:49:01 | Computer Name = DanielJanina-PC | Source = Service Control Manager | ID = 7000 Description = Error - 17.07.2010 04:49:35 | Computer Name = DanielJanina-PC | Source = DCOM | ID = 10000 Description = < End of report > |
![]() | #4 |
| ![]() win32.agent.fbx wie bekomme ich den weg? Warum hilft mir keiner?????? |
![]() |
Themen zu win32.agent.fbx wie bekomme ich den weg? |
gefunde, hoffe, runter, spybot, troja, trojaner, win, win32.agent.fbx |