|
Log-Analyse und Auswertung: av security suite, gelöscht nach anleitung, jetzt alles in ordnung ?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
27.08.2010, 11:45 | #1 |
| av security suite, gelöscht nach anleitung, jetzt alles in ordnung ? Hallo ! Habe av security suite von einer recht seriösen seite bekommen, glaube es war die taz seite, das wird ja immer schlimmer ( gelöscht nach anleitung des forums, ich poste hier mal die logs, hoffe ihr könnt mir sagen ob jetzt alles ok ist ! vielen dank im vorraus, das trojaner board ist echt klasse und hat mir jetzt schon zum 2ten mal geholfen !!! --------------------------------------------------------OTL Logfile: Code:
ATTFilter OTL logfile created on: 27.08.2010 12:29:56 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18943) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222,73 Gb Total Space | 1,12 Gb Free Space | 0,50% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded Drive H: | 666,12 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS I: Drive not present or media not loaded Computer Name: R2D2-MOBIL Current User Name: *** Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Downloads\Norman_TDSS_Cleaner.exe (Norman ASA) PRC - C:\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Common Files\PERI Software Shared\Service\ADT2008OEM Service File.exe () PRC - C:\Program Files\Common Files\PERI Software Shared\Service\ElposServiceFile.exe () PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) PRC - C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation) PRC - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation) PRC - C:\Program Files\Join Air\AssistantServices.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Program Files\Sony\Network Utility\NSUService.exe (Sony Corporation) PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation) PRC - C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) PRC - C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony NSCE) PRC - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe (Hauppauge Computer Works) PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) PRC - C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor) PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\Apoint\Apntex.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\Apoint\ApMsgFwd.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) PRC - C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe (ArcSoft, Inc.) PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe () PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Modules (SafeList) ========== MOD - C:\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (ADT2008OEM Service) -- C:\Program Files\Common Files\PERI Software Shared\Service\ADT2008OEM Service File.exe () SRV - (Elpos Service) -- C:\Program Files\Common Files\PERI Software Shared\Service\ElposServiceFile.exe () SRV - (avg9emc) -- C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) SRV - (VUAgent) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation) SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (osppsvc) -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (UI Assistant Service) -- C:\Program Files\Join Air\AssistantServices.exe () SRV - (NSUService) -- C:\Program Files\Sony\Network Utility\NSUService.exe (Sony Corporation) SRV - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV - (HauppaugeTVServer) -- C:\PROGRA~1\WinTV\HCWTVS~1.EXE (Hauppauge Computer Works) SRV - (EPGService) -- C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe (Hauppauge Computer Works) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (RtkHDMIService) -- C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor) SRV - (SOHDs) -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe (Sony Corporation) SRV - (SOHDms) -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe (Sony Corporation) SRV - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation) SRV - (VzFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation) SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation) SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation) SRV - (uCamMonitor) -- C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe (ArcSoft, Inc.) SRV - (AdobeActiveFileMonitor6.0) -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe () SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Driver Services (SafeList) ========== DRV - (UIUSys) -- C:\Windows\System32\DRIVERS\UIUSYS.SYS File not found DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found DRV - (nsak) -- C:\Users\GERALD~1.KRE\AppData\Local\Temp\000017d5.nmc\nse\bin\nsak.sys File not found DRV - (NDISKIO) -- C:\Users\GERALD~1.KRE\AppData\Local\Temp\000017d5.nmc\nse\bin\ndiskio.sys File not found DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found DRV - (AvgTdiX) -- C:\Windows\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgLdx86) -- C:\Windows\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgMfx86) -- C:\Windows\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated) DRV - (VClone) -- C:\Windows\System32\drivers\VClone.sys (Elaborate Bytes AG) DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated) DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated) DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.) DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation) DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (hcw95rc) -- C:\Windows\System32\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.) DRV - (hcw95bda) -- C:\Windows\System32\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.) DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell) DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (ArcSoftKsUFilter) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation) DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.) DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.) DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.) DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.) DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.) DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.) DRV - (btwl2cap) -- C:\Windows\System32\drivers\btwl2cap.sys (Broadcom Corporation.) DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation) DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (DSDrv4) -- C:\PROGRA~1\DScaler\DSDrv4.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.studivz.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "about:blank" FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.8 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.10 FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 4 FF - prefs.js..extensions.enabledItems: 9 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.27 10:29:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.29 13:43:11 | 000,000,000 | ---D | M] [2008.09.19 22:26:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2010.08.27 10:19:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\3kgnxb89.default\extensions [2010.02.22 23:36:33 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\3kgnxb89.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2009.06.25 20:38:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\3kgnxb89.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.02.22 23:36:33 | 000,000,000 | ---D | M] (Speed Dial) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\3kgnxb89.default\extensions\{64161300-e22b-11db-8314-0800200c9a66} [2010.07.07 15:56:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\3kgnxb89.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.02.22 23:36:36 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\3kgnxb89.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.02.22 23:36:33 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\3kgnxb89.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2009.11.19 11:14:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\3kgnxb89.default\extensions\firefox@tvunetworks.com [2009.09.01 18:03:30 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2008.09.04 02:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll [2010.07.12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2010.07.02 15:42:28 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.07.02 15:42:28 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2010.07.02 15:42:28 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2010.07.02 15:42:28 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2010.07.02 15:42:28 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.05.19 00:15:12 | 000,306,123 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 10540 more lines... O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found. O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe (Sony) O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony NSCE) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://static.pe.studivz.net/photouploader/ImageUploader5.cab?nocache=1220362252 (Image Uploader Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation) O24 - Desktop WallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008.09.05 15:32:28 | 000,000,000 | ---D | M] - H:\AutoRun -- [ CDFS ] O32 - AutoRun File - [2003.08.29 01:02:13 | 000,000,059 | R--- | M] () - H:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{66f76a36-9bbd-11de-9631-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{66f76a36-9bbd-11de-9631-806e6f6e6963}\Shell\AutoRun\command - "" = H:\RunGame.exe -- [2003.08.29 01:02:04 | 000,147,456 | R--- | M] () O33 - MountPoints2\{88f11c1d-b139-11de-962b-001dba1de5e4}\Shell - "" = AutoRun O33 - MountPoints2\{88f11c1d-b139-11de-962b-001dba1de5e4}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found O33 - MountPoints2\{8df3a073-68dd-11de-b859-001dba1de5e4}\Shell\AutoRun\command - "" = 9kretct.exe O33 - MountPoints2\{8df3a073-68dd-11de-b859-001dba1de5e4}\Shell\open\Command - "" = 9kretct.exe O33 - MountPoints2\{8df3a075-68dd-11de-b859-001dba1de5e4}\Shell\AutoRun\command - "" = 9kretct.exe O33 - MountPoints2\{8df3a075-68dd-11de-b859-001dba1de5e4}\Shell\open\Command - "" = 9kretct.exe O33 - MountPoints2\{f4418434-71fd-11de-a28e-001dba1de5e4}\Shell\AutoRun\command - "" = BIN\RECYCLE\Bin.exe O33 - MountPoints2\{f4418434-71fd-11de-a28e-001dba1de5e4}\Shell\open\command - "" = BIN\RECYCLE\Bin.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.08.27 10:06:36 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\vqdshxaam [2010.08.27 10:06:36 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\vqdshxaam [2010.08.27 10:06:08 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Windows [2010.08.27 10:06:06 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Windows Server [2010.08.25 18:39:50 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\SimCity 4 [2010.08.18 14:08:18 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\My Games [2010.08.18 14:04:54 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft Games [2010.08.13 15:03:52 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010.08.13 15:03:52 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.08.13 15:03:52 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.08.13 15:03:52 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.08.13 15:03:52 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010.08.13 15:03:51 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.08.13 15:03:51 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.08.13 15:03:51 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010.08.13 15:03:51 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010.08.13 15:03:51 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010.08.13 15:03:51 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010.08.13 15:03:51 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.08.13 15:03:51 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.08.13 15:03:50 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.08.13 15:03:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.08.13 15:03:46 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2010.08.13 15:03:33 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010.08.13 15:03:25 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2010.08.13 15:03:08 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2010.08.13 15:03:07 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2010.08.04 20:29:15 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010.08.04 20:18:02 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes [2010.08.04 20:17:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.08.04 20:17:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.08.04 20:17:48 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.08.04 20:17:48 | 000,000,000 | ---D | C] -- C:\Program Files\herbert2k7 [2010.08.04 20:17:11 | 006,153,648 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\***\Desktop\herbert2k7.exe [2010.08.04 19:04:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\9E09CC870FB79C9E36090C8881B11351 [2010.08.02 19:20:37 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Lady_GaGa-The_Fame-(UK_Retail)-2009-WHOA [2010.07.30 16:59:36 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Metallica - (1991) - Metallica [2010.07.30 16:39:35 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Kings_Of_Leon_-_Only_By_The_Night-2008-Homely_iNT [2010.07.29 13:44:17 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2010.07.29 13:43:11 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.08.27 12:34:30 | 007,340,032 | -HS- | M] () -- C:\Users\***\ntuser.dat [2010.08.27 12:22:01 | 000,001,150 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-838192005-1790286810-2749306812-1000UA.job [2010.08.27 12:18:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.08.27 12:18:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.08.27 12:18:19 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.08.27 12:18:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.08.27 12:18:03 | 3219,169,280 | -HS- | M] () -- C:\hiberfil.sys [2010.08.27 12:16:43 | 000,524,288 | -HS- | M] () -- C:\Users\***\ntuser.dat{f6e399b7-c7bd-11dd-b02d-001dba1de5e4}.TMContainer00000000000000000001.regtrans-ms [2010.08.27 12:16:43 | 000,065,536 | -HS- | M] () -- C:\Users\***\ntuser.dat{f6e399b7-c7bd-11dd-b02d-001dba1de5e4}.TM.blf [2010.08.27 10:49:43 | 000,000,162 | -H-- | M] () -- C:\Users\***\Desktop\~$100817_Handbuch ECE_v.01_korrektur und links eingefügt.doc [2010.08.27 10:36:46 | 000,007,620 | ---- | M] () -- C:\Users\***\AppData\Local\d3d9caps.dat [2010.08.27 10:29:21 | 000,002,474 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010.08.27 10:10:38 | 021,757,440 | ---- | M] () -- C:\Users\***\Desktop\20100817_Handbuch ECE_v.01_korrektur und links eingefügt.doc [2010.08.27 08:54:06 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{66C9754C-4E32-47EF-9F23-7EB0AAE8790F}.job [2010.08.26 15:53:02 | 063,903,826 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2010.08.25 19:12:04 | 000,000,912 | ---- | M] () -- C:\Users\***\Desktop\SimCity 4 - Verknüpfung.lnk [2010.08.25 18:29:43 | 000,001,226 | ---- | M] () -- C:\Windows\eReg.dat [2010.08.24 08:29:02 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.08.24 08:29:02 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.08.24 08:29:02 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.08.24 08:29:01 | 001,418,806 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010.08.24 08:29:01 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.08.24 08:28:55 | 021,775,360 | ---- | M] () -- C:\Users\***\Desktop\20100817_Handbuch ECE_v.01.doc [2010.08.24 08:27:36 | 000,132,686 | ---- | M] () -- C:\Users\***\Desktop\Bürokühlung_SRE.ppt.zip [2010.08.20 00:22:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-838192005-1790286810-2749306812-1000Core.job [2010.08.18 13:58:51 | 000,001,461 | ---- | M] () -- C:\Users\Public\Desktop\Rise of Nations Gold.lnk [2010.08.16 14:40:14 | 000,028,389 | ---- | M] () -- C:\Users\***\Desktop\Mahnung Majolika.docx [2010.08.15 20:10:13 | 000,010,403 | ---- | M] () -- C:\Users\***\Desktop\Diplomschnitt.xlsx [2010.08.14 12:26:14 | 000,426,128 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.08.13 18:31:37 | 000,009,852 | ---- | M] () -- C:\Users\***\Desktop\Neues Textdokument - Editor.pdf [2010.08.10 15:18:29 | 000,383,556 | ---- | M] () -- C:\Users\***\Desktop\VT_2009-H_gesamt_oL.pdf [2010.08.10 09:19:26 | 001,152,334 | ---- | M] () -- C:\Users\***\Desktop\BVT_2009_Fr_mit_Teilloesungen.pdf [2010.08.10 09:19:25 | 001,015,292 | ---- | M] () -- C:\Users\***\Desktop\BVT_2008_He_mit_Teilloesungen.pdf [2010.08.08 22:03:54 | 000,162,404 | ---- | M] () -- C:\Users\***\Desktop\Unbenannt.pdf [2010.08.04 20:29:19 | 000,001,874 | ---- | M] () -- C:\Users\***\Desktop\HijackThisffff.lnk [2010.08.04 20:17:55 | 000,000,738 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.08.04 20:17:22 | 006,153,648 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\***\Desktop\herbert2k7.exe [2010.08.04 13:50:37 | 394,544,788 | ---- | M] () -- C:\Users\***\Desktop\vt.pdf [2010.08.02 12:48:14 | 022,431,337 | ---- | M] () -- C:\Users\***\Desktop\st.pdf [2010.08.02 11:07:25 | 005,042,689 | ---- | M] () -- C:\Users\***\Desktop\kaimauern.pdf [2010.08.01 21:30:47 | 000,023,158 | ---- | M] () -- C:\Users\***\Desktop\deckenschalung_materialliste.jpg [2010.08.01 21:30:19 | 000,093,212 | ---- | M] () -- C:\Users\***\Desktop\deckenschalung.jpg [2010.08.01 21:27:30 | 000,090,354 | ---- | M] () -- C:\Users\***\Desktop\materialliste.jpg [2010.08.01 21:22:05 | 000,076,905 | ---- | M] () -- C:\Users\***\Desktop\schalplan.jpg [2010.08.01 20:17:44 | 000,000,135 | ---- | M] () -- C:\Windows\ODBC.INI [2010.07.31 12:07:49 | 000,183,296 | ---- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.07.28 21:54:18 | 000,115,624 | ---- | M] () -- C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT [2010.07.28 15:38:19 | 000,169,775 | ---- | M] () -- C:\Users\***\Desktop\fulltext.pdf [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.08.27 12:18:01 | 3219,169,280 | -HS- | C] () -- C:\hiberfil.sys [2010.08.27 10:49:43 | 000,000,162 | -H-- | C] () -- C:\Users\***\Desktop\~$100817_Handbuch ECE_v.01_korrektur und links eingefügt.doc [2010.08.25 19:07:54 | 000,000,912 | ---- | C] () -- C:\Users\***\Desktop\SimCity 4 - Verknüpfung.lnk [2010.08.24 09:29:00 | 021,757,440 | ---- | C] () -- C:\Users\***\Desktop\20100817_Handbuch ECE_v.01_korrektur und links eingefügt.doc [2010.08.24 08:27:36 | 000,132,686 | ---- | C] () -- C:\Users\***\Desktop\Bürokühlung_SRE.ppt.zip [2010.08.23 17:52:23 | 021,775,360 | ---- | C] () -- C:\Users\***\Desktop\20100817_Handbuch ECE_v.01.doc [2010.08.18 13:58:51 | 000,001,461 | ---- | C] () -- C:\Users\Public\Desktop\Rise of Nations Gold.lnk [2010.08.16 14:40:07 | 000,028,389 | ---- | C] () -- C:\Users\***\Desktop\Mahnung Majolika.docx [2010.08.15 20:08:32 | 000,010,403 | ---- | C] () -- C:\Users\***\Desktop\Diplomschnitt.xlsx [2010.08.13 18:31:37 | 000,009,852 | ---- | C] () -- C:\Users\***\Desktop\Neues Textdokument - Editor.pdf [2010.08.10 15:18:29 | 000,383,556 | ---- | C] () -- C:\Users\***\Desktop\VT_2009-H_gesamt_oL.pdf [2010.08.08 22:03:54 | 000,162,404 | ---- | C] () -- C:\Users\***\Desktop\Unbenannt.pdf [2010.08.05 09:30:40 | 001,152,334 | ---- | C] () -- C:\Users\***\Desktop\BVT_2009_Fr_mit_Teilloesungen.pdf [2010.08.05 09:30:23 | 001,015,292 | ---- | C] () -- C:\Users\***\Desktop\BVT_2008_He_mit_Teilloesungen.pdf [2010.08.04 20:29:19 | 000,001,874 | ---- | C] () -- C:\Users\***\Desktop\HijackThisffff.lnk [2010.08.04 20:17:55 | 000,000,738 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.08.04 13:45:53 | 394,544,788 | ---- | C] () -- C:\Users\***\Desktop\vt.pdf [2010.08.02 12:48:02 | 022,431,337 | ---- | C] () -- C:\Users\***\Desktop\st.pdf [2010.08.02 11:07:25 | 005,042,689 | ---- | C] () -- C:\Users\***\Desktop\kaimauern.pdf [2010.08.01 21:30:47 | 000,023,158 | ---- | C] () -- C:\Users\***\Desktop\deckenschalung_materialliste.jpg [2010.08.01 21:30:19 | 000,093,212 | ---- | C] () -- C:\Users\***\Desktop\deckenschalung.jpg [2010.08.01 21:26:16 | 000,090,354 | ---- | C] () -- C:\Users\***\Desktop\materialliste.jpg [2010.08.01 21:22:05 | 000,076,905 | ---- | C] () -- C:\Users\***\Desktop\schalplan.jpg [2010.07.28 15:38:19 | 000,169,775 | ---- | C] () -- C:\Users\***\Desktop\fulltext.pdf [2009.08.18 21:27:57 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2008.10.18 18:26:39 | 000,000,399 | ---- | C] () -- C:\Windows\vtplus32.ini [2008.10.18 18:26:35 | 000,000,030 | ---- | C] () -- C:\Windows\System32\UNWISE.INI [2008.10.18 18:26:10 | 000,032,295 | ---- | C] () -- C:\Windows\Irremote.ini [2008.10.18 18:26:02 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dmcrypto.dll [2008.10.18 18:25:42 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI [2008.10.18 18:25:40 | 000,163,840 | ---- | C] () -- C:\Windows\System32\hcwChDB.dll [2008.10.18 18:25:12 | 000,006,235 | ---- | C] () -- C:\Windows\HCWPNP.INI [2008.09.07 23:41:16 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2008.09.07 23:41:15 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2008.09.07 23:27:14 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2008.07.23 18:50:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2008.06.02 14:01:51 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI [2008.06.02 13:54:23 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll [2008.05.16 02:41:54 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2007.10.30 10:44:52 | 000,393,216 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll < End of report > ________________________________________________________________ OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 27.08.2010 12:29:56 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18943) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222,73 Gb Total Space | 1,12 Gb Free Space | 0,50% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded Drive H: | 666,12 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS I: Drive not present or media not loaded Computer Name: R2D2-MOBIL Current User Name: *** Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) .scr [@ = scrfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 1 "AntiSpywareOverride" = 1 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\PPStream\PPStream.exe" = C:\Program Files\PPStream\PPStream.exe:*:Enabled:PPStream -- File not found "C:\Program Files\PPMate\ppmate.exe" = C:\Program Files\PPMate\ppmate.exe:*:Enabled:PPMate -- File not found "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.) ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{104C3C4C-17A4-4B19-B4E6-3E2DC7D946E2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{15187DF4-CD95-4765-B5A2-352A6A20B994}" = lport=10243 | protocol=6 | dir=in | app=system | "{1B5C8A37-4C89-45BA-95D5-F696D846009E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2BD4D4A8-6196-4FB9-B9C9-E79825D106BB}" = lport=445 | protocol=6 | dir=in | app=system | "{3B2D4B29-7A93-45BC-BD4D-3C6B8A7BC795}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{3DBBD55F-6BB0-43F5-92F4-03FD78272F52}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{41003DFB-9B43-49B1-B836-13B12A8F842A}" = rport=445 | protocol=6 | dir=out | app=system | "{41F93A8F-BCC1-4B01-9B92-FBE09266F300}" = lport=137 | protocol=17 | dir=in | app=system | "{57A90A9D-3D60-4BC3-A02D-CC1F37E55204}" = lport=138 | protocol=17 | dir=in | app=system | "{59180346-251C-41D4-83E3-5B18CB5B039E}" = lport=2869 | protocol=6 | dir=in | app=system | "{770400C2-7E68-42A8-903A-6CA143FF8232}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{8535C21C-B922-4412-8F12-F731DC10C83F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{853D1726-E8CA-4310-A5ED-96CA050C4D21}" = rport=137 | protocol=17 | dir=out | app=system | "{8E1F9408-EBC6-4BCF-8DED-697DF977DEC5}" = rport=10243 | protocol=6 | dir=out | app=system | "{8EAABC88-2CE6-4EBA-B0C4-B48C0FD95763}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{980EA556-8462-4116-BBF1-8B59CBA23F5B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | "{99DE6541-6B88-452C-A95A-9C83A83F2D82}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A60DFA07-C487-4DA8-A1ED-B10A0FA76411}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{AB97CE77-D2BB-4BE5-9797-4FE7C46B46AB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{B252C216-0A1B-4277-B732-B0B52F35BD38}" = rport=138 | protocol=17 | dir=out | app=system | "{B56D49B0-54FB-4906-AEE9-A9A3B09D8651}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B67B7AD3-8E81-4E21-BBC4-BB75E2480499}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{D15A85B7-0D2B-4975-88CF-0A3C74100BD8}" = rport=139 | protocol=6 | dir=out | app=system | "{E2A20D64-FDE5-447D-A61B-669E678A48FA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E5EB70F4-555D-4A8B-B122-55A7D9E063DF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{EAB1DB04-BB67-4FD9-AA38-29CD6FA7827D}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{EC334FFB-1047-4D89-ABE3-E97E9FF77A71}" = lport=139 | protocol=6 | dir=in | app=system | "{F7B7EBA6-FD32-4A89-9995-E69CE4DDBC96}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{012363DF-F96E-4CA4-98BB-0944CA65CFDC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{02C65070-3525-42C9-A01A-CF62B7A6E415}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe | "{0A40320C-1E70-4A06-AA55-E9CA3029F51A}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe | "{11A31468-BF42-412A-89EB-FA0193E2DBE6}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe | "{1DBC8812-71BC-4BF4-B3DF-D4A36646158C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{27788C40-0743-4BA7-993C-7B0D41B07E70}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{313999CD-87D5-4D29-909A-2DA13A908C14}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{42851326-C61A-4745-83C5-8DCA6904AE92}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{45AAE780-399A-462F-BFB0-A97077FFB919}" = protocol=6 | dir=in | app=c:\programme\itunes\itunes.exe | "{46E83316-A770-46BB-A13E-D806F703FD6F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{4B00A727-C0E6-4AB7-94A6-DBC29F9118BA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{4E5F8CDD-7F5B-4238-A101-D9FAD90AD2BD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{4E777985-B31B-48BA-8B1F-294E2457334B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{523CAC92-1CBB-4F04-BCDE-D5E94C285B16}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{56AF32A8-17E9-4A75-BDB3-82B70D07747E}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{623E4900-E04B-47AF-8726-E92E716964A3}" = protocol=17 | dir=in | app=c:\programme\itunes\itunes.exe | "{6BC8358D-45C6-4E67-9F1F-A2D3911566BB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{70E16976-3BA9-4B8A-B676-5E350A76F544}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{722A4939-A4B6-42A5-AD63-A02CB1DF4E8B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{73B65D27-1135-4479-A51C-F1F8F2713B23}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{90AAC9D8-450E-4E52-B145-A6F1255600A1}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe | "{92F965FE-0906-4C8C-9197-4A3023D6F1C0}" = protocol=17 | dir=in | app=c:\spiele\ron\thrones.exe | "{95721BDB-4217-4F23-9C00-1A3B2F785BDB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{9ACB156C-544C-4922-94A0-D26C3F22A8DD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{9EB956D6-3F0D-4028-AC67-03085F0949CC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A43831A7-5289-438C-9388-38F81236F97F}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{A458B4AB-3C94-4A18-9F30-1F5A815AE229}" = protocol=6 | dir=in | app=c:\spiele\ron\thrones.exe | "{B0D6A118-8B54-4815-9C05-4BE8E552DD77}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BFF70ABF-9E25-4C3C-9297-BF40690C2F7E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{C91FE5AC-A7DA-4EDF-A5E8-471C70EBCEC2}" = dir=in | app=c:\program files\avg\avg9\avgemc.exe | "{CB3168EE-93B7-45D9-A73B-26AF5ECBF11A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{CCB83343-CB43-4EC8-A5EE-C94C4A19DE0B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{D25DC55E-61DF-476F-ADAC-1EB92AE5A6DB}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe | "{D2E4EB22-EB00-498D-818C-C697271A7FD1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{E02F906B-350D-44F4-AFCE-D2A2D7C5972B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{F2DAC94C-F492-41F6-AC1B-8D9375CBCF54}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{F5D3EAE8-8804-4872-A7BB-0EF9EFA1BFCE}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{F6C3740E-AB66-45B2-9CD9-208194A1D70F}" = protocol=6 | dir=out | app=system | "TCP Query User{009CDC78-8C32-4BFA-AD14-5A2FA4842C71}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | "TCP Query User{098B453D-0D84-4A61-B917-9A61A32DC82D}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{09FF273E-A1D2-42A8-AFF8-92B7A8C183D2}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe | "TCP Query User{0CFA9FFF-88C2-4626-91D3-CE6DC01D8173}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe | "TCP Query User{276C50EB-4495-46DF-8576-A440345B5761}C:\users\***\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\local\google\chrome\application\chrome.exe | "TCP Query User{5856E4DE-CB2B-4A46-9FA2-38A574671D91}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | "TCP Query User{5B2C93AB-BE33-40AB-8267-7D1ABA63BC93}C:\program files\ppstream\ppstream.exe" = protocol=6 | dir=in | app=c:\program files\ppstream\ppstream.exe | "TCP Query User{6A397CB3-4DEC-461F-B298-1F04D52D5CF9}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | "TCP Query User{7875156A-56A8-4581-9D02-F8177957E9D7}C:\program files\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files\tvants\tvants.exe | "TCP Query User{9AC4E422-AD02-43DB-A8B3-9DA826EC11B1}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "TCP Query User{9C730229-20DD-415C-B2C3-92A49F5FEEE9}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{A6F75A99-7576-43ED-A9D3-6536BF70A24C}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "TCP Query User{B274B391-B1D8-4FFA-AD35-0942030C9D53}C:\program files\electronic arts\alarmstufe rot 3\data\ra3_1.4.game" = protocol=6 | dir=in | app=c:\program files\electronic arts\alarmstufe rot 3\data\ra3_1.4.game | "TCP Query User{B42E34C5-BBB0-453E-8069-02DAB339AC8A}C:\program files\zattoo\zattoo.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattoo.exe | "TCP Query User{BA223CC9-86DA-4232-9E5D-8E7A16FA98B2}C:\users\***\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\users\***\sopcast\adv\sopadver.exe | "TCP Query User{C2F351BF-B9F7-437C-A88C-D1EFCFAF0B2A}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{C9B76040-2486-4628-BB26-E32BCA5A1099}C:\users\***\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\users\***\sopcast\sopcast.exe | "TCP Query User{D88B7EF5-5D30-4E65-8D3B-D687A89D50FD}C:\program files\ppmate\ppmnet.exe" = protocol=6 | dir=in | app=c:\program files\ppmate\ppmnet.exe | "TCP Query User{D919A57B-F276-4E89-847D-69FF93676AB2}C:\users\***\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\users\***\sopcast\sopcast.exe | "UDP Query User{0925E606-DF4A-4E46-85D5-37D130F659F1}C:\users\***\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\users\***\sopcast\sopcast.exe | "UDP Query User{0A4C3C6A-6417-4C40-A300-0A4CE9E73E8E}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | "UDP Query User{10A8A3D2-D632-4C24-A1C7-6ABFC8B10C9F}C:\users\***\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\users\***\sopcast\adv\sopadver.exe | "UDP Query User{153EA763-31EC-4231-8195-6BCCB62837C4}C:\program files\ppstream\ppstream.exe" = protocol=17 | dir=in | app=c:\program files\ppstream\ppstream.exe | "UDP Query User{15A69D52-2855-43B1-BBC8-D039FD5D2524}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "UDP Query User{3807B4C1-0CF5-4AA1-9CE7-BE4224E2A42F}C:\program files\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files\tvants\tvants.exe | "UDP Query User{6AD58473-61C5-4AFB-B092-AEFE4D70F6B7}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe | "UDP Query User{88537F10-B0B2-4766-881F-4FE14E88F6BD}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "UDP Query User{9629EDD4-DD82-40C9-84B2-3985CFAD7AD5}C:\users\***\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\local\google\chrome\application\chrome.exe | "UDP Query User{A54DBE8D-FAC4-41E4-8996-B4FD7F3E4D27}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe | "UDP Query User{A64E003E-F031-43B4-A45E-4166EAB01AD9}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{ACF25366-99BE-4748-AF15-C4FDFD6E9292}C:\program files\ppmate\ppmnet.exe" = protocol=17 | dir=in | app=c:\program files\ppmate\ppmnet.exe | "UDP Query User{AF67F7D3-EAF8-46B6-9602-F3E82C4D5E7C}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | "UDP Query User{C1C3BD80-8386-43E7-96AF-522077F8F683}C:\program files\zattoo\zattoo.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattoo.exe | "UDP Query User{C4C6C36C-A4C5-4A2D-8A17-BC076B16532A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{D009BB29-D4C6-4372-9484-980FDBCF6906}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{DA9F8E20-C366-44C7-B646-1E0E27F32601}C:\users\***\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\users\***\sopcast\sopcast.exe | "UDP Query User{E9366FE8-346C-4571-A5CD-FE550D744121}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | "UDP Query User{F8F81952-EA8A-473B-A57F-C2B3D7E70E61}C:\program files\electronic arts\alarmstufe rot 3\data\ra3_1.4.game" = protocol=17 | dir=in | app=c:\program files\electronic arts\alarmstufe rot 3\data\ra3_1.4.game | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser "{01866A44-A697-4821-871F-1CB9F907E8DE}" = OpenOffice.org 2.3 "{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library "{02D63222-CF76-E080-74DD-975B1672ED67}" = Catalyst Control Center Core Implementation "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.2200 "{0405000A-0570-549A-A819-3BCEEAA1B40B}" = Catalyst Control Center Localization Hungarian "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{06786A53-D2D8-47CD-696A-ABC83625EBFE}" = Catalyst Control Center Graphics Light "{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer(TM) Generäle "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data "{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan "{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{14E7357F-487C-3BF6-7955-B898AA76306E}" = CCC Help Russian "{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher "{16D9D199-E8A0-9FBA-DDF3-0E2D7826D694}" = Catalyst Control Center Localization Spanish "{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan "{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg "{18C24BF9-3B71-6F89-848C-D78C40197216}" = CCC Help Chinese Traditional "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1974FF16-2A0A-76AF-D948-0037B0CB8EB5}" = CCC Help Hungarian "{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth "{1E87F957-F850-D9F9-60F3-842955AAF519}" = Catalyst Control Center Localization German "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools "{20140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 (Beta) "{20140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 (Beta) "{20140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 (Beta) "{20140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 (Beta) "{20140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 (Beta) "{20140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 (Beta) "{20140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 (Beta) "{20140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 (Beta) "{20140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta) "{20140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta) "{20140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 (Beta) "{20140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 (Beta) "{20140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010 (Beta) "{20140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 (Beta) "{20140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 (Beta) "{20140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010 (Beta) "{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation "{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO "{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge "{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting "{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi-Software "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 15 "{27A2ABE9-E4C4-45DD-B9A8-CEEEE380E7E1}" = VAIO Content Metadata Intelligent Analyzing Manager "{2C3D71B4-85C4-5FA9-859E-1413F94EF642}" = Catalyst Control Center Localization Greek "{2D87E961-577B-492B-AD54-1368680FB9A7}" = Bing Maps 3D "{310395F2-9206-159B-43B0-BF63D9F01B61}" = Catalyst Control Center Localization Turkish "{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2 "{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works "{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network "{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0 "{3EE2F527-F306-49E9-0086-662C337ADD3B}" = FUSSBALL MANAGER 07 "{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}" = SimCity 4 Deluxe "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{43DA617D-1B80-0B70-FAA0-52AFCE853F40}" = CCC Help Finnish "{4742375A-9BD3-46D0-E0CC-A8819D2E2C54}" = CCC Help Greek "{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc "{4BB5D5A7-F75E-D8D9-0DF8-AA2C1F188CEB}" = Catalyst Control Center Localization French "{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor "{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox "{4FCBFEDD-0CBF-A4A8-79D3-E9EAD37336C9}" = CCC Help Chinese Standard "{54C91EE3-65B9-A931-8382-12B2A02709F8}" = ATI Catalyst Install Manager "{5511F0CC-59E0-02AD-941F-2323DA2BB377}" = CCC Help Swedish "{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01) "{5783F2D7-6004-0409-0000-0060B0CE6BBA}" = AutoCAD Architecture 2008 "{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool "{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic "{5A29796D-2566-3ADA-043D-28C51CD7D4C3}" = Catalyst Control Center Localization Chinese Standard "{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update "{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" = "{5D803295-DD78-0143-F64B-0D80852C43E9}" = CCC Help Italian "{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help "{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung "{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5 "{61FD2585-3337-8822-899B-68612742BA2F}" = Catalyst Control Center Localization Russian "{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant "{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform "{6C7196C0-D205-03E7-39A1-7A23AB69F659}" = CCC Help Czech "{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data "{70D43D66-53BF-257F-72FC-96FB33B39276}" = Catalyst Control Center Graphics Full New "{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center "{723F5CDD-839A-FF16-4CFA-C4E0AA54A315}" = ccc-core-static "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio "{73BD4567-1C4E-8D45-1D28-3D469026A883}" = Skins "{757CC5BA-BF08-46A5-8D10-64C6FDF659C6}" = VAIO Content Metadata Manager Setting "{761205A9-41DC-48C9-2CC1-F197D372DBEF}" = Catalyst Control Center Localization Italian "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects "{7E5DEF65-FE91-02F2-C291-22741AC34017}" = Catalyst Control Center Localization Danish "{826E7114-AA2E-59AA-1916-2A753DC49153}" = ccc-utility "{8299B94E-7F85-65A9-B0FA-6F6A8A6D4FBD}" = Catalyst Control Center Localization Thai "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8626472F-7AD7-C83B-66FA-00E0A1C50A26}" = Catalyst Control Center Localization Swedish "{8662A65A-A2A1-072C-708D-1C1262776F6A}" = CCC Help Thai "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8C3CD8CF-7012-51E5-107B-5A8C75701E1A}" = CCC Help Dutch "{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update "{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00 "{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{918CFAF6-AC40-F2C8-C044-7FA95C8A7099}" = CCC Help German "{924EB80F-C2BB-4B9F-8412-88BBA937393F}" = MobileMe Control Panel "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{963B65F9-89C7-48BB-8E40-E7583DEC7C8D}" = SonicStage Mastering Studio "{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = "{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status "{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music "{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7 "{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations "{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins "{9C71059E-6DDD-4958-9251-7A5F865B6BA0}" = VAIO Content Metadata Intelligent Analyzing Manager "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO "{A33E457B-5369-481F-8B53-71108AE2EB5B}" = Roxio Easy Media Creator 10 LJ "{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter "{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy "{A4399CF4-7A3F-4E84-B763-AD352640203D}" = VAIO Content Metadata XML Interface Library "{A55A277A-4336-FACF-991A-52B51B8FAE78}" = Catalyst Control Center Localization Finnish "{A5D54806-AA49-BBFF-A2D3-76FA3DF096FA}" = Catalyst Control Center Localization Korean "{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting "{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series "{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder "{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Join Air "{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter "{AAE442C0-F28B-8D58-1A1C-D566F9BCD294}" = Catalyst Control Center Localization Portuguese "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-1033-F400-BA7E-000000000003}" = Adobe Acrobat 8 Standard - English, Français, Deutsch "{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy "{B6B0D277-D003-307F-CF94-5F5894DFA3F1}" = Catalyst Control Center Graphics Full Existing "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.4 "{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}" = Adobe Flash Player 9 ActiveX "{BC653BB7-0AF0-22E5-A895-902AD52675CA}" = CCC Help Portuguese "{BCEABBD6-6EDA-4246-7EDB-D68FCCD78A65}" = Catalyst Control Center Graphics Previews Common "{BDD17603-CB75-0639-E6DA-0D9AA92A605B}" = CCC Help English "{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm "{BF5F6A06-0FC3-BEC0-9CC1-54D870A9EF97}" = Catalyst Control Center Localization Chinese Traditional "{C221CE66-9C07-8EA7-8EF6-AAD8E4588AE0}" = CCC Help French "{C455F37C-E92E-5CEB-382D-8B8EC580266F}" = Catalyst Control Center Localization Norwegian "{C6F150F6-AE89-30C7-6256-C40CF9328602}" = Catalyst Control Center Graphics Previews Vista "{C716522C-3731-4667-8579-40B098294500}" = Toolbox "{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service "{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B "{C93F4E7C-1B31-449B-A304-EF277CF55E39}" = Catalyst Control Center - Branding "{CBAE1EE5-F6E0-BDEF-0D49-C2AE46BE3B88}" = CCC Help Polish "{CC56A2CB-EC09-4175-B8BD-93E2440D410B}" = VAIO Content Metadata Manager Setting "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D06F5884-B439-440B-A58D-6C057C2FF8EB}" = Click to Disc "{D0AE373E-C276-432B-9A95-F8DD356A8242}" = VAIO Movie Story "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D3AF5596-546F-5975-39B4-259A197C7E24}" = Catalyst Control Center Localization Japanese "{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents "{D90507A2-6183-497D-9075-951DC80362DA}" = VAIO Media plus "{DDF57E4A-66B5-E9CC-C2A2-F2C98C57912C}" = CCC Help Turkish "{DEBA60A3-7CDE-48D7-993D-7C68663AEE68}" = VAIO Content Metadata Intelligent Analyzing Manager "{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter "{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport "{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software "{E27D2C9F-83A1-A34C-E366-26EADB9270F7}" = Catalyst Control Center Localization Dutch "{E2E7667F-C286-D110-7F9D-FC397A2607A8}" = CCC Help Danish "{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext "{E728E952-DD4F-4BCD-A5C8-40FBFEFF91FE}" = OpenOffice.org Installer 1.0 "{E7821540-B8F8-304F-1B97-C43D8582EB18}" = CCC Help Norwegian "{E8CA49A5-25C6-D80A-ED46-9D48A8B5D5F5}" = CCC Help Japanese "{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter "{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core "{F06300A2-87AE-042F-DE0F-1A5E380877C5}" = Catalyst Control Center Localization Czech "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1568757-E564-4cb5-8980-9333119A4384}" = F300 "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{F20E6529-0B46-FC26-378F-62CD640A98C4}" = Catalyst Control Center Localization Polish "{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and Conquer(TM) Generäle Die Stunde Null "{F485E43D-18B1-4B40-AF4B-EDA78E91DA80}" = Dolby Control Center "{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0 "{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = "{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb "{F754B561-ACAD-A3FA-AF54-3E5F9E662B04}" = CCC Help Korean "{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates "{F8821B6D-B6C9-E676-9B7D-3269F36A1769}" = CCC Help Spanish "{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime "{FACD3674-FC12-4B6C-A923-E1D687704E9B}" = VAIO Content Metadata XML Interface Library "{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home "{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Acrobat 8 Standard - English, Français, Deutsch" = Adobe Acrobat 8.1.3 Standard "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0 "Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE "Audiograbber" = Audiograbber 1.83 SE "AutoCAD Architecture 2008" = ELPOS 2008 "AVG9Uninstall" = AVG Free 9.0 "CCleaner" = CCleaner (remove only) "ClassicPro" = ClassicPro© v1.14 "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "Drakensang_is1" = Drakensang "DScaler 4.1.15_is1" = DScaler 4.1.15 "dt icon module" = "EuroSchal DEMO für Windows" = EuroSchal® 2004 DEMO für Windows "FLV Player" = FLV Player 2.0 (build 25) "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.3 "Free FLV Converter_is1" = Free FLV Converter V 6.6.4 "Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.5 "Google Desktop" = Google Desktop "gtfirstboot Setting Request" = "Hauppauge German Help Files and Resources" = Hauppauge German Help Files and Resources "Hauppauge WinTV" = Hauppauge WinTV "Hauppauge WinTV DVB-T EPG Service" = Hauppauge WinTV DVB-T EPG Service "Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote "Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler "Hauppauge WinTV TV Services" = Hauppauge WinTV TV Services "HijackThis" = HijackThis 2.0.2 "HP Imaging Device Functions" = HP Imaging Device Functions 8.0 "HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0 "HPOCR" = HP OCR Software 8.0 "InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer(TM) Generäle "InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO "InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor "InstallShield_{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00 "InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and Conquer(TM) Generäle Die Stunde Null "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MarketingTools" = Vaio Marketing Tools "MFU Module" = "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "MPE" = MyPhoneExplorer "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "Picasa 3" = Picasa 3 "PremElem40" = Adobe Premiere Elements 4.0 "PremElem40Templates" = Adobe Premiere Elements 4.0 Templates "ProInst" = Intel PROSet Wireless "RiseOfNationsExpansion 1.0" = Rise of Nations "SopCast" = SopCast 3.0.3 "SurfMusik 3.1a_is1" = SurfMusik 3.1a "TVUPlayer" = TVUPlayer 2.5.0.1 "Uninstall_is1" = Uninstall 1.0.0.1 "VAIO Help and Support" = "VAIO_My Club VAIO" = My Club VAIO "Veetle TV" = Veetle TV 0.9.17 "VLC media player" = VLC media player 0.9.9 "VTPlus32 für WinTV (German)" = VTPlus32 für WinTV (German) "Winamp" = Winamp "WinGimp-2.0_is1" = GIMP 2.6.6 "WinRAR archiver" = WinRAR "Zattoo" = Zattoo 3.3.4 Beta ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BitTorrent DNA" = DNA "Facebook Plug-In" = Facebook Plug-In "Google Chrome" = Google Chrome "Winamp Detect" = Winamp Erkennungs-Plug-in ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 21.02.2010 07:41:44 | Computer Name = r2d2-mobil | Source = VzCdbSvc | ID = 7 Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019) Error - 21.02.2010 07:41:47 | Computer Name = r2d2-mobil | Source = WinMgmt | ID = 10 Description = Error - 21.02.2010 12:25:52 | Computer Name = r2d2-mobil | Source = VzCdbSvc | ID = 7 Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019) Error - 21.02.2010 12:25:54 | Computer Name = r2d2-mobil | Source = WinMgmt | ID = 10 Description = Error - 22.02.2010 06:55:08 | Computer Name = r2d2-mobil | Source = VzCdbSvc | ID = 7 Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019) Error - 22.02.2010 06:55:13 | Computer Name = r2d2-mobil | Source = WinMgmt | ID = 10 Description = Error - 22.02.2010 19:47:10 | Computer Name = r2d2-mobil | Source = EventSystem | ID = 4621 Description = Error - 23.02.2010 05:18:03 | Computer Name = r2d2-mobil | Source = VzCdbSvc | ID = 7 Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019) Error - 23.02.2010 05:18:08 | Computer Name = r2d2-mobil | Source = WinMgmt | ID = 10 Description = Error - 23.02.2010 11:58:01 | Computer Name = r2d2-mobil | Source = VzCdbSvc | ID = 7 Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019) [ System Events ] Error - 27.08.2010 04:32:42 | Computer Name = r2d2-mobil | Source = DCOM | ID = 10005 Description = Error - 27.08.2010 04:32:40 | Computer Name = r2d2-mobil | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 Description = Error - 27.08.2010 04:32:53 | Computer Name = r2d2-mobil | Source = DCOM | ID = 10005 Description = Error - 27.08.2010 04:32:55 | Computer Name = r2d2-mobil | Source = DCOM | ID = 10005 Description = Error - 27.08.2010 04:33:13 | Computer Name = r2d2-mobil | Source = DCOM | ID = 10005 Description = Error - 27.08.2010 04:33:20 | Computer Name = r2d2-mobil | Source = Service Control Manager | ID = 7001 Description = Error - 27.08.2010 04:33:20 | Computer Name = r2d2-mobil | Source = Service Control Manager | ID = 7001 Description = Error - 27.08.2010 04:33:20 | Computer Name = r2d2-mobil | Source = Service Control Manager | ID = 7026 Description = Error - 27.08.2010 04:50:11 | Computer Name = r2d2-mobil | Source = DCOM | ID = 10005 Description = Error - 27.08.2010 06:19:05 | Computer Name = r2d2-mobil | Source = Service Control Manager | ID = 7000 Description = < End of report > |
27.08.2010, 12:38 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | av security suite, gelöscht nach anleitung, jetzt alles in ordnung ? Malwarebytes wurde schon ausgeführt? Wenn ja, bitte ale Logs davon posten. Alle!
__________________
__________________ |
30.08.2010, 09:46 | #3 |
| av security suite, gelöscht nach anleitung, jetzt alles in ordnung ? ja wurde schon ausgeführt:
__________________Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4488 Windows 6.0.6002 Service Pack 2 (Safe Mode) Internet Explorer 8.0.6001.18943 27.08.2010 12:14:55 mbam-log-2010-08-27 (12-14-55).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Durchsuchte Objekte: 365280 Laufzeit: 1 Stunde(n), 21 Minute(n), 55 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 2 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 15 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nwoasermcx.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gmvderlh (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\Users\gerald.kremer\AppData\Local\Temp\nwoasermcx.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Users\gerald.kremer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VBX57SI\dhojrcwrm[2].htm (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Users\gerald.kremer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VBX57SI\newsecureapp70700[1].exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Users\gerald.kremer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VBX57SI\newsecureapp70700[2].exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Users\gerald.kremer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VBX57SI\pgaiqxwq[2].htm (Fake.Regedit) -> Quarantined and deleted successfully. C:\Users\gerald.kremer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AHXJKXHE\dhojrcwrm[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Users\gerald.kremer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AHXJKXHE\izqlfr[1].htm (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Users\gerald.kremer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AHXJKXHE\qhysq[1].htm (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\gerald.kremer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IHYDFQBN\izqlfr[1].htm (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Users\gerald.kremer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IHYDFQBN\nezgb[1].htm (Rootkit.Bubnix) -> Quarantined and deleted successfully. C:\Users\gerald.kremer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IHYDFQBN\pgaiqxwq[1].htm (Fake.Regedit) -> Quarantined and deleted successfully. C:\Users\gerald.kremer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IHYDFQBN\qhysq[2].htm (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\gerald.kremer\AppData\Local\Windows\winhelp.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully. C:\Users\gerald.kremer\AppData\Roaming\9E09CC870FB79C9E36090C8881B11351\newsecureapp70700.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Users\gerald.kremer\AppData\Roaming\vqdshxaam\istrsjgshdw.exe (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully. |
30.08.2010, 14:30 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | av security suite, gelöscht nach anleitung, jetzt alles in ordnung ? Ist ja schon etwas her. Mach mal bitte ein Update mit Malwarebytes und einen weiteren Vollscan.
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu av security suite, gelöscht nach anleitung, jetzt alles in ordnung ? |
0 bytes, 32 bit, acroiehelper.dll, audiograbber, avg free, bho, bonjour, components, converter, corp./icp, data restore, desktop, document, error, excel, firefox, firefox.exe, flash player, fontcache, google, google chrome, hijack, home, home premium, iastor.sys, iexplore.exe, install.exe, intranet, local\temp, location, logfile, mahnung, microsoft office word, mozilla, mp3, norman, nvstor.sys, officejet, oldtimer, otl.exe, picasa, plug-in, programdata, realtek, recycle, registry, saver, searchplugins, security, shell32.dll, skype.exe, software, sptd.sys, svchost.exe, torrent.exe, trojaner, trojaner board, vista, vlc media player, wma |