| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win32.Agent.fbx auf dem RechnerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.09.2010, 19:58
| #1 |
| |  Win32.Agent.fbx auf dem Rechner Hallo.. ich habe heute mit Spybot einen Suchdurchlauf gemacht und festgestellt, dass ich einen Win32.Agent.fbx Trojaner auf meinem Rechner habe. Gemerkt, dass etwas nicht stimmt habe ich, nachdem "www.google.de" nicht mehr funktionierte und mein Firefox ständig abgestürzt ist. Spybot Bericht: Win32.Agent.fbx: [SBI $86BD92BA] Einstellungen (Registrierungsdatenbank-Schlüssel, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ullbiaf --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) --- 2009-01-26 blindman.exe (1.0.0.8) 2009-01-26 SDFiles.exe (1.6.1.7) 2009-01-26 SDMain.exe (1.0.0.6) 2009-01-26 SDShred.exe (1.0.2.5) 2009-01-26 SDUpdate.exe (1.6.0.12) 2009-01-26 SDWinSec.exe (1.0.0.12) 2009-01-26 SpybotSD.exe (1.6.2.46) 2009-01-26 TeaTimer.exe (1.6.4.26) 2010-09-12 unins000.exe (51.49.0.0) 2009-01-26 Update.exe (1.6.0.7) 2009-01-26 advcheck.dll (1.6.2.15) 2007-04-02 aports.dll (2.1.0.0) 2008-06-14 DelZip179.dll (1.79.11.1) 2009-01-26 SDHelper.dll (1.6.2.14) 2008-06-19 sqlite3.dll 2009-01-26 Tools.dll (2.1.6.10) 2009-01-16 UninsSrv.dll (1.0.0.0) 2010-06-29 Includes\Adware.sbi (*) 2010-08-24 Includes\AdwareC.sbi (*) 2010-08-13 Includes\Cookies.sbi (*) 2009-11-03 Includes\Dialer.sbi (*) 2010-07-27 Includes\DialerC.sbi (*) 2010-01-25 Includes\HeavyDuty.sbi (*) 2009-05-26 Includes\Hijackers.sbi (*) 2010-07-27 Includes\HijackersC.sbi (*) 2010-06-02 Includes\iPhone.sbi (*) 2010-08-02 Includes\Keyloggers.sbi (*) 2010-08-31 Includes\KeyloggersC.sbi (*) 2004-11-29 Includes\LSP.sbi (*) 2010-06-01 Includes\Malware.sbi (*) 2010-09-07 Includes\MalwareC.sbi (*) 2010-05-18 Includes\PUPS.sbi (*) 2010-07-20 Includes\PUPSC.sbi (*) 2010-01-25 Includes\Revision.sbi (*) 2009-01-13 Includes\Security.sbi (*) 2010-07-27 Includes\SecurityC.sbi (*) 2008-06-03 Includes\Spybots.sbi (*) 2008-06-03 Includes\SpybotsC.sbi (*) 2010-06-29 Includes\Spyware.sbi (*) 2010-07-27 Includes\SpywareC.sbi (*) 2010-03-08 Includes\Tracks.uti 2010-08-04 Includes\Trojans.sbi (*) 2010-07-28 Includes\TrojansC-02.sbi (*) 2010-07-28 Includes\TrojansC-03.sbi (*) 2010-07-28 Includes\TrojansC-04.sbi (*) 2010-09-07 Includes\TrojansC-05.sbi (*) 2010-08-16 Includes\TrojansC.sbi (*) 2008-03-04 Plugins\Chai.dll 2008-03-05 Plugins\Fennel.dll 2008-02-26 Plugins\Mate.dll 2007-12-24 Plugins\TCPIPAddress.dll Ich benutze WinVista. Ich habe schon ein paar Beiträge gelesen, die Anleitungen zum Entfernen jedoch nicht wirklich verstanden. Reicht es, wenn ich beispielsweise "SuperAntiSpyware" oder "AntiMalware" laufen lasse? Da ich eher wenig Ahnung von Computern habe, wäre ich über Hilfe sehr froh. Sollten noch irgendwelche Infos fehlen, bitte einfach fragen.. Danke Kia |
|
13.09.2010, 06:53
| #2 | ||
| /// Helfer-Team    | Win32.Agent.fbx auf dem Rechner Hallo und Herzlich Willkommen!
__________________ Zitat:
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org
2. poste erneut: Trend Micro HijackThis-Logfile - Keine offenen Fenster, solang bis HijackThis läuft!! 3. Bitte Versteckte - und Systemdateien sichtbar machen den Link hier anklicken: System-Dateien und -Ordner unter XP und Vista sichtbar machen Am Ende unserer Arbeit, kannst wieder rückgängig machen! 4. → Lade Dir HJTscanlist.zip herunter → entpacke die Datei auf deinem Desktop → Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren → per Doppelklick starten → Wähle dein Betriebsystem aus - Vista → Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen → Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren → Bitte kopiere den Inhalt hier in Deinen Thread. 5. Ich würde gerne noch all deine installierten Programme sehen: Lade dir das Tool "Ccleaner" herunter installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..." wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein Zitat:
Coverflow |
|
13.09.2010, 23:35
| #3 |
| | Win32.Agent.fbx auf dem Rechner Ersteinmal Danke für die schnelle Hilfe.
__________________Ich habe nun einige Programme durchlaufen lassen und meinen Laptop geprüft. Das vorgeschlagene Programm "Anti Malware" hat keine Bedrohung angezeigt, deshalb habe ich eine ähnliche Version herunter geladen und nochmals einen vollständigen Test durchführen lassen. "Emisisoft Anti Malware" Bericht: Code:
ATTFilter Emsisoft Anti-Malware - Version 5.0
Letztes Update: 13.09.2010 17:22:00
Scan Einstellungen:
Scan Methode: Detail Scan
Objekte: Speicher, Traces, Cookies, C:\, D:\
Archiv Scan: An
Heuristik: Aus
ADS Scan: An
Scan Beginn: 13.09.2010 20:25:19
[3012] C:\Program Files\FunkyEmoticons\FunkyEmoticons.exe gefunden: AdWare.Adware!IK
c:\program files\FunkyEmoticons gefunden: Trace.Directory.Funky Emoticons!A2
c:\program files\FunkyEmoticons\download gefunden: Trace.Directory.Funky Emoticons!A2
c:\program files\FunkyEmoticons\resourcesemoticons gefunden: Trace.Directory.Funky Emoticons!A2
c:\programdata\microsoft\windows\start menu\programs\FunkyEmoticons gefunden: Trace.Directory.Funky Emoticons!A2
c:\users\saskia\appdata\roaming\FunkyEmoticons gefunden: Trace.Directory.Funky Emoticons!A2
c:\users\saskia\appdata\roaming\FunkyEmoticons\Userdata gefunden: Trace.Directory.Funky Emoticons!A2
c:\program files\FunkyEmoticons\AssertX.dll gefunden: Trace.File.Funky Emoticons!A2
c:\program files\FunkyEmoticons\FunkyEmoticons.exe gefunden: Trace.File.Funky Emoticons!A2
c:\program files\FunkyEmoticons\FunkyEmoticonsDll.dll gefunden: Trace.File.Funky Emoticons!A2
c:\program files\FunkyEmoticons\resourcesemoticons\appconfig.xml gefunden: Trace.File.Funky Emoticons!A2
c:\program files\FunkyEmoticons\resourcesemoticons\btn.rgn gefunden: Trace.File.Funky Emoticons!A2
c:\program files\FunkyEmoticons\resourcesemoticons\btnBnr.rgn gefunden: Trace.File.Funky Emoticons!A2
c:\program files\FunkyEmoticons\resourcesemoticons\btnIn.rgn gefunden: Trace.File.Funky Emoticons!A2
c:\program files\FunkyEmoticons\resourcesemoticons\btnInNormal.bmp gefunden: Trace.File.Funky Emoticons!A2
c:\program files\FunkyEmoticons\resourcesemoticons\btnInOver.bmp gefunden: Trace.File.Funky Emoticons!A2
c:\program files\FunkyEmoticons\resourcesemoticons\btnNormal.bmp gefunden: Trace.File.Funky Emoticons!A2
c:\program files\FunkyEmoticons\resourcesemoticons\btnNormal.gif gefunden: Trace.File.Funky Emoticons!A2
c:\program files\FunkyEmoticons\resourcesemoticons\btnNormalBnr.bmp gefunden: Trace.File.Funky Emoticons!A2
c:\program files\FunkyEmoticons\resourcesemoticons\btnNormalBnr.gif gefunden: Trace.File.Funky Emoticons!A2
c:\program files\FunkyEmoticons\resourcesemoticons\btnOver.bmp gefunden: Trace.File.Funky Emoticons!A2
c:\program files\FunkyEmoticons\resourcesemoticons\btnOver.gif gefunden: Trace.File.Funky Emoticons!A2
c:\program files\FunkyEmoticons\resourcesemoticons\btnOverBnr.bmp gefunden: Trace.File.Funky Emoticons!A2
c:\program files\FunkyEmoticons\resourcesemoticons\btnOverBnr.gif gefunden: Trace.File.Funky Emoticons!A2
c:\program files\FunkyEmoticons\resourcesemoticons\funkyemoticons_translation_file.xml gefunden: Trace.File.Funky Emoticons!A2
c:\programdata\microsoft\windows\start menu\programs\FunkyEmoticons\FunkyEmoticons.lnk gefunden: Trace.File.Funky Emoticons!A2
c:\programdata\microsoft\windows\start menu\programs\FunkyEmoticons\Website.url gefunden: Trace.File.Funky Emoticons!A2
Value: HKEY_USERS\S-1-5-21-3582155803-2563737378-4168501966-1003\Software\FunkyEmoticons --> _status gefunden: Trace.Registry.Funky Emoticons!A2
Value: HKEY_USERS\S-1-5-21-3582155803-2563737378-4168501966-1003\Software\FunkyEmoticons --> ApplicationVersionInstall gefunden: Trace.Registry.Funky Emoticons!A2
Value: HKEY_USERS\S-1-5-21-3582155803-2563737378-4168501966-1003\Software\FunkyEmoticons --> dl_browser gefunden: Trace.Registry.Funky Emoticons!A2
Value: HKEY_USERS\S-1-5-21-3582155803-2563737378-4168501966-1003\Software\FunkyEmoticons --> dl_lg gefunden: Trace.Registry.Funky Emoticons!A2
Value: HKEY_USERS\S-1-5-21-3582155803-2563737378-4168501966-1003\Software\FunkyEmoticons --> grpid gefunden: Trace.Registry.Funky Emoticons!A2
Value: HKEY_USERS\S-1-5-21-3582155803-2563737378-4168501966-1003\Software\FunkyEmoticons --> installdt gefunden: Trace.Registry.Funky Emoticons!A2
Value: HKEY_USERS\S-1-5-21-3582155803-2563737378-4168501966-1003\Software\FunkyEmoticons --> Language gefunden: Trace.Registry.Funky Emoticons!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\FunkyEmoticons --> ApplicationVersionInstall gefunden: Trace.Registry.Funky Emoticons!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\FunkyEmoticons --> dl_browser gefunden: Trace.Registry.Funky Emoticons!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\FunkyEmoticons --> dl_lg gefunden: Trace.Registry.Funky Emoticons!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\FunkyEmoticons --> grpid gefunden: Trace.Registry.Funky Emoticons!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\FunkyEmoticons --> installdt gefunden: Trace.Registry.Funky Emoticons!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\FunkyEmoticons --> Language gefunden: Trace.Registry.Funky Emoticons!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run --> funkyemoticons gefunden: Trace.Registry.Funky Emoticons!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1223739118135801 gefunden: Trace.TrackingCookie.ads.heias.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1223822608840802 gefunden: Trace.TrackingCookie.www.zanox-affiliate.de!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1229368760207400 gefunden: Trace.TrackingCookie.ads.heias.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1230136908373800 gefunden: Trace.TrackingCookie.tfag.de!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1232387255717000 gefunden: Trace.TrackingCookie.ads.heias.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1233652878056000 gefunden: Trace.TrackingCookie.ads.heias.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1234116515200001 gefunden: Trace.TrackingCookie.ads.heias.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1234808023481401 gefunden: Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1236338181870800 gefunden: Trace.TrackingCookie.ads.heias.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1238010341836000 gefunden: Trace.TrackingCookie.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1238010345725000 gefunden: Trace.TrackingCookie.ad.71i.de!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1238344371190400 gefunden: Trace.TrackingCookie.d1.openx.org!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1239727860306893 gefunden: Trace.TrackingCookie.zbox.zanox.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1248953623452000 gefunden: Trace.TrackingCookie.ads.heias.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1248953633036000 gefunden: Trace.TrackingCookie.ads.heias.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1249597969772000 gefunden: Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1257684613700200 gefunden: Trace.TrackingCookie.about.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1257684615366200 gefunden: Trace.TrackingCookie.about.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1257684615392200 gefunden: Trace.TrackingCookie.about.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1265066094577000 gefunden: Trace.TrackingCookie.track.effiliation.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1269119873380000 gefunden: Trace.TrackingCookie.s2.trafficmaxx.de!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1269845088637000 gefunden: Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1270062964495000 gefunden: Trace.TrackingCookie.myspace.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1270062966286000 gefunden: Trace.TrackingCookie.myspace.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1270062966290000 gefunden: Trace.TrackingCookie.myspace.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1273333917643000 gefunden: Trace.TrackingCookie.track.effiliation.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1273835458695002 gefunden: Trace.TrackingCookie.d1.openx.org!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1274043184058013 gefunden: Trace.TrackingCookie.d1.openx.org!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1274043184059002 gefunden: Trace.TrackingCookie.d1.openx.org!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1274043184059005 gefunden: Trace.TrackingCookie.d1.openx.org!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1276680469961000 gefunden: Trace.TrackingCookie.adserv!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1276680470308000 gefunden: Trace.TrackingCookie.adserv!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1278258453778000 gefunden: Trace.TrackingCookie.count!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1278340456120000 gefunden: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1278340456120001 gefunden: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1278340456136000 gefunden: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1279044716227000 gefunden: Trace.TrackingCookie.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1279044754983000 gefunden: Trace.TrackingCookie.adserv!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1279806626373000 gefunden: Trace.TrackingCookie.www.zanox-affiliate.de!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1280170913879000 gefunden: Trace.TrackingCookie.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1280333745444000 gefunden: Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1280516207174000 gefunden: Trace.TrackingCookie.adserv!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1280516212066006 gefunden: Trace.TrackingCookie.adserv!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1280611066655000 gefunden: Trace.TrackingCookie.de.sitestat.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1280611982752000 gefunden: Trace.TrackingCookie.adserv!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1280689170570000 gefunden: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1280780238305000 gefunden: Trace.TrackingCookie.adserv!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1282135519964000 gefunden: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1282377722062000 gefunden: Trace.TrackingCookie.eas4.emediate.eu!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1282488543045000 gefunden: Trace.TrackingCookie.webtrends!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1282488543484000 gefunden: Trace.TrackingCookie.webtrends!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1282680886318000 gefunden: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1283010795333000 gefunden: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1283011233332000 gefunden: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1283022616136000 gefunden: Trace.TrackingCookie.adserv!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1283023354533000 gefunden: Trace.TrackingCookie.adserv!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1283083162331000 gefunden: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1283110508374000 gefunden: Trace.TrackingCookie.adserv!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1283634674758000 gefunden: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1284302480677000 gefunden: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1284314846075000 gefunden: Trace.TrackingCookie.doubleclick.net!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1284315638902001 gefunden: Trace.TrackingCookie.ad.zanox.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1284315862945001 gefunden: Trace.TrackingCookie.adfarm1.adition.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1284322165882000 gefunden: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\Saskia\AppData\Roaming\Mozilla\Firefox\Profiles\ihsgxk7t.default\cookies.sqlite:1284322165883000 gefunden: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\Saskia\AppData\Local\bkdqdnas.exe gefunden: Trojan.Win32.Hrup!IK
C:\Users\Saskia\Documents\LimeWire\Saved\lowenzahn [very good quality].snd gefunden: Trojan-Downloader.WMA.GetCodec!IK
C:\Users\Saskia\Downloads\7_sins_tr.zip/pztrain.exe gefunden: Virus.Win32.Trojan!IK
Gescannt
Dateien: 456365
Traces: 621426
Cookies: 2849
Prozesse: 98
Gefunden
Dateien: 4
Traces: 40
Cookies: 70
Prozesse: 1
Registry Keys: 0
Scan Ende: 14.09.2010 00:05:33
Scan Zeit: 3:40:14
C:\Users\Saskia\Downloads\7_sins_tr.zip/pztrain.exe Quarantäne Virus.Win32.Trojan!IK
C:\Users\Saskia\Documents\LimeWire\Saved\lowenzahn [very good quality].snd Quarantäne Trojan-Downloader.WMA.GetCodec!IK
C:\Users\Saskia\AppData\Local\bkdqdnas.exe Quarantäne Trojan.Win32.Hrup!IK
[3012] C:\Program Files\FunkyEmoticons\FunkyEmoticons.exe Quarantäne AdWare.Adware!IK
Quarantäne
Dateien: 3
Traces: 0
Cookies: 0
|
|
13.09.2010, 23:41
| #4 |
| | Win32.Agent.fbx auf dem Rechner hier ist noch das Ergebnis des hjtscan "Hjscanlist": Code:
ATTFilter $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
º º
hjtscanlist v2.0
º º
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Microsoft Windows [Version 6.0.6001]
C:
13.09.2010 17:36 C:\ProgramData --------- 12288
13.09.2010 17:36 C:\Program Files --------- 32768
13.09.2010 17:10 C:\Windows --------- 40960
C:\hiberfil.sys ---------
C:\pagefile.sys ---------
13.09.2010 17:10 C:\Config.Msi --------- 28672
13.09.2010 17:06 C:\System Volume Information --------- 24576
12.09.2010 19:59 C:\Users --------- 4096
03.12.2008 12:44 C:\MSOffice --------- 4096
23.11.2008 19:48 C:\ARCHITEC --------- 0
08.10.2008 17:02 C:\$Recycle.Bin --------- 0
16.08.2008 15:36 C:\Programme --------- 0
16.08.2008 15:36 C:\Dokumente und Einstellungen --------- 0
06.05.2008 10:15 C:\vcredist_x86.log --------- 425650
22.04.2008 10:45 C:\IO.SYS --------- 0
22.04.2008 10:45 C:\MSDOS.SYS --------- 0
21.04.2008 14:41 C:\MSOCache --------- 0
21.04.2008 09:33 C:\BOOTSECT.BAK --------- 8192
21.04.2008 09:33 C:\Boot --------- 4096
21.04.2008 08:48 C:\Intel --------- 0
21.01.2008 04:32 C:\PerfLogs --------- 0
21.01.2008 04:24 C:\bootmgr --------- 333203
27.12.2007 23:51 C:\VC_RED.MSI --------- 234496
27.12.2007 23:48 C:\VC_RED.cab --------- 1442522
27.12.2007 23:24 C:\eula.1031.txt --------- 15428
07.11.2007 08:03 C:\install.res.1028.dll --------- 76304
07.11.2007 08:03 C:\install.res.1036.dll --------- 97296
07.11.2007 08:03 C:\install.res.1040.dll --------- 95248
07.11.2007 08:03 C:\install.res.1041.dll --------- 81424
07.11.2007 08:03 C:\install.res.1042.dll --------- 79888
07.11.2007 08:03 C:\install.res.2052.dll --------- 75792
07.11.2007 08:03 C:\install.res.3082.dll --------- 96272
07.11.2007 08:03 C:\install.exe --------- 562688
07.11.2007 08:03 C:\install.res.1033.dll --------- 91152
07.11.2007 08:03 C:\install.res.1031.dll --------- 96272
07.11.2007 08:00 C:\eula.1028.txt --------- 17734
07.11.2007 08:00 C:\eula.1033.txt --------- 10134
07.11.2007 08:00 C:\eula.1036.txt --------- 17734
07.11.2007 08:00 C:\globdata.ini --------- 1110
07.11.2007 08:00 C:\eula.3082.txt --------- 17734
07.11.2007 08:00 C:\eula.2052.txt --------- 17734
07.11.2007 08:00 C:\eula.1042.txt --------- 17734
07.11.2007 08:00 C:\eula.1041.txt --------- 118
07.11.2007 08:00 C:\eula.1040.txt --------- 17734
07.11.2007 08:00 C:\vcredist.bmp --------- 5686
07.11.2007 08:00 C:\install.ini --------- 843
02.11.2006 15:02 C:\Documents and Settings --------- 0
18.09.2006 23:43 C:\config.sys --------- 10
18.09.2006 23:43 C:\autoexec.bat --------- 24
----------------------------------------
C:\Windows
13.09.2010 21:32 C:\Windows\WindowsUpdate.log --------- 1861279
13.09.2010 17:10 C:\Windows\bootstat.dat --------- 67584
13.09.2010 17:10 C:\Windows\PFRO.log --------- 138038
16.08.2010 15:42 C:\Windows\cdplayer.ini --------- 215
16.08.2010 13:54 C:\Windows\setupact.log --------- 113032
22.07.2010 18:06 C:\Windows\win.ini --------- 298
24.03.2010 21:43 C:\Windows\MEMORY.DMP --------- 337242340
26.11.2009 01:19 C:\Windows\msxml4-KB973688-enu.LOG --------- 280026
30.09.2009 20:27 C:\Windows\DirectX.log --------- 217537
29.07.2009 10:19 C:\Windows\tsnpstd3.exe --------- 356352
28.07.2009 17:18 C:\Windows\amcap.exe --------- 98304
10.07.2009 13:10 C:\Windows\WLXPGSS.SCR --------- 307568
15.05.2009 17:45 C:\Windows\CISUnins.exe --------- 1680648
15.05.2009 17:45 C:\Windows\CICUnins.exe --------- 1680648
23.01.2009 22:05 C:\Windows\SPInstall.etl --------- 196608
03.12.2008 12:46 C:\Windows\ODBC.INI --------- 400
16.11.2008 16:01 C:\Windows\msxml4-KB954430-enu.LOG --------- 288030
09.11.2008 20:04 C:\Windows\BRPP2KA.INI --------- 27
09.11.2008 20:04 C:\Windows\BRWMARK.INI --------- 425
08.11.2008 19:05 C:\Windows\Brfaxrx.ini --------- 9
08.11.2008 18:14 C:\Windows\brpcfx.ini --------- 93
08.11.2008 18:14 C:\Windows\Brpfx04a.ini --------- 227
29.10.2008 08:29 C:\Windows\explorer.exe --------- 2927104
16.10.2008 16:57 C:\Windows\Irremote.ini --------- 0
22.08.2008 21:31 C:\Windows\DXT5DD8.tmp --------- 0
22.08.2008 21:29 C:\Windows\DXTCD2D.tmp --------- 0
16.08.2008 14:20 C:\Windows\TSSysprep.log --------- 5949
16.08.2008 14:20 C:\Windows\DtcInstall.log --------- 18824
24.06.2008 16:06 C:\Windows\UNNeroMediaHome.exe --------- 972072
06.06.2008 14:54 C:\Windows\UNRecode.exe --------- 972072
13.05.2008 14:19 C:\Windows\KB893803v2.log --------- 2156
12.05.2008 15:45 C:\Windows\NeroDigital.ini --------- 69
06.05.2008 10:11 C:\Windows\dmf.log --------- 177
22.04.2008 10:45 C:\Windows\mgxoschk.ini --------- 6768
22.04.2008 08:27 C:\Windows\msxml4-KB941833-enu.LOG --------- 261250
22.04.2008 08:12 C:\Windows\WISO.INI --------- 381
21.04.2008 15:46 C:\Windows\msxml4-KB936181-enu.LOG --------- 261252
21.04.2008 10:36 C:\Windows\DPINST.LOG --------- 17938
21.04.2008 09:16 C:\Windows\DIFxAPI.dll --------- 319456
21.04.2008 09:16 C:\Windows\HideWin.exe --------- 315392
21.04.2008 09:12 C:\Windows\csup.txt --------- 12
01.04.2008 16:31 C:\Windows\RtHDVCpl.exe --------- 6025216
18.03.2008 15:31 C:\Windows\RTKAUDIOSERVICE.EXE --------- 98304
05.03.2008 18:07 C:\Windows\RtlExUpd.dll --------- 520192
21.01.2008 04:43 C:\Windows\WindowsShell.Manifest --------- 749
21.01.2008 04:24 C:\Windows\regedit.exe --------- 134656
21.01.2008 04:24 C:\Windows\bfsvc.exe --------- 58880
21.01.2008 04:24 C:\Windows\fveupdate.exe --------- 13312
21.01.2008 04:24 C:\Windows\HelpPane.exe --------- 498176
21.01.2008 04:23 C:\Windows\notepad.exe --------- 151040
20.11.2007 18:15 C:\Windows\SkyTel.exe --------- 1826816
14.11.2007 15:18 C:\Windows\USetup.iss --------- 553
07.11.2007 17:31 C:\Windows\RtlUpd.exe --------- 1191936
11.07.2007 16:09 C:\Windows\FixCamera.exe --------- 20480
10.05.2007 13:18 C:\Windows\vsnpstd3.exe --------- 835584
21.03.2007 21:02 C:\Windows\UNNeroVision.exe --------- 972336
20.03.2007 21:22 C:\Windows\UNNeroBackItUp.exe --------- 972336
28.02.2007 16:41 C:\Windows\UNNeroShowTime.exe --------- 972336
02.11.2006 14:52 C:\Windows\setuperr.log --------- 0
02.11.2006 14:47 C:\Windows\SETUPAPI.LOG --------- 94
02.11.2006 14:35 C:\Windows\WMSysPr9.prx --------- 316640
02.11.2006 14:34 C:\Windows\twunk_16.exe --------- 49680
02.11.2006 14:34 C:\Windows\twain_32.dll --------- 50688
02.11.2006 14:34 C:\Windows\twunk_32.exe --------- 31232
02.11.2006 14:34 C:\Windows\twain.dll --------- 94784
02.11.2006 11:45 C:\Windows\winhlp32.exe --------- 9216
02.11.2006 11:45 C:\Windows\hh.exe --------- 14848
02.11.2006 09:46 C:\Windows\mib.bin --------- 43131
26.10.2006 14:08 C:\Windows\agrsmdel.exe --------- 50752
24.10.2006 16:35 C:\Windows\maxlink.ini --------- 31664
19.09.2006 13:41 C:\Windows\HomePremium.xml --------- 8328
18.09.2006 23:46 C:\Windows\system.ini --------- 219
18.09.2006 23:43 C:\Windows\_default.pif --------- 707
18.09.2006 23:43 C:\Windows\winhelp.exe --------- 256192
18.09.2006 23:30 C:\Windows\msdfmap.ini --------- 1405
23.11.2005 13:55 C:\Windows\csnpstd3.dll --------- 53248
15.09.2005 14:35 C:\Windows\UNNeroMediaHome.cfg --------- 50
30.08.2005 21:37 C:\Windows\UNNeroVision.cfg --------- 50
30.08.2005 21:37 C:\Windows\UNNeroShowTime.cfg --------- 50
30.08.2005 21:36 C:\Windows\UNRecode.cfg --------- 50
30.08.2005 21:33 C:\Windows\UNNeroBackItUp.cfg --------- 50
10.12.2004 17:35 C:\Windows\brunin03.dll --------- 147456
27.02.2004 17:36 C:\Windows\snpstd3.ini --------- 15498
27.02.2004 17:36 C:\Windows\snpstd3.src --------- 13023
21.10.1998 18:43 C:\Windows\IsUn0407.exe --------- 328704
28.03.1996 01:00 C:\Windows\TTEMBED.INI --------- 280
28.03.1996 01:00 C:\Windows\MSTXTCNV.INI --------- 586
28.03.1996 01:00 C:\Windows\MSOFFICE.ACL --------- 7500
28.03.1996 01:00 C:\Windows\MSFNTMAP.INI --------- 2041
----------------------------------------
C:\Windows\System
30.11.2008 14:48 C:\Windows\System\Garait.FOT --------- 1409
30.11.2008 14:48 C:\Windows\System\Garabd.FOT --------- 1409
30.11.2008 14:48 C:\Windows\System\Gara.FOT --------- 1409
30.11.2008 14:48 C:\Windows\System\Bookosb.FOT --------- 1409
30.11.2008 14:48 C:\Windows\System\Arialn.FOT --------- 1409
27.09.2007 15:32 C:\Windows\System\ms.ico --------- 34530
27.09.2007 15:17 C:\Windows\System\sm.ico --------- 37041
27.09.2007 15:12 C:\Windows\System\sd.ico --------- 38660
27.09.2007 15:04 C:\Windows\System\cf.ico --------- 37300
02.08.2007 22:32 C:\Windows\System\DriveIcon.dll --------- 5631520
02.11.2006 14:34 C:\Windows\System\mciwave.drv --------- 28160
02.11.2006 14:34 C:\Windows\System\mciseq.drv --------- 25264
02.11.2006 14:34 C:\Windows\System\avicap.dll --------- 69584
02.11.2006 14:34 C:\Windows\System\avifile.dll --------- 109456
02.11.2006 14:34 C:\Windows\System\mciavi.drv --------- 73376
02.11.2006 14:34 C:\Windows\System\msvideo.dll --------- 126912
02.11.2006 09:10 C:\Windows\System\OLESVR.DLL --------- 24064
02.11.2006 09:10 C:\Windows\System\WFWNET.DRV --------- 12704
02.11.2006 09:10 C:\Windows\System\COMMDLG.DLL --------- 32816
02.11.2006 09:10 C:\Windows\System\TIMER.DRV --------- 4048
02.11.2006 09:10 C:\Windows\System\MMSYSTEM.DLL --------- 68992
02.11.2006 09:10 C:\Windows\System\mmtask.tsk --------- 1152
02.11.2006 09:10 C:\Windows\System\mouse.drv --------- 2032
02.11.2006 09:10 C:\Windows\System\vga.drv --------- 2176
02.11.2006 09:10 C:\Windows\System\sound.drv --------- 1744
02.11.2006 09:10 C:\Windows\System\keyboard.drv --------- 2000
02.11.2006 09:10 C:\Windows\System\SHELL.DLL --------- 5120
02.11.2006 09:10 C:\Windows\System\system.drv --------- 3360
18.09.2006 23:43 C:\Windows\System\ver.dll --------- 9008
18.09.2006 23:43 C:\Windows\System\olecli.dll --------- 82944
18.09.2006 23:43 C:\Windows\System\lzexpand.dll --------- 9936
18.09.2006 23:35 C:\Windows\System\stdole.tlb --------- 5532
30.06.2004 16:24 C:\Windows\System\MyMulti.ico --------- 5430
28.03.1996 01:00 C:\Windows\System\Arialn.ttf --------- 62016
28.03.1996 01:00 C:\Windows\System\Ariblk.ttf --------- 47700
28.03.1996 01:00 C:\Windows\System\Impact.ttf --------- 56936
28.03.1996 01:00 C:\Windows\System\Bookosb.ttf --------- 68216
28.03.1996 01:00 C:\Windows\System\Garait.ttf --------- 85608
28.03.1996 01:00 C:\Windows\System\Gara.ttf --------- 81580
28.03.1996 01:00 C:\Windows\System\Garabd.ttf --------- 85436
28.03.1996 01:00 C:\Windows\System\gothic.ttf --------- 61280
17.11.1994 05:50 C:\Windows\System\BWCC.DLL --------- 164928
14.07.1993 10:59 C:\Windows\System\ACCUSOFT.DLL --------- 189860
----------------------------------------
C:\Windows\System32
13.09.2010 23:10 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3616
13.09.2010 23:10 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3616
13.09.2010 17:36 C:\Windows\system32\drivers --------- 65536
08.09.2010 17:47 C:\Windows\system32\perfh009.dat --------- 634400
08.09.2010 17:47 C:\Windows\system32\perfc009.dat --------- 119964
08.09.2010 17:47 C:\Windows\system32\perfh007.dat --------- 674582
08.09.2010 17:47 C:\Windows\system32\perfc007.dat --------- 146234
08.09.2010 17:47 C:\Windows\system32\PerfStringBackup.INI --------- 1568356
01.09.2010 10:18 C:\Windows\system32\catroot2 --------- 40960
26.08.2010 20:03 C:\Windows\system32\javaws.exe --------- 153376
26.08.2010 20:03 C:\Windows\system32\javaw.exe --------- 145184
26.08.2010 20:03 C:\Windows\system32\java.exe --------- 145184
26.08.2010 20:03 C:\Windows\system32\deployJava1.dll --------- 423656
13.08.2010 15:08 C:\Windows\system32\FNTCACHE.DAT --------- 382424
13.08.2010 12:47 C:\Windows\system32\catroot --------- 4096
12.08.2010 06:07 C:\Windows\system32\VXBLOCK.dll --------- 100848
03.08.2010 20:09 C:\Windows\system32\mrt.exe --------- 35962312
26.07.2010 18:55 C:\Windows\system32\shell32.dll --------- 11581440
22.07.2010 17:53 C:\Windows\system32\Tasks --------- 4096
28.06.2010 18:17 C:\Windows\system32\wininet.dll --------- 833024
28.06.2010 18:17 C:\Windows\system32\urlmon.dll --------- 1174528
28.06.2010 18:15 C:\Windows\system32\occache.dll --------- 146432
28.06.2010 18:14 C:\Windows\system32\mstime.dll --------- 671232
28.06.2010 18:14 C:\Windows\system32\mshtmled.dll --------- 476672
28.06.2010 18:14 C:\Windows\system32\mshtml.dll --------- 3586560
28.06.2010 18:14 C:\Windows\system32\msfeeds.dll --------- 458240
28.06.2010 18:13 C:\Windows\system32\jsproxy.dll --------- 28160
28.06.2010 18:13 C:\Windows\system32\iertutil.dll --------- 270848
28.06.2010 18:13 C:\Windows\system32\iepeers.dll --------- 193024
28.06.2010 18:13 C:\Windows\system32\ieframe.dll --------- 6069248
28.06.2010 18:13 C:\Windows\system32\ieencode.dll --------- 78336
28.06.2010 18:13 C:\Windows\system32\iedkcs32.dll --------- 389120
28.06.2010 18:13 C:\Windows\system32\ieapfltr.dll --------- 380928
28.06.2010 18:13 C:\Windows\system32\ieaksie.dll --------- 230400
28.06.2010 16:51 C:\Windows\system32\html.iec --------- 389632
28.06.2010 16:32 C:\Windows\system32\mshtml.tlb --------- 1383424
26.06.2010 14:46 C:\Windows\system32\de-DE --------- 262144
26.06.2010 14:42 C:\Windows\system32\en-US --------- 4096
21.06.2010 15:18 C:\Windows\system32\win32k.sys --------- 2036736
18.06.2010 18:43 C:\Windows\system32\rtutils.dll --------- 36352
11.06.2010 17:31 C:\Windows\system32\schannel.dll --------- 274432
11.06.2010 17:30 C:\Windows\system32\msxml3.dll --------- 1257472
10.06.2010 16:40 C:\Windows\system32\wbem --------- 65536
08.06.2010 19:00 C:\Windows\system32\ntkrnlpa.exe --------- 3598216
08.06.2010 19:00 C:\Windows\system32\ntoskrnl.exe --------- 3545992
27.05.2010 21:16 C:\Windows\system32\iccvid.dll --------- 81920
26.05.2010 18:16 C:\Windows\system32\atmlib.dll --------- 34304
26.05.2010 16:25 C:\Windows\system32\atmfd.dll --------- 289792
04.05.2010 18:53 C:\Windows\system32\ieUnatt.exe --------- 26624
04.05.2010 13:17 C:\Windows\system32\vsnpstd3.dll --------- 61440
27.04.2010 00:04 C:\Windows\system32\DivXControlPanelApplet.cpl --------- 353592
23.04.2010 15:55 C:\Windows\system32\tzres.dll --------- 2048
16.04.2010 18:10 C:\Windows\system32\quartz.dll --------- 1314816
16.04.2010 18:05 C:\Windows\system32\Apphlpdm.dll --------- 28672
16.04.2010 16:17 C:\Windows\system32\GameUXLegacyGDFs.dll --------- 4240384
14.04.2010 19:47 C:\Windows\system32\psisdecd.dll --------- 293376
14.04.2010 19:47 C:\Windows\system32\psisrndr.ax --------- 217088
14.04.2010 19:46 C:\Windows\system32\EncDec.dll --------- 428544
14.04.2010 19:46 C:\Windows\system32\MSNP.ax --------- 80896
14.04.2010 19:45 C:\Windows\system32\mpg2splt.ax --------- 177664
11.04.2010 11:33 C:\Windows\system32\KGyGaAvL.sys --------- 4182
10.04.2010 23:10 C:\Windows\system32\016B735842.sys --------- 88
05.04.2010 18:07 C:\Windows\system32\asycfilt.dll --------- 67072
18.03.2010 13:16 C:\Windows\system32\msvcr100_clr0400.dll --------- 771424
10.03.2010 21:29 C:\Windows\system32\dpl100.dll --------- 94208
04.03.2010 20:54 C:\Windows\system32\vbscript.dll --------- 430080
21.02.2010 01:39 C:\Windows\system32\nshhttp.dll --------- 24064
21.02.2010 01:37 C:\Windows\system32\httpapi.dll --------- 31232
19.02.2010 21:27 C:\Windows\system32\DivX.dll --------- 720384
19.02.2010 21:27 C:\Windows\system32\divx_xx16.dll --------- 843776
19.02.2010 21:27 C:\Windows\system32\divx_xx11.dll --------- 839680
19.02.2010 21:27 C:\Windows\system32\divx_xx0c.dll --------- 856064
19.02.2010 21:27 C:\Windows\system32\divx_xx0a.dll --------- 847872
19.02.2010 21:27 C:\Windows\system32\divx_xx07.dll --------- 856064
18.02.2010 16:11 C:\Windows\system32\iphlpsvc.dll --------- 190464
12.02.2010 12:48 C:\Windows\system32\browserchoice.exe --------- 293376
29.01.2010 18:21 C:\Windows\system32\inetcomm.dll --------- 738304
25.01.2010 14:48 C:\Windows\system32\secproc_ssp_isv.dll --------- 151040
25.01.2010 14:48 C:\Windows\system32\secproc_ssp.dll --------- 151040
25.01.2010 14:48 C:\Windows\system32\secproc_isv.dll --------- 472576
25.01.2010 14:48 C:\Windows\system32\secproc.dll --------- 472064
25.01.2010 14:45 C:\Windows\system32\msdrm.dll --------- 329216
25.01.2010 10:35 C:\Windows\system32\RMActivate_ssp_isv.exe --------- 346624
25.01.2010 10:35 C:\Windows\system32\RMActivate_isv.exe --------- 523776
25.01.2010 10:34 C:\Windows\system32\RMActivate_ssp.exe --------- 347136
25.01.2010 10:34 C:\Windows\system32\RMActivate.exe --------- 511488
21.01.2010 17:59 C:\Windows\system32\l3codeca.acm --------- 62464
15.01.2010 02:04 C:\Windows\system32\cabview.dll --------- 98304
28.12.2009 14:35 C:\Windows\system32\tsbyuv.dll --------- 11776
28.12.2009 14:32 C:\Windows\system32\msyuv.dll --------- 22528
28.12.2009 14:32 C:\Windows\system32\msvidc32.dll --------- 31744
28.12.2009 14:32 C:\Windows\system32\msvfw32.dll --------- 123904
28.12.2009 14:32 C:\Windows\system32\msrle32.dll --------- 13312
28.12.2009 14:31 C:\Windows\system32\mciavi32.dll --------- 82944
28.12.2009 14:31 C:\Windows\system32\iyuv_32.dll --------- 50176
28.12.2009 14:28 C:\Windows\system32\avifil32.dll --------- 91136
28.12.2009 14:28 C:\Windows\system32\avicap32.dll --------- 65024
23.12.2009 14:43 C:\Windows\system32\wintrust.dll --------- 171520
08.11.2009 10:55 C:\Windows\system32\netfxperf.dll --------- 49472
08.11.2009 10:55 C:\Windows\system32\PresentationHost.exe --------- 295264
----------------------------------------
C:\Windows\Prefetch
----------------------------------------
C:\Windows\Tasks
13.09.2010 23:57 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3582155803-2563737378-4168501966-1003UA.job --------- 1122
13.09.2010 23:57 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3582155803-2563737378-4168501966-1003Core.job --------- 1070
13.09.2010 23:36 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job --------- 1096
13.09.2010 22:49 C:\Windows\Tasks\User_Feed_Synchronization-{0A874C5B-778F-4863-AAB3-007E5A1B8F95}.job --------- 420
13.09.2010 21:36 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 1092
13.09.2010 17:10 C:\Windows\Tasks\SA.DAT --------- 6
13.09.2010 17:09 C:\Windows\Tasks\SCHEDLGU.TXT --------- 32534
----------------------------------------
C:\Windows\Temp
----------------------------------------
C:\Users\Saskia\AppData\Local\Temp
14.09.2010 00:22 C:\Users\Saskia\AppData\Local\Temp\Rar$DI07.402 --------- 0
14.09.2010 00:15 C:\Users\Saskia\AppData\Local\Temp\LastScan.txt --------- 32048
14.09.2010 00:05 C:\Users\Saskia\AppData\Local\Temp\restart.a2s --------- 519
13.09.2010 21:41 C:\Users\Saskia\AppData\Local\Temp\div7E62.tmp --------- 0
13.09.2010 21:22 C:\Users\Saskia\AppData\Local\Temp\a2temp --------- 0
13.09.2010 21:22 C:\Users\Saskia\AppData\Local\Temp\rules.ini --------- 150
13.09.2010 20:41 C:\Users\Saskia\AppData\Local\Temp\hsperfdata_Saskia --------- 0
13.09.2010 20:41 C:\Users\Saskia\AppData\Local\Temp\jusched.log --------- 2253
13.09.2010 20:41 C:\Users\Saskia\AppData\Local\Temp\AUCHECK_CORE.txt --------- 302
13.09.2010 20:41 C:\Users\Saskia\AppData\Local\Temp\AUCHECK_PARSER.txt --------- 74
13.09.2010 20:35 C:\Users\Saskia\AppData\Local\Temp\Low --------- 0
13.09.2010 17:41 C:\Users\Saskia\AppData\Local\Temp\Rar$DI00.424 --------- 0
13.09.2010 17:37 C:\Users\Saskia\AppData\Local\Temp\Saskia.bmp --------- 31832
13.09.2010 17:28 C:\Users\Saskia\AppData\Local\Temp\10b29c.msi --------- 1402880
13.09.2010 17:13 C:\Users\Saskia\AppData\Local\Temp\F601.tmp --------- 311760
13.09.2010 17:12 C:\Users\Saskia\AppData\Local\Temp\WPDNSE --------- 0
13.09.2010 17:12 C:\Users\Saskia\AppData\Local\Temp\~DF5B98.tmp --------- 311350
13.09.2010 17:12 C:\Users\Saskia\AppData\Local\Temp\JET6B30.tmp --------- 0
13.09.2010 17:10 C:\Users\Saskia\AppData\Local\Temp\osCheck Vista Migration 2010-09-13 17h10m44s.log --------- 526
13.09.2010 17:07 C:\Users\Saskia\AppData\Local\Temp\MSIdd2aa.LOG --------- 362086
13.09.2010 17:04 C:\Users\Saskia\AppData\Local\Temp\Google Toolbar --------- 0
13.09.2010 17:00 C:\Users\Saskia\AppData\Local\Temp\E3F8.tmp --------- 311760
13.09.2010 16:58 C:\Users\Saskia\AppData\Local\Temp\TFR5A04.tmp --------- 10225
13.09.2010 16:57 C:\Users\Saskia\AppData\Local\Temp\~DF7F74.tmp --------- 147456
13.09.2010 16:20 C:\Users\Saskia\AppData\Local\Temp\~DF1E6.tmp --------- 311350
13.09.2010 16:19 C:\Users\Saskia\AppData\Local\Temp\MessengerCache --------- 0
13.09.2010 16:19 C:\Users\Saskia\AppData\Local\Temp\wmplog01.sqm --------- 1328
13.09.2010 16:18 C:\Users\Saskia\AppData\Local\Temp\~DF65D1.tmp --------- 311350
13.09.2010 16:17 C:\Users\Saskia\AppData\Local\Temp\divE3C9.tmp --------- 0
13.09.2010 16:17 C:\Users\Saskia\AppData\Local\Temp\wmplog00.sqm --------- 1272
13.09.2010 16:17 C:\Users\Saskia\AppData\Local\Temp\osCheck Vista Migration 2010-09-13 16h17m08s.log --------- 526
13.09.2010 10:59 C:\Users\Saskia\AppData\Local\Temp\dfupdate.ini --------- 687
13.09.2010 10:59 C:\Users\Saskia\AppData\Local\Temp\~DFE831.tmp --------- 311350
13.09.2010 10:58 C:\Users\Saskia\AppData\Local\Temp\divB7E9.tmp --------- 0
13.09.2010 10:57 C:\Users\Saskia\AppData\Local\Temp\osCheck Vista Migration 2010-09-13 10h57m09s.log --------- 526
12.09.2010 22:54 C:\Users\Saskia\AppData\Local\Temp\plugtmp --------- 0
12.09.2010 20:05 C:\Users\Saskia\AppData\Local\Temp\~DFAB05.tmp --------- 98304
12.09.2010 20:00 C:\Users\Saskia\AppData\Local\Temp\divF066.tmp --------- 0
12.09.2010 20:00 C:\Users\Saskia\AppData\Local\Temp\divD557.tmp --------- 0
12.09.2010 20:00 C:\Users\Saskia\AppData\Local\Temp\divC4F3.tmp --------- 0
12.09.2010 20:00 C:\Users\Saskia\AppData\Local\Temp\div9ECD.tmp --------- 0
12.09.2010 20:00 C:\Users\Saskia\AppData\Local\Temp\div2B63.tmp --------- 0
12.09.2010 20:00 C:\Users\Saskia\AppData\Local\Temp\div17D3.tmp --------- 0
12.09.2010 18:58 C:\Users\Saskia\AppData\Local\Temp\fontconfig --------- 0
12.09.2010 18:50 C:\Users\Saskia\AppData\Local\Temp\nro.log --------- 0
10.09.2010 21:28 C:\Users\Saskia\AppData\Local\Temp\divD335.tmp --------- 0
01.06.2010 20:49 C:\Users\Saskia\AppData\Local\Temp\Leitfaden zur Studienlaufbahnbegleitung Hauptfase 1.doc --------- 276992
09.05.2010 12:21 C:\Users\Saskia\AppData\Local\Temp\THEMA 2.5 Abschnitt 3.doc --------- 54272
09.05.2010 12:04 C:\Users\Saskia\AppData\Local\Temp\THEMA 2.5 Abschnitt 2-2.doc --------- 47104
23.04.2010 21:32 C:\Users\Saskia\AppData\Local\Temp\Bewerbung Educon_Nico.docx --------- 14307
12.02.2010 12:23 C:\Users\Saskia\AppData\Local\Temp\Ablauf Block 3 der Gruppe TC 08-1.docx --------- 19471
04.02.2010 21:42 C:\Users\Saskia\AppData\Local\Temp\Ablauf Block 3 der Gruppe TC 08.docx --------- 23887
04.02.2010 20:46 C:\Users\Saskia\AppData\Local\Temp\Peerscore.doc --------- 58368
05.01.2010 07:56 C:\Users\Saskia\AppData\Local\Temp\SSUPDATE.EXE --------- 158960
04.12.2009 11:02 C:\Users\Saskia\AppData\Local\Temp\Observationsanalyse97.doc --------- 194048
03.12.2009 20:04 C:\Users\Saskia\AppData\Local\Temp\Liebe.doc --------- 24576
19.11.2009 18:52 C:\Users\Saskia\AppData\Local\Temp\THEMA 2.5 Abschnitt 2.doc --------- 41984
19.11.2009 18:47 C:\Users\Saskia\AppData\Local\Temp\Protokoll 13.11.09.doc --------- 80896
19.11.2009 18:31 C:\Users\Saskia\AppData\Local\Temp\PEP97(2).doc --------- 166912
07.11.2009 12:35 C:\Users\Saskia\AppData\Local\Temp\FitnessStudio 01.doc --------- 10240
05.11.2009 12:45 C:\Users\Saskia\AppData\Local\Temp\Kontoinformationen-1.doc --------- 25088
05.11.2009 12:42 C:\Users\Saskia\AppData\Local\Temp\Wer_Was_warum_.doc --------- 129536
05.11.2009 12:42 C:\Users\Saskia\AppData\Local\Temp\Kontoinformationen.doc --------- 25088
05.11.2009 12:40 C:\Users\Saskia\AppData\Local\Temp\Workshopangebote.doc --------- 117248
04.11.2009 17:19 C:\Users\Saskia\AppData\Local\Temp\Reflektionsbericht.doc --------- 104960
03.11.2009 17:26 C:\Users\Saskia\AppData\Local\Temp\Feedbackformulare Fertigkeitenlinie 2.1.doc --------- 83968
15.10.2009 01:26 C:\Users\Saskia\AppData\Local\Temp\4grundlegendenSichtweisen-1.doc --------- 22016
10.10.2009 13:48 C:\Users\Saskia\AppData\Local\Temp\Feedbackformulare zu Prfungen und Auftr„gen des Integralen Auftrages.doc --------- 92160
10.10.2009 10:53 C:\Users\Saskia\AppData\Local\Temp\VB KV 2009 (RKJ DAK).pdf --------- 100537
01.10.2009 18:18 C:\Users\Saskia\AppData\Local\Temp\Protokoll 2. Woche Block 1-1.doc --------- 20992
01.10.2009 18:15 C:\Users\Saskia\AppData\Local\Temp\tanzpr„sentation.doc --------- 63488
22.09.2009 21:39 C:\Users\Saskia\AppData\Local\Temp\2. Protokoll Tanzm„use 18.09.09 w3.doc --------- 27136
22.09.2009 21:38 C:\Users\Saskia\AppData\Local\Temp\Protokoll 2. Woche Block 1.doc --------- 20992
22.09.2009 21:35 C:\Users\Saskia\AppData\Local\Temp\Workshops Dialogisieren_Einteilung R„ume und Dozenten.doc --------- 50176
17.09.2009 20:10 C:\Users\Saskia\AppData\Local\Temp\Wahlformular WS Woche 4 KU.doc --------- 29184
13.09.2009 16:54 C:\Users\Saskia\AppData\Local\Temp\Moderne_Taenze.doc --------- 53760
13.09.2009 16:52 C:\Users\Saskia\AppData\Local\Temp\Formular Lernstoff einer Tanzstunde.doc --------- 53760
13.09.2009 12:12 C:\Users\Saskia\AppData\Local\Temp\4grundlegendenSichtweisen.doc --------- 22016
12.09.2009 15:36 C:\Users\Saskia\AppData\Local\Temp\Wahlformular-1.doc --------- 29184
06.09.2009 12:54 C:\Users\Saskia\AppData\Local\Temp\Literaturliste Hauptphase 1-1.xls --------- 79872
04.09.2009 06:19 C:\Users\Saskia\AppData\Local\Temp\CIJFERS_STUD.html --------- 130768
02.09.2009 17:37 C:\Users\Saskia\AppData\Local\Temp\Literaturliste Hauptphase 1.xls --------- 79872
31.08.2009 18:08 C:\Users\Saskia\AppData\Local\Temp\3.4 Studentenhandleiding HAN-Scholar deel 2-DUITS-def.doc --------- 881152
31.08.2009 18:04 C:\Users\Saskia\AppData\Local\Temp\3.3 Studentenhandleiding HAN-Scholar deel 1-DUITS-def.doc --------- 528896
31.08.2009 17:18 C:\Users\Saskia\AppData\Local\Temp\Studienauftrag_Arbeiten mit Scholar_09_10_a.doc --------- 37376
13.08.2009 14:48 C:\Users\Saskia\AppData\Local\Temp\madagasc.dzp --------- 1002458
13.08.2009 14:47 C:\Users\Saskia\AppData\Local\Temp\Haert.dzp --------- 195351
13.08.2009 14:47 C:\Users\Saskia\AppData\Local\Temp\Uuups.dzp --------- 362390
13.08.2009 14:46 C:\Users\Saskia\AppData\Local\Temp\flies.dzp --------- 803203
13.08.2009 14:46 C:\Users\Saskia\AppData\Local\Temp\??.dzp --------- 112816
13.08.2009 14:44 C:\Users\Saskia\AppData\Local\Temp\Jumping Gloria.dzp --------- 369105
28.07.2009 16:20 C:\Users\Saskia\AppData\Local\Temp\M380546.pdf --------- 8298
28.07.2009 11:51 C:\Users\Saskia\AppData\Local\Temp\Zeugnis_Neumann, Nico-2.doc --------- 35840
27.07.2009 22:24 C:\Users\Saskia\AppData\Local\Temp\Zeugnis_Neumann, Nico-1.doc --------- 35840
27.07.2009 21:08 C:\Users\Saskia\AppData\Local\Temp\Zeugnis_Neumann, Nico.doc --------- 35840
27.07.2009 16:33 C:\Users\Saskia\AppData\Local\Temp\R0906491776446388.pdf --------- 58771
10.02.2009 19:41 C:\Users\Saskia\AppData\Local\Temp\History --------- 0
10.02.2009 19:41 C:\Users\Saskia\AppData\Local\Temp\Temporary Internet Files --------- 0
21.01.2009 19:41 C:\Users\Saskia\AppData\Local\Temp\DRAMA fr Pr„sentation.doc --------- 23040
08.11.2008 19:05 C:\Users\Saskia\AppData\Local\Temp\{332A21BB-A29C-43AC-A4BA-E60B61579367} --------- 0
27.02.2008 14:06 C:\Users\Saskia\AppData\Local\Temp\SysConfig.dat --------- 870
26.02.2008 19:28 C:\Users\Saskia\AppData\Local\Temp\ResetDevice.exe --------- 6144
26.02.2008 19:28 C:\Users\Saskia\AppData\Local\Temp\DataCard_Setup.exe --------- 110592
08.05.2007 10:11 C:\Users\Saskia\AppData\Local\Temp\SETC8CA.tmp --------- 7239184
08.05.2007 10:11 C:\Users\Saskia\AppData\Local\Temp\SETD664.tmp --------- 7239184
25.05.2006 04:10 C:\Users\Saskia\AppData\Local\Temp\_is9260.exe --------- 455600
18.08.2004 10:34 C:\Users\Saskia\AppData\Local\Temp\VP6.reg --------- 340
18.08.2004 10:34 C:\Users\Saskia\AppData\Local\Temp\VP6Install.exe --------- 23040
18.08.2004 10:34 C:\Users\Saskia\AppData\Local\Temp\VP6VFW.dll --------- 442368
18.08.2004 10:33 C:\Users\Saskia\AppData\Local\Temp\First15.exe --------- 1453843
18.08.2004 10:33 C:\Users\Saskia\AppData\Local\Temp\Sims2Logo.jpg --------- 32295
18.08.2004 10:33 C:\Users\Saskia\AppData\Local\Temp\external.txt --------- 7178
13.02.2004 12:42 C:\Users\Saskia\AppData\Local\Temp\mpegc.dll --------- 56832
----------------------------------------
C:\Program Files
14.09.2010 00:15 C:\Program Files\FunkyEmoticons --------- 4096
13.09.2010 21:22 C:\Program Files\Emsisoft Anti-Malware --------- 12288
13.09.2010 17:36 C:\Program Files\Malwarebytes' Anti-Malware --------- 4096
13.09.2010 17:10 C:\Program Files\Spybot - Search & Destroy --------- 4096
13.09.2010 17:03 C:\Program Files\SweetIM --------- 0
12.09.2010 21:01 C:\Program Files\SUPERAntiSpyware --------- 4096
12.09.2010 21:00 C:\Program Files\Common Files --------- 8192
12.09.2010 18:47 C:\Program Files\DAEMON Tools Toolbar --------- 4096
12.09.2010 18:46 C:\Program Files\CDBurnerXP --------- 0
12.09.2010 18:42 C:\Program Files\audiograbber --------- 8192
08.09.2010 16:36 C:\Program Files\Microsoft Silverlight --------- 8192
30.08.2010 21:15 C:\Program Files\DivX --------- 8192
26.08.2010 20:03 C:\Program Files\Java --------- 4096
13.08.2010 15:07 C:\Program Files\Internet Explorer --------- 4096
13.08.2010 15:07 C:\Program Files\Movie Maker --------- 4096
13.08.2010 12:50 C:\Program Files\Microsoft Works --------- 24576
13.08.2010 12:46 C:\Program Files\Windows Mail --------- 4096
03.08.2010 20:38 C:\Program Files\Mozilla Firefox --------- 40960
22.07.2010 18:06 C:\Program Files\InstallShield Installation Information --------- 8192
22.07.2010 17:53 C:\Program Files\Skype --------- 0
26.06.2010 14:42 C:\Program Files\Microsoft.NET --------- 0
12.06.2010 12:30 C:\Program Files\GPLGS --------- 49152
12.06.2010 12:30 C:\Program Files\Acro Software --------- 0
12.04.2010 22:03 C:\Program Files\Electronic Arts --------- 0
03.04.2010 15:47 C:\Program Files\Microsoft WSE --------- 0
06.03.2010 23:09 C:\Program Files\GIMP-2.0 --------- 0
06.03.2010 21:25 C:\Program Files\Google --------- 4096
31.01.2010 18:04 C:\Program Files\EA GAMES --------- 0
30.01.2010 15:27 C:\Program Files\WinRAR --------- 8192
16.11.2009 12:29 C:\Program Files\Core Design --------- 4096
14.11.2009 16:07 C:\Program Files\Vodafone --------- 0
09.11.2009 22:23 C:\Program Files\dm --------- 0
08.11.2009 14:18 C:\Program Files\dm Digi Foto --------- 65536
28.10.2009 21:38 C:\Program Files\Lula 3D --------- 4096
28.10.2009 17:45 C:\Program Files\Mobile Partner --------- 24576
28.10.2009 11:38 C:\Program Files\Windows Media Player --------- 4096
30.09.2009 20:28 C:\Program Files\Windows Live --------- 4096
30.09.2009 20:26 C:\Program Files\Microsoft SQL Server Compact Edition --------- 0
30.09.2009 20:23 C:\Program Files\Microsoft --------- 0
19.09.2009 23:11 C:\Program Files\iTunes --------- 4096
19.09.2009 23:10 C:\Program Files\iPod --------- 0
19.09.2009 23:08 C:\Program Files\Bonjour --------- 0
19.09.2009 23:08 C:\Program Files\QuickTime --------- 4096
29.08.2009 13:33 C:\Program Files\Easy MP3 Cutter --------- 8192
29.08.2009 13:21 C:\Program Files\Audacity --------- 0
19.08.2009 17:12 C:\Program Files\Free MSN Emoticons Pack 2 --------- 4096
12.08.2009 22:10 C:\Program Files\Sweet Home 3D --------- 4096
19.06.2009 15:25 C:\Program Files\Windows Live SkyDrive --------- 0
19.06.2009 15:06 C:\Program Files\HomeCinema --------- 0
19.06.2009 15:06 C:\Program Files\Cyberlink --------- 0
09.06.2009 22:58 C:\Program Files\Norton 360 Online --------- 12288
03.06.2009 20:41 C:\Program Files\Symantec --------- 0
25.05.2009 20:09 C:\Program Files\T-Online --------- 0
08.05.2009 15:00 C:\Program Files\SecureW2 --------- 0
07.05.2009 15:31 C:\Program Files\Adobe --------- 0
14.04.2009 19:12 C:\Program Files\AviSynth 2.5 --------- 0
14.04.2009 19:11 C:\Program Files\eRightSoft --------- 0
14.04.2009 18:43 C:\Program Files\DVDVideoSoft --------- 0
14.03.2009 12:02 C:\Program Files\Real --------- 0
18.01.2009 21:06 C:\Program Files\Sim File Maid 2 --------- 4096
13.01.2009 18:12 C:\Program Files\Apple Software Update --------- 4096
13.11.2008 02:04 C:\Program Files\Sony Ericsson --------- 0
08.11.2008 19:05 C:\Program Files\Brother --------- 0
08.11.2008 18:09 C:\Program Files\Nuance --------- 0
08.11.2008 18:08 C:\Program Files\ScanSoft --------- 0
28.10.2008 13:15 C:\Program Files\Ahead --------- 4096
25.10.2008 14:56 C:\Program Files\directx --------- 0
12.10.2008 17:12 C:\Program Files\DAEMON Tools Lite --------- 4096
08.10.2008 19:57 C:\Program Files\Tobit ClipInc --------- 4096
17.08.2008 17:34 C:\Program Files\EASY Flash Player --------- 4096
16.08.2008 15:36 C:\Program Files\Windows NT --------- 4096
16.08.2008 15:36 C:\Program Files\Gemeinsame Dateien --------- 0
20.05.2008 13:29 C:\Program Files\Launch Manager --------- 4096
13.05.2008 14:29 C:\Program Files\GoogleEULA --------- 4096
13.05.2008 09:01 C:\Program Files\Ulead Systems --------- 0
06.05.2008 10:16 C:\Program Files\InterVideo --------- 0
06.05.2008 10:13 C:\Program Files\Corel --------- 0
06.05.2008 10:10 C:\Program Files\Windows Media-Komponenten --------- 0
22.04.2008 10:45 C:\Program Files\Aldi Sued Fotoservice --------- 4096
22.04.2008 10:45 C:\Program Files\ALDI Online Druck Service (Sued) --------- 0
22.04.2008 10:45 C:\Program Files\ALDI Sued Foto Service --------- 4096
22.04.2008 08:42 C:\Program Files\Windows Sidebar --------- 4096
22.04.2008 08:37 C:\Program Files\Medion --------- 0
22.04.2008 08:30 C:\Program Files\Sceneo --------- 0
22.04.2008 08:12 C:\Program Files\Buhl --------- 0
22.04.2008 08:11 C:\Program Files\Letstrade --------- 4096
22.04.2008 08:11 C:\Program Files\DataDesign --------- 0
21.04.2008 15:46 C:\Program Files\MSXML 4.0 --------- 0
21.04.2008 15:06 C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites --------- 8192
21.04.2008 14:43 C:\Program Files\Microsoft Office --------- 4096
21.04.2008 10:43 C:\Program Files\NeroInstall.bak --------- 0
21.04.2008 10:40 C:\Program Files\Nero --------- 0
21.04.2008 09:36 C:\Program Files\RALINK --------- 0
21.04.2008 09:32 C:\Program Files\Synaptics --------- 0
21.04.2008 09:30 C:\Program Files\Realtek --------- 0
21.04.2008 09:29 C:\Program Files\Silicon Image --------- 0
21.04.2008 08:54 C:\Program Files\Intel --------- 0
21.01.2008 04:43 C:\Program Files\desktop.ini --------- 174
21.01.2008 04:35 C:\Program Files\Windows Calendar --------- 0
21.01.2008 04:35 C:\Program Files\Windows Collaboration --------- 4096
21.01.2008 04:35 C:\Program Files\Windows Journal --------- 4096
21.01.2008 04:35 C:\Program Files\Windows Photo Gallery --------- 4096
21.01.2008 04:35 C:\Program Files\Windows Defender --------- 4096
02.11.2006 15:01 C:\Program Files\Uninstall Information --------- 0
02.11.2006 14:37 C:\Program Files\Microsoft Games --------- 4096
02.11.2006 14:37 C:\Program Files\MSBuild --------- 0
02.11.2006 14:37 C:\Program Files\Reference Assemblies --------- 0
----------------------------------------
C:\ProgramData\..
Saskia
Public
Default
desktop.ini
Default User
All Users
----------------------------------------
C:\Windows\system32\drivers\etc\hosts
85.214.119.72 www.google.de
85.214.119.72 google.de
----------------------------------------
Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process 0 Services 0 24 K
System 4 Services 0 1.752 K
smss.exe 528 Services 0 552 K
csrss.exe 608 Services 0 4.548 K
wininit.exe 652 Services 0 3.412 K
csrss.exe 664 Console 1 12.816 K
services.exe 696 Services 0 6.508 K
lsass.exe 712 Services 0 1.548 K
lsm.exe 720 Services 0 3.704 K
winlogon.exe 792 Console 1 4.624 K
svchost.exe 908 Services 0 5.920 K
svchost.exe 968 Services 0 7.096 K
svchost.exe 1100 Services 0 10.056 K
svchost.exe 1156 Services 0 118.272 K
svchost.exe 1168 Services 0 23.048 K
audiodg.exe 1256 Services 0 14.520 K
SLsvc.exe 1288 Services 0 3.868 K
svchost.exe 1340 Services 0 9.056 K
svchost.exe 1480 Services 0 12.072 K
spoolsv.exe 1744 Services 0 7.736 K
CCSVCHST.EXE 1768 Services 0 8.412 K
svchost.exe 1884 Services 0 10.756 K
dwm.exe 1636 Console 1 40.636 K
explorer.exe 1688 Console 1 51.204 K
AppleMobileDeviceService. 2028 Services 0 3.260 K
taskeng.exe 552 Console 1 9.992 K
mDNSResponder.exe 2060 Services 0 3.880 K
ClipInc-Server.exe 2100 Services 0 8.584 K
IAAnotif.exe 2164 Console 1 4.916 K
igfxtray.exe 2224 Console 1 4.104 K
hkcmd.exe 2288 Console 1 4.664 K
igfxpers.exe 2300 Console 1 3.888 K
RtHDVCpl.exe 2340 Console 1 5.860 K
igfxsrvc.exe 2348 Console 1 5.032 K
SynTPStart.exe 2356 Console 1 4.820 K
LaunchAp.exe 2368 Console 1 4.488 K
HotkeyApp.exe 2388 Console 1 6.384 K
DFInject.exe 2412 Services 0 2.424 K
OSD.exe 2424 Console 1 4.384 K
WButton.exe 2436 Console 1 5.604 K
ServiceController.exe 2488 Services 0 5.504 K
taskeng.exe 2584 Services 0 5.544 K
pptd40nt.exe 2660 Console 1 3.892 K
realsched.exe 2736 Console 1 220 K
CCSVCHST.EXE 2828 Console 1 3.696 K
iTunesHelper.exe 3116 Console 1 6.904 K
MobileConnect.exe 3128 Console 1 17.980 K
IAANTmon.exe 3328 Services 0 4.764 K
Defender.exe 3384 Console 1 3.904 K
FixCamera.exe 3392 Console 1 4.600 K
vsnpstd3.exe 3400 Console 1 4.612 K
tsnpstd3.exe 3408 Console 1 4.224 K
jusched.exe 3416 Console 1 3.288 K
GCS.exe 3424 Services 0 16.032 K
DivXUpdate.exe 3440 Console 1 13.764 K
sidebar.exe 3452 Console 1 28.228 K
ehtray.exe 3476 Console 1 1.780 K
ehmsas.exe 3496 Console 1 3.540 K
ClipIncTray.exe 3508 Console 1 6.428 K
daemon.exe 3520 Console 1 10.616 K
p2phost.exe 3528 Console 1 8.552 K
msnmsgr.exe 3536 Console 1 15.072 K
GoogleToolbarNotifier.exe 3556 Console 1 1.076 K
wmpnscfg.exe 3564 Console 1 4.480 K
Skype.exe 3608 Console 1 16.952 K
SUPERAntiSpyware.exe 3616 Console 1 684 K
ONENOTEM.EXE 3632 Console 1 1.488 K
iviRegMgr.exe 1216 Services 0 2.864 K
IoctlSvc.exe 2532 Services 0 2.564 K
svchost.exe 2716 Services 0 4.012 K
PSIService.exe 2720 Services 0 2.856 K
pvrservice.exe 2776 Services 0 5.672 K
svchost.exe 1400 Services 0 5.412 K
ULCDRSvr.exe 1996 Services 0 2.232 K
svchost.exe 2864 Services 0 2.512 K
SearchIndexer.exe 2596 Services 0 15.584 K
VMCService.exe 1620 Services 0 10.624 K
WUDFHost.exe 3084 Services 0 5.092 K
mobsync.exe 4020 Console 1 5.348 K
AluSchedulerSvc.exe 4100 Services 0 376 K
WmiPrvSE.exe 4420 Services 0 7.268 K
SynTPEnh.exe 4592 Console 1 5.036 K
wmpnetwk.exe 5096 Services 0 8.068 K
WisLMSvc.exe 4580 Services 0 4.564 K
WmiPrvSE.exe 4976 Services 0 5.560 K
conime.exe 4248 Console 1 88 K
iPodService.exe 3288 Services 0 4.492 K
ieuser.exe 5356 Console 1 18.448 K
FlashUtil10i_ActiveX.exe 3180 Console 1 5.564 K
wuauclt.exe 5104 Console 1 5.904 K
a2service.exe 5764 Services 0 39.456 K
symlcsvc.exe 4924 Services 0 224 K
msiexec.exe 5756 Console 1 8.592 K
msiexec.exe 4428 Services 0 4.068 K
WinRAR.exe 320 Console 1 18.060 K
conime.exe 4916 Console 1 4.192 K
a2guard.exe 4984 Console 1 1.228 K
wlcomm.exe 7112 Console 1 24.548 K
cmd.exe 6876 Console 1 4.428 K
tasklist.exe 6020 Console 1 5.892 K
***** Ende des Scans 14.09.2010 um 0:23:52,84 ***
Ich habe die bedrohlichen Dateien jetzt erstmal in Quarantäne gestellt. Soll ich die jetzt löschen oder noch behalten? Danke schonmal im Voraus Kia |
|
14.09.2010, 18:15
| #5 |
| | Win32.Agent.fbx auf dem Rechner Und nun noch meine installierten Programme "CCleaner" Bericht: Code:
ATTFilter 531-W-D Silicon Image 20.04.2008 1,18MB 1.5.18 Activation Assistant for the 2007 Microsoft Office suites Microsoft Corporation 15.08.2008 13,5MB Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 14.08.2010 10.1.82.76 Adobe Flash Player 10 Plugin Adobe Systems Incorporated 11.07.2010 10.1.53.64 Adobe Reader 8.1.3 - Deutsch Adobe Systems Incorporated 06.05.2009 99,8MB 8.1.3 Adobe Shockwave Player 11 Adobe Systems, Inc. 15.08.2008 7,18MB 11 Agere Systems HDA Modem Agere Systems 20.04.2008 ALDI Foto Manager Free Sued MAGIX AG 21.04.2008 51,7MB 3.4.0.466 ALDI Online Druck Service (Sued) 15.08.2008 8,10MB ALDI Sued Foto Service MAGIX AG 21.04.2008 57,2MB 1.12.0.93 Aldi Süd Fotoservice 15.08.2008 41,8MB Apple Application Support Apple Inc. 18.09.2009 32,2MB 1.0 Apple Mobile Device Support Apple Inc. 18.09.2009 40,4MB 2.6.0.32 Apple Software Update Apple Inc. 12.01.2009 2,16MB 2.1.1.116 Bonjour Apple Inc. 18.09.2009 0,49MB 1.0.106 CCleaner Piriform 13.09.2010 2,95MB 2.35 Compatibility Pack für 2007 Office System Microsoft Corporation 12.08.2010 12.0.6425.1000 Corel MediaOne Corel Corporation 05.05.2008 164,5MB 2.00.0000 Corel Paint Shop Pro Photo X2 Corel Corporation 05.05.2008 347,7MB 12.001.0000 CutePDF Writer 2.8 11.06.2010 0,30MB CyberLink YouCam CyberLink Corp. 18.06.2009 73,8MB 2.0.2604 Die Sims 2 30.01.2010 2.807,7MB Die Sims™ 2 Apartment-Leben Electronic Arts 30.01.2010 1.241,7MB DivX Converter DivX, Inc. 29.08.2010 30,4MB 7.0.0 DivX Plus DirectShow Filters DivX, Inc. 29.08.2010 1,22MB DivX-Setup DivX, Inc. 29.08.2010 2,27MB 2.0.0.86 dm Digi Foto Imaxel Lab S.L 07.11.2009 124,6MB 2.0.1.3 dm Fotowelt 14.11.2009 201,2MB dm-Fotowelt 27.07.2010 407,4MB EASY Flash Player 1.4 16.08.2008 0,94MB Easy MP3 Cutter 2.9 ManiacTools.com 28.08.2009 2,75MB Emsisoft Anti-Malware 5.0 Emsi Software GmbH 12.09.2010 127,3MB 5.0 Favorit 18.08.2009 Firebird SQL Server - MAGIX Edition MAGIX AG 21.04.2008 6,57MB 2.0.1.8 Free MSN Emoticons Pack 2 Free-Winks.org 18.08.2009 1,46MB Free Video to Mp3 Converter version 3.1 DVDVideoSoft Limited. 13.04.2009 2,36MB Free YouTube to Mp3 Converter version 3.1 DVDVideoSoft Limited. 29.03.2009 2,20MB GIMP 2.6.8 05.03.2010 98,6MB Google Gears Google 05.03.2010 9,05MB 0.5.3600 Google Talk Plugin Google 13.07.2010 7,65MB 1.3.1.0 Google Toolbar for Internet Explorer Google Inc. 13.07.2010 12,0MB Intel(R) Graphics Media Accelerator Driver Intel Corporation 15.08.2008 Intel(R) Matrix Storage Manager 15.08.2008 3,77MB InterVideo WinDVD 8 InterVideo Inc. 05.05.2008 94,8MB 8.0-B9.385 iTunes Apple Inc. 18.09.2009 132,6MB 9.0.0.70 Java(TM) 6 Update 21 Oracle 25.08.2010 94,9MB 6.0.210 Java(TM) 6 Update 5 Sun Microsystems, Inc. 20.04.2008 140,9MB 1.6.0.50 Launch Manager V1.4.9 Wistron Corp. 20.04.2008 1,02MB 1.4.9 Letstrade Buhl Data Service 21.04.2008 26,0MB 1.00.0000 LiveUpdate (Symantec Corporation) Symantec Corporation 24.05.2009 10,5MB 3.4.1.234 Malwarebytes' Anti-Malware Malwarebytes Corporation 12.09.2010 3,90MB MEDION Fotos auf CD Sued MAGIX AG 21.04.2008 649,7MB 6.0.2.0 MEDIONbox Medion 21.04.2008 27,0MB 1.09.0000.00052 Microsoft .NET Framework 1.1 21.04.2008 Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 10.08.2009 37,0MB Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 08.08.2009 37,0MB Microsoft .NET Framework 4 Client Profile Microsoft Corporation 25.06.2010 120,3MB 4.0.30319 Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 25.06.2010 24,5MB 4.0.30319 Microsoft Office Home and Student 2007 Microsoft Corporation 08.02.2010 299,6MB 12.0.6425.1000 Microsoft Office PowerPoint Viewer 2007 (German) Microsoft Corporation 09.06.2010 12.0.6425.1000 Microsoft Office XP Professional mit FrontPage Microsoft Corporation 02.12.2008 232,9MB 10.0.2701.0 Microsoft Silverlight Microsoft Corporation 07.09.2010 4.0.50826.0 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 29.09.2009 1,74MB 3.1.0000 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 01.08.2009 0,25MB 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 05.05.2008 2,38MB 8.0.56336 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 01.08.2009 0,19MB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 21.04.2008 2,06MB 9.0.21022 Microsoft Works Microsoft Corporation 12.08.2010 9.7.0621 Microsoft WSE 3.0 Runtime Microsoft Corp. 02.04.2010 0,92MB 3.0.5305.0 Mobile Partner Huawei Technologies Co.,Ltd 27.10.2009 14,4MB 11.002.03.07.40 Mozilla Firefox (3.6.8) Mozilla 02.08.2010 34,5MB 3.6.8 (de) MSXML 4.0 SP2 (KB936181) Microsoft Corporation 20.04.2008 1,27MB 4.20.9848.0 MSXML 4.0 SP2 (KB941833) Microsoft Corporation 21.04.2008 1,27MB 4.20.9849.0 MSXML 4.0 SP2 (KB954430) Microsoft Corporation 15.11.2008 1,28MB 4.20.9870.0 MSXML 4.0 SP2 (KB973688) Microsoft Corporation 25.11.2009 1,34MB 4.20.9876.0 Nero 8 Essentials Nero AG 15.10.2008 1.825,4MB 8.3.312 Nero OEM 27.10.2008 49,3MB Norton 360 Online (Symantec Corporation) Symantec Corporation 24.05.2009 64,6MB 2.0.0.242 PaperPort Image Printer Nuance Communications, Inc. 07.11.2008 0,38MB 1.00.0000 QuickTime Apple Inc. 18.09.2009 76,5MB 7.64.17.73 Ralink Wireless LAN RaLink 20.04.2008 1,85MB 1.00.0000 RealPlayer RealNetworks 13.03.2009 45,3MB Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista Realtek 20.04.2008 0,66MB 1.00.0000 Realtek High Definition Audio Driver Realtek Semiconductor Corp. 20.04.2008 17,1MB 6.0.1.5595 Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 20.04.2008 2,97MB ScanSoft PaperPort 11 Nuance Communications, Inc. 07.11.2008 129,0MB 11.1.0000 Sceneo AbsolutTV 15.08.2008 6,53MB SecureW2 EAP Suite 1.0.6 for Windows 07.05.2009 60,00KB Sim File Maid 2 1.0.2 Matthew Keller 17.01.2009 0,67MB 1.0.2 Skype Toolbars Skype Technologies S.A. 21.07.2010 5,25MB 1.0.4051 Skype™ 4.2 Skype Technologies S.A. 21.07.2010 31,8MB 4.2.169 Sony Ericsson Themes Creator 3.29 Sony Ericsson Mobile Communications AB 12.11.2008 16,3MB 3.29 SPEEDLINK Reflect2 Camera Sonix 21.07.2010 3,64MB 5.18.1213.006 Spelling Dictionaries Support For Adobe Reader 8 Adobe Systems 06.05.2009 32,5MB 8.0.0 SUPER © Version 2009.bld.36 (June 10, 2009) eRightSoft 26.08.2009 37,2MB Version 2009.bld.36 (June 10, 2009) SUPERAntiSpyware Free Edition SUPERAntiSpyware.com 11.09.2010 28,8MB 4.33.0.1000 Sweet Home 3D version 2.0 eTeks 11.08.2009 167,3MB Synaptics Pointing Device Driver Synaptics 20.04.2008 13,6MB 10.0.14.0 T-Home Dialerschutz-Software 22.04.2010 1,00MB Tobit.Software clipinc.fx Tobit.Software 27.05.2009 3.425,8MB Tomb Raider Level Editor 21.08.2008 4,00KB Ulead DVD MovieFactory 5 Ulead Systems, Inc. 15.08.2008 164,5MB 5.3 Ulead PhotoImpact 12 Ulead System 15.08.2008 389,2MB 12.0 Uninstall 1.0.0.1 13.04.2009 15,3MB Vodafone Mobile Connect Lite Vodafone 13.11.2009 23,8MB 9.3.3.10523 Windows Live Anmelde-Assistent Microsoft Corporation 18.06.2009 1,93MB 5.000.818.5 Windows Live Essentials Microsoft Corporation 29.09.2009 44,0MB 14.0.8089.0726 Windows Live Sync Microsoft Corporation 29.09.2009 2,79MB 14.0.8089.726 Windows Live-Uploadtool Microsoft Corporation 18.06.2009 0,22MB 14.0.8014.1029 Windows Media Player Firefox Plugin Microsoft Corp 29.03.2009 0,29MB 1.0.0.8 WinRAR 28.03.2009 3,73MB WISO Mein Geld 2008 Professional Buhl Data Service GmbH 21.04.2008 167,5MB 9.00.01.0023  |
|
14.09.2010, 19:31
| #6 |
| /// Helfer-Team | Win32.Agent.fbx auf dem Rechner 1. Um dein System flotter machen, kannst Du es von unnötigen Aufgaben befreien... unter Start->Programme-> Zubehör-> Systemprogramme-> geplante Tasks (Anleitung-> Ändern geplanter Tasks in Windows XP und dort einfach löschen: Code:
ATTFilter C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3582155803-2563737378-4168501966-1003UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3582155803-2563737378-4168501966-1003Core.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
Die alte Java-Versionen verbleiben auf dem PC...aus Sicherheitsgründen müssen entfernt werden,auch in Zukunft darauf achten! also die alten Einträge bitte deinstallieren/entfernen `Systemsteuerung → Software → Ändern/Entfernen...` Code:
ATTFilter Java(TM) 6 Update 5
den Java-Cache leeren - wie unter Punkt 7. u. 8. beschrieben *klick über Systemsteuerung -> Java... 4. Adobe Reader aktualisieren : Adobe Reader Oder: Adobe starten-> gehe auf "Hilfe"-> "Nach Update suchen..." 5. - Lade dir RSIT - http://filepony.de/download-rsit/: - an einen Ort deiner Wahl und führe die rsit.exe aus - wird "Hijackthis" auch von RSIT installiert und ausgeführt - RSIT erstellt 2 Logfiles (C:\rsit\log.txt und C:\rsit\info.txt) mit erweiterten Infos von deinem System - diese beide bitte komplett hier posten |
|
14.09.2010, 22:50
| #7 |
| | Win32.Agent.fbx auf dem Rechner info.txt [code] info.txtRSIT Logfile: Code:
ATTFilter logfile of random's system information tool 1.08 2010-09-14 23:35:20
======Uninstall list======
-->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}
-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
-->C:\ProgramData\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{87616DD3-61A7-46FB-8AE3-927D5BC4D268}\setup.exe" -l0x7
3531-W-D-->MsiExec.exe /X{BD1587F7-B8D0-4111-8F1F-3327628AB02F}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin
Adobe Reader 8.2.0 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A82000000003}
Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log
Agere Systems HDA Modem-->agrsmdel
ALDI Foto Manager Free Sued-->C:\Program Files\ALDI Sued Foto Service\ALDI_Foto_Manager_Free\instslct.exe /p
ALDI Online Druck Service (Sued)-->C:\PROGRA~1\ALDION~1\ALDI_ODS\UNWISE.EXE C:\PROGRA~1\ALDION~1\ALDI_ODS\INSTALL.LOG
ALDI Sued Foto Service-->C:\Program Files\ALDI Sued Foto Service\ALDI_Foto_Service\instslct.exe /p
Aldi Süd Fotoservice-->"C:\Program Files\Aldi Sued Fotoservice\unins000.exe"
AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Backup-->MsiExec.exe /I{24DF7221-644B-4C3A-A478-459502D40522}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
ccCommon-->MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Compatibility Pack für 2007 Office System-->MsiExec.exe /X{90120000-0020-0407-0000-0000000FF1CE}
Corel MediaOne-->MsiExec.exe /I{A062A15F-9CAC-4B88-98DF-87628A0BD721}
Corel Paint Shop Pro Photo X2-->MsiExec.exe /X{64E72FB1-2343-4977-B4A8-262CD53D0BD3}
CutePDF Writer 2.8-->C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall
Die Sims 2-->C:\Program Files\EA GAMES\Die Sims 2\EAUninstall.exe
Die Sims™ 2 Apartment-Leben-->C:\Program Files\EA GAMES\Die Sims 2 Apartment-Leben\EAUninstall.exe
DivX Converter-->C:\ProgramData\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER
DivX Plus DirectShow Filters-->C:\ProgramData\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe /DSFILTERS
DivX-Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
dm Digi Foto-->C:\Program Files\dm Digi Foto\uninst.exe
dm Fotowelt-->"C:\Program Files\dm\dm Fotowelt\uninstall.exe"
dm-Fotowelt-->"C:\Program Files\dm\dm Fotowelt\uninstall.exe"
EASY Flash Player 1.4-->"C:\Program Files\EASY Flash Player\unins000.exe"
Easy MP3 Cutter 2.9-->"C:\Program Files\Easy MP3 Cutter\unins000.exe"
Emsisoft Anti-Malware 5.0-->"C:\Program Files\Emsisoft Anti-Malware\unins000.exe"
Favorit-->c:\users\saskia\appdata\local\ullbiaf.bat
Firebird SQL Server - MAGIX Edition-->C:\Program Files\ALDI Sued Foto Service\Common\Database\instslct.exe /p
Free MSN Emoticons Pack 2-->"C:\Program Files\Free MSN Emoticons Pack 2\unins000.exe"
Free Video to Mp3 Converter version 3.1-->"C:\Program Files\DVDVideoSoft\Free Video to Mp3 Converter\unins000.exe"
Free YouTube to Mp3 Converter version 3.1-->"C:\Program Files\DVDVideoSoft\Free YouTube to Mp3 Converter\unins000.exe"
GearDrvs-->MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23}
GearDrvs-->MsiExec.exe /I{CB84F0F2-927B-458D-9DC5-87832E3DC653}
GIMP 2.6.8-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Gears-->MsiExec.exe /I{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}
Google Talk Plugin-->MsiExec.exe /I{26B878A8-5704-3B64-BDBC-4F0EACA38121}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_223E2B8E7BAD9544.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Intel(R) Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
InterVideo WinDVD 8-->C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp
iTunes-->MsiExec.exe /I{EC2A8F27-4FBF-4E41-B27B-FE822511B761}
Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216021FF}
Launch Manager V1.4.9-->C:\Program Files\InstallShield Installation Information\{D0846526-66DD-4DC9-A02C-98F9A2806812}\setup.exe -runfromtemp -l0x0007 -removeonly
Letstrade-->MsiExec.exe /X{E0091C29-DEE8-4B24-BF65-8C35B5940D77}
LiveUpdate (Symantec Corporation)-->MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\ProgramData\LuUninstall.LiveUpdate"
LiveUpdate (Symantec Corporation)-->MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MEDION Fotos auf CD Sued-->C:\Program Files\ALDI Sued Foto Service\Medion_Fotos_auf_CD_6\instslct.exe /p
Medion Media Center 0-->C:\Program Files\InstallShield Installation Information\{23CE4550-F67C-4114-88DF-FE923BC13E7F}\setup.exe -runfromtemp -l0x0007 -removeonly
MEDIONbox-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{27FDF949-69CE-435A-8372-339F72336AC5}\setup.exe" -l0x7 -removeonly
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile DEU Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1031 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile DEU Language Pack-->MsiExec.exe /X{F750C986-5310-3A5A-95F8-4EC71C8AC01C}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (German)-->MsiExec.exe /X{95120000-00AF-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Office XP Professional mit FrontPage-->MsiExec.exe /I{90280407-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{09298F26-A95C-31E2-9D95-2C60F586F075}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Works-->MsiExec.exe /I{39D0E034-1042-4905-BECB-5502909FCB7C}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Mobile Partner-->C:\Program Files\Mobile Partner\uninst.exe
Mozilla Firefox (3.6.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 8 Essentials-->MsiExec.exe /X{D6C9AF27-9414-46C8-B9D8-D878BA041031}
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Norton 360 HTMLHelp-->MsiExec.exe /I{0BDD3FAD-61CD-4BF3-B9C4-4CEFD43F53F8}
Norton 360 Online (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_2_0_0_242\Setup.exe" /X
Norton 360-->MsiExec.exe /I{21829177-4DED-4209-AD08-490B3AC9C01A}
Norton 360-->MsiExec.exe /I{2D617065-1C52-4240-B5BC-C0AE12157777}
Norton 360-->MsiExec.exe /I{40DA9A54-48CA-4A2C-AEAF-F67715BB046E}
Norton 360-->MsiExec.exe /I{F413B69D-4AD6-42AB-AEA5-0548989FAD50}
Norton Confidential Core-->MsiExec.exe /I{55A6283C-638A-4EE0-B491-51118554BDA2}
PaperPort Image Printer-->MsiExec.exe /X{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Ralink Wireless LAN-->C:\Program Files\InstallShield Installation Information\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}\setup.exe -runfromtemp -l0x0009 -removeonly
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0007 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Realtek USB 2.0 Card Reader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe" -l0x9 -removeonly
ScanSoft PaperPort 11-->MsiExec.exe /I{B6C89654-A6A2-477C-873B-724EC1C56407}
Sceneo AbsolutTV-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}\Setup.exe" -NoUpdate
SecureW2 EAP Suite 1.0.6 for Windows-->C:\Program Files\SecureW2\Uninstall.exe
Security Update for 2007 Microsoft Office System (KB2277947)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5857EE21-03D0-482E-9620-5A30B314A2AE}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}
Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2251419)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7E9103DA-253F-41FF-9E83-7C83806C77DA}
Sim File Maid 2 1.0.2-->C:\Program Files\Sim File Maid 2\uninst.exe
Skype Toolbars-->MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A}
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Sony Ericsson Themes Creator 3.29-->C:\Program Files\Sony Ericsson\Themes Creator\Uninstall.exe
SPBBC 32bit-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
SPEEDLINK Reflect2 Camera-->C:\Program Files\InstallShield Installation Information\{ECD03DA7-5952-406A-8156-5F0C93618D1F}\setup.exe -runfromtemp -l0x0007 -removeonly
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
SUPER © Version 2009.bld.36 (June 10, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Sweet Home 3D version 2.0-->"C:\Program Files\Sweet Home 3D\unins000.exe"
Symantec Real Time Storage Protection Component-->MsiExec.exe /I{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}
Symantec Technical Support Controls-->MsiExec.exe /I{45690715-80A6-4445-B61D-ADEC5888E8CD}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
T-Home Dialerschutz-Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E8C5BD56-F5D8-41D3-8A71-273468FE256A}\Setup.exe" -l0x7
Tobit.Software clipinc.fx-->C:\Windows\CISUnins.exe "C:\Program Files\Tobit ClipInc\Server\CISUnins.inf"
Tomb Raider Level Editor-->C:\Windows\IsUn0407.exe -f"C:\Program Files\Core Design\trle\Uninst.isu"
Ulead DVD MovieFactory 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF164702-AF8B-4F2F-8038-74A4C536866B}\setup.exe" -l0x7
Ulead PhotoImpact 12-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11AFE21E-B193-430D-B57A-DFF7815BB962}\setup.exe" -l0x7
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Vodafone Mobile Connect Lite-->MsiExec.exe /X{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}
Windows Live Anmelde-Assistent-->MsiExec.exe /I{52B97218-98CB-4B8B-9283-D213C85E1AA4}
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}
Windows Live Fotogalerie-->MsiExec.exe /X{2BA722D1-48D1-406E-9123-8AE5431D63EF}
Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB}
Windows Live Sync-->MsiExec.exe /X{76618402-179D-4699-A66B-D351C59436BC}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
WISO Mein Geld 2008 Professional-->MsiExec.exe /I{D8D22773-14BF-4178-A683-3DBA515C2A26}
======Hosts File======
85.214.119.72 www.google.de
85.214.119.72 google.de
======Security center information======
AS: Windows Defender
AS: SUPERAntiSpyware
======System event log======
Computer Name: Saskia-PC
Event Code: 10029
Message: DCOM hat den Dienst swprv mit den Argumenten "" gestartet, um den Server auszuführen:
{65EE1DBA-8FF4-4A58-AC1C-3470EE2F376A}
Record Number: 233854
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20100914212637.000000-000
Event Type: Informationen
User:
Computer Name: Saskia-PC
Event Code: 7036
Message: Dienst "Microsoft-Softwareschattenkopie-Anbieter" befindet sich jetzt im Status "Ausgeführt".
Record Number: 233855
Source Name: Service Control Manager
Time Written: 20100914212637.000000-000
Event Type: Informationen
User:
Computer Name: Saskia-PC
Event Code: 7036
Message: Dienst "Volumeschattenkopie" befindet sich jetzt im Status "Beendet".
Record Number: 233856
Source Name: Service Control Manager
Time Written: 20100914213056.000000-000
Event Type: Informationen
User:
Computer Name: Saskia-PC
Event Code: 7036
Message: Dienst "Windows Modules Installer" befindet sich jetzt im Status "Beendet".
Record Number: 233857
Source Name: Service Control Manager
Time Written: 20100914213344.000000-000
Event Type: Informationen
User:
Computer Name: Saskia-PC
Event Code: 7036
Message: Dienst "Microsoft-Softwareschattenkopie-Anbieter" befindet sich jetzt im Status "Beendet".
Record Number: 233858
Source Name: Service Control Manager
Time Written: 20100914213356.000000-000
Event Type: Informationen
User:
=====Application event log=====
Computer Name: Saskia-PC
Event Code: 8194
Message: Der Wiederherstellungspunkt wurde erfolgreich erstellt (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = ).
Record Number: 157500
Source Name: System Restore
Time Written: 20100914212938.000000-000
Event Type: Informationen
User:
Computer Name: Saskia-PC
Event Code: 11724
Message: Produkt: Java(TM) 6 Update 5 -- Das Entfernen wurde abgeschlossen.
Record Number: 157501
Source Name: MsiInstaller
Time Written: 20100914212938.000000-000
Event Type: Informationen
User: Saskia-PC\Saskia
Computer Name: Saskia-PC
Event Code: 1034
Message: Das Produkt wurde durch Windows Installer deinstalliert. Produktname: Java(TM) 6 Update 5. Produktversion: 1.6.0.50. Produktsprache: 1031. Erfolg- bzw. Fehlerstatus der Deinstallation: 0.
Record Number: 157502
Source Name: MsiInstaller
Time Written: 20100914212938.000000-000
Event Type: Informationen
User: Saskia-PC\Saskia
Computer Name: Saskia-PC
Event Code: 10001
Message: Sitzung wird beendet: 1. 2010-09-14T21:28:52.424Z wird gestartet.
Record Number: 157503
Source Name: Microsoft-Windows-RestartManager
Time Written: 20100914212938.776200-000
Event Type: Informationen
User: Saskia-PC\Saskia
Computer Name: Saskia-PC
Event Code: 8224
Message: Der VSS-Dienst wird aufgrund eines Leerlaufzeitlimits heruntergefahren.
Record Number: 157504
Source Name: VSS
Time Written: 20100914213054.000000-000
Event Type: Informationen
User:
=====Security event log=====
Computer Name: Saskia-PC
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.
Dateiname: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 69636
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100914213502.298200-000
Event Type: Überwachung gescheitert
User:
Computer Name: Saskia-PC
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.
Dateiname: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 69637
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100914213502.547200-000
Event Type: Überwachung gescheitert
User:
Computer Name: Saskia-PC
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.
Dateiname: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 69638
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100914213502.997200-000
Event Type: Überwachung gescheitert
User:
Computer Name: Saskia-PC
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.
Dateiname: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 69639
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100914213503.370200-000
Event Type: Überwachung gescheitert
User:
Computer Name: Saskia-PC
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.
Dateiname: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 69640
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100914213504.002200-000
Event Type: Überwachung gescheitert
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\Common Files\DivX Shared\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
-----------------EOF-----------------
log.txt [code] RSIT Logfile: Code:
ATTFilter Logfile of random's system information tool 1.08 (written by random/random) Run by Saskia at 2010-09-14 23:34:23 Microsoft® Windows Vista™ Home Premium Service Pack 1 System drive C: has 104 GB (49%) free of 212 GB Total RAM: 3062 MB (44% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:35:06, on 14.09.2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18498) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\RtHDVCpl.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\OSD.exe C:\Program Files\Launch Manager\WButton.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe C:\Windows\FixCamera.exe C:\Windows\vsnpstd3.exe C:\Windows\tsnpstd3.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Tobit ClipInc\Player\ClipIncTray.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Windows\System32\p2phost.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\ehome\ehmsas.exe C:\Windows\System32\mobsync.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\Saskia\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Windows\system32\wuauclt.exe C:\Users\Saskia\Downloads\RSIT.exe C:\Program Files\trend micro\Saskia.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: 85.214.119.72 www.google.de O1 - Hosts: 85.214.119.72 google.de O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe" O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe" O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe" O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360 Online\osCheck.exe" O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\\HomeCinema\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent O4 - HKLM\..\Run: [T-Home Dialerschutz-Software] "C:\Program Files\T-Online\Dialerschutz-Software\Defender.exe" O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [ClipIncSrvTray] "C:\Program Files\Tobit ClipInc\Player\ClipIncTray.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [Google Update] "C:\Users\Saskia\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Microsoft Office.lnk = C:\MSOffice\Office10\OSA.EXE O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\MSOFFICE\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll O9 - Extra 'Tools' menuitem: &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll O9 - Extra button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 (file missing) O9 - Extra 'Tools' menuitem: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 (file missing) O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-15/4 (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-15/4 (file missing) (HKCU) O16 - DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatisches LiveUpdate - Scheduler (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: ClipInc 001 (ClipInc001) - Unknown owner - C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: T-Home Dialerschutz Dienst (DFSVC) - T-Systems International GmbH - C:\Program Files\T-Online\Dialerschutz-Software\DFInject.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\ALDI Sued Foto Service\Common\Database\bin\fbserver.exe O23 - Service: GnabService - Empolis GmbH - c:\program files\common files\gnab\service\servicecontroller.exe O23 - Service: Google Update Service (gupdate1c9cdafc0fd0cb0) (gupdate1c9cdafc0fd0cb0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Sceneo PVR Service (srvcPVR) - Buhl Data Service GmbH - C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe -- End of file - 14874 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3582155803-2563737378-4168501966-1003Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3582155803-2563737378-4168501966-1003UA.job C:\Windows\tasks\User_Feed_Synchronization-{0A874C5B-778F-4863-AAB3-007E5A1B8F95}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll [2009-03-31 357744] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Symantec Intrusion Prevention - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll [2009-05-25 116088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2010-08-26 325408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-07-07 814648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-26 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}] Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll [2010-02-23 2121728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Show Norton Toolbar - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll [2009-03-31 357744] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-10-03 178712] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-04-01 141848] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-04-01 166424] "Persistence"=C:\Windows\system32\igfxpers.exe [2008-04-01 133656] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-01 6025216] "SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-08-31 102400] "LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2007-09-01 32768] "HotkeyApp"=C:\Program Files\Launch Manager\HotkeyApp.exe [2007-09-06 188416] "CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe [] "LMgrOSD"=C:\Program Files\Launch Manager\OSD.exe [2006-12-26 180224] "Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2007-09-07 86016] "toolbar_eula_launcher"=C:\Program Files\GoogleEULA\EULALauncher.exe [2007-02-09 16896] "NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe [2004-02-13 155648] "SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472] "PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-01-29 30248] "IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-01-29 46632] "PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-02-01 255528] "TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-03-14 198160] "ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2008-10-17 51048] "osCheck"=C:\Program Files\Norton 360 Online\osCheck.exe [2008-02-27 988512] "UCam_Menu"=C:\Program Files\\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe [2008-12-03 218408] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-08 305440] "MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2008-07-04 2072576] "T-Home Dialerschutz-Software"=C:\Program Files\T-Online\Dialerschutz-Software\Defender.exe [2010-03-29 1411720] "FixCamera"=C:\Windows\FixCamera.exe [2007-07-11 20480] "snpstd3"=C:\Windows\vsnpstd3.exe [2007-05-10 835584] "tsnpstd3"=C:\Windows\tsnpstd3.exe [2009-07-29 356352] "DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-08-20 1164584] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952] "ClipIncSrvTray"=C:\Program Files\Tobit ClipInc\Player\ClipIncTray.exe [2009-03-16 668424] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952] "CollaborationHost"=C:\Windows\system32\p2phost.exe [2008-01-21 192000] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-31 39408] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240] "EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent [] "Google Update"=C:\Users\Saskia\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-17 136176] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168] "SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-01-05 2002160] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Microsoft Office.lnk - C:\MSOffice\Office10\OSA.EXE C:\Users\Saskia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2008-03-25 204800] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=149 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======List of files/folders created in the last 1 months====== 2010-09-14 23:34:26 ----D---- C:\Program Files\trend micro 2010-09-14 23:34:23 ----D---- C:\rsit 2010-09-14 19:04:16 ----D---- C:\Program Files\CCleaner 2010-09-13 17:36:25 ----D---- C:\Users\Saskia\AppData\Roaming\Malwarebytes 2010-09-13 17:36:14 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys 2010-09-13 17:36:13 ----D---- C:\ProgramData\Malwarebytes 2010-09-13 17:36:12 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-09-13 17:36:12 ----A---- C:\Windows\system32\drivers\mbam.sys 2010-09-13 17:16:52 ----D---- C:\Program Files\Emsisoft Anti-Malware 2010-09-12 21:02:04 ----D---- C:\ProgramData\SUPERAntiSpyware.com 2010-09-12 21:01:28 ----D---- C:\Users\Saskia\AppData\Roaming\SUPERAntiSpyware.com 2010-09-12 21:01:28 ----D---- C:\Program Files\SUPERAntiSpyware 2010-09-12 21:00:18 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2010-09-12 19:20:59 ----D---- C:\Users\Saskia\AppData\Roaming\FunkyEmoticons 2010-09-12 18:31:35 ----D---- C:\ProgramData\Spybot - Search & Destroy 2010-09-12 18:31:35 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-09-05 16:04:29 ----SHD---- C:\Config.Msi 2010-09-01 16:41:45 ----D---- C:\ProgramData\ashampoo 2010-09-01 16:24:43 ----D---- C:\Users\Saskia\AppData\Roaming\Canneverbe Limited 2010-09-01 16:24:43 ----D---- C:\ProgramData\Canneverbe Limited 2010-09-01 16:24:26 ----D---- C:\Program Files\CDBurnerXP 2010-08-30 21:07:15 ----D---- C:\ProgramData\DivX 2010-08-26 20:04:57 ----D---- C:\ProgramData\Sun 2010-08-26 20:04:09 ----A---- C:\Windows\system32\deployJava1.dll 2010-08-26 20:04:08 ----A---- C:\Windows\system32\javaws.exe 2010-08-26 20:04:08 ----A---- C:\Windows\system32\javaw.exe 2010-08-26 20:04:08 ----A---- C:\Windows\system32\java.exe 2010-08-16 15:28:02 ----A---- C:\Windows\cdplayer.ini 2010-08-16 14:06:40 ----D---- C:\Program Files\audiograbber 2010-08-16 14:06:13 ----D---- C:\Windows\uninstall ======List of files/folders modified in the last 1 months====== 2010-09-14 23:34:29 ----D---- C:\Windows\Temp 2010-09-14 23:34:26 ----D---- C:\Program Files 2010-09-14 23:29:38 ----SHD---- C:\Windows\Installer 2010-09-14 23:29:26 ----D---- C:\Program Files\Common Files\Java 2010-09-14 23:29:12 ----D---- C:\Windows\System32 2010-09-14 23:26:52 ----SHD---- C:\System Volume Information 2010-09-14 23:24:41 ----D---- C:\Program Files\Common Files\Adobe 2010-09-14 23:24:33 ----D---- C:\ProgramData\Adobe 2010-09-14 23:24:16 ----D---- C:\Program Files\Adobe 2010-09-14 23:23:45 ----D---- C:\Windows\winsxs 2010-09-14 23:23:11 ----D---- C:\Windows\Prefetch 2010-09-14 22:44:42 ----D---- C:\Users\Saskia\AppData\Roaming\Skype 2010-09-14 22:43:14 ----D---- C:\Windows 2010-09-14 19:10:41 ----D---- C:\Program Files\Lula 3D 2010-09-14 16:22:24 ----D---- C:\Users\Saskia\AppData\Roaming\skypePM 2010-09-14 00:15:05 ----D---- C:\Program Files\FunkyEmoticons 2010-09-13 17:36:14 ----D---- C:\Windows\system32\drivers 2010-09-13 17:36:13 ----D---- C:\ProgramData 2010-09-13 17:03:57 ----D---- C:\Program Files\SweetIM 2010-09-12 21:00:18 ----D---- C:\Program Files\Common Files 2010-09-12 19:59:29 ----RD---- C:\Users 2010-09-12 18:47:23 ----D---- C:\Program Files\DAEMON Tools Toolbar 2010-09-12 18:43:33 ----AD---- C:\ProgramData\Temp 2010-09-08 17:47:23 ----D---- C:\Windows\inf 2010-09-08 17:47:23 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-09-08 16:36:20 ----D---- C:\Program Files\Microsoft Silverlight 2010-09-01 16:42:30 ----D---- C:\Users\Saskia\AppData\Roaming\Ashampoo 2010-09-01 10:18:00 ----D---- C:\Windows\system32\catroot2 2010-08-31 20:59:22 ----D---- C:\Users\Saskia\AppData\Roaming\DivX 2010-08-30 21:15:22 ----D---- C:\Program Files\DivX 2010-08-30 21:15:18 ----D---- C:\Program Files\Common Files\DivX Shared 2010-08-26 20:03:39 ----D---- C:\Program Files\Java ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-09-29 308248] R0 Si3531;SiI-3531 SATA Controller; C:\Windows\system32\DRIVERS\Si3531.sys [2007-06-01 210736] R0 SiFilter;SATALink driver accelerator; C:\Windows\system32\DRIVERS\SiWinAcc.sys [2007-05-25 17328] R0 SiRemFil;SATALink External Device Filter; C:\Windows\system32\DRIVERS\SiRemFil.sys [2007-05-25 12464] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-10-12 717296] R1 a2injectiondriver;a2injectiondriver; \??\C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys [2010-09-13 41816] R1 a2util;a-squared Malware-IDS utility driver; \??\C:\Program Files\Emsisoft Anti-Malware\a2util32.sys [2010-05-05 11776] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-05-26 371248] R1 Hotkey;Hotkey; C:\Windows\system32\drivers\Hotkey.sys [2003-04-28 9867] R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20100908.001\IDSvix86.sys [2010-06-23 281648] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-01-05 9968] R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2010-01-05 74480] R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2009-03-17 447024] R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2008-02-01 43696] R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-02-19 24112] R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2009-02-19 184496] R2 CO_Mon;CO_Mon; \??\C:\Windows\system32\drivers\CO_Mon.sys [2007-08-09 36056] R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 11032] R3 a2acc;a2acc; \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [2010-09-13 71008] R3 COH_Mon;COH_Mon; \??\C:\Windows\system32\Drivers\COH_Mon.sys [2008-07-30 23888] R3 DFSYS;T-Home Dialerschutz Hooking Treiber; \??\C:\Program Files\T-Online\Dialerschutz-Software\DFSYS.SYS [2009-10-15 14624] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-05-26 102448] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-03-25 2307072] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-01 2113624] R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20100914.016\NAVENG.SYS [2010-07-13 85424] R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20100914.016\NAVEX15.SYS [2010-07-13 1362608] R3 netr28;Ralink 802.11n Wireless Driver for Windows Vista; C:\Windows\system32\DRIVERS\netr28.sys [2007-11-21 327168] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408] R3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR.SYS [2008-01-03 59392] R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2010-01-05 7408] R3 SipIMNDI;T-Home Dialerschutz VoIP Service; C:\Windows\system32\DRIVERS\SipIMNDI.sys [2009-10-15 24352] R3 SNPSTD3;USB PC Camera (SNPSTD3); C:\Windows\system32\DRIVERS\snpstd3.sys [2010-05-04 10552320] R3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2008-02-01 279088] R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2009-02-19 13616] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-06-03 124464] R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2009-02-19 96560] R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2009-02-19 41008] R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2009-02-19 22320] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-08-31 192688] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S3 a70x95rl;a70x95rl; C:\Windows\system32\drivers\a70x95rl.sys [] S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888] S3 BrSerIf;Brother MFC Serial Port Interface WDM Driver; C:\Windows\System32\Drivers\BrSerIf.sys [2006-09-03 53248] S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-02-25 101504] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2008-02-01 317616] S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [] S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [2010-09-13 1935656] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672] R2 Automatic LiveUpdate Scheduler;Automatisches LiveUpdate - Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-02-22 238968] R2 Bonjour Service;Bonjour-Dienst; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352] R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352] R2 ClipInc001;ClipInc 001; C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe [2009-05-27 2230024] R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352] R2 DFSVC;T-Home Dialerschutz Dienst; C:\Program Files\T-Online\Dialerschutz-Software\DFInject.exe [2009-10-21 288768] R2 GnabService;GnabService; c:\program files\common files\gnab\service\servicecontroller.exe [2007-04-19 36864] R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-10-03 358936] R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152] R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920] R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2007-06-05 177704] R2 srvcPVR;Sceneo PVR Service; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [2008-02-28 1801216] R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-06-14 61440] R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-07-04 14336] R3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2009-09-08 545568] R3 Symantec Core LC;Symantec Core LC; C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [2009-05-25 1245064] R3 WisLMSvc;WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [2007-09-11 118784] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate1c9cdafc0fd0cb0;Google Update Service (gupdate1c9cdafc0fd0cb0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-05 133104] S3 aspnet_state;ASP.NET-Zustandsdienst; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-27 34312] S3 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-08-22 55640] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\ALDI Sued Foto Service\Common\Database\bin\fbserver.exe [2005-11-17 1527900] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-31 182768] S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2008-09-05 3220856] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864] S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896] -----------------EOF----------------- die unter 1. vorgeschlagenen Task änderungen habe ich nicht machen können, da ich es nicht geschafft habe den Ordner wie beschrieben ausfindig zu machen. Habe nur Anleitungen für WinXP gefunden. |
|
15.09.2010, 21:12
| #8 |
| /// Helfer-Team | Win32.Agent.fbx auf dem Rechner 1. unnötige Systembelastung! kannst deinstallieren: Malwarebytes SuperAntiSpyware 2. Lade dir HostsXpert auf dem Desktop speichern & und entpacken
3. Schliesse alle Programme einschliesslich Internet Explorer und fixe mit Hijackthis die Einträge aus der nachfolgenden Codebox (HijackThis starten→ "Do a system scan only"→ Einträge auswählen→ Häckhen setzen→ "Fix checked" klicken→ PC neu aufstarten): HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen Code:
ATTFilter R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
O9 - Extra button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 (file missing)
O9 - Extra 'Tools' menuitem: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 (file missing)
O9 - Extra button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-15/4 (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-15/4 (file missing) (HKCU)
O16 - DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
Wie lange dauert die Startvorgang? Wenn du auf der Stelle ein schnelleres System haben möchtest: - Beim Hochfahren von Windows werden einige Programme mit gestartet, die sich (mit oder ohne Zustimmung des Users) im Autostart eingetragen haben - Je mehr Programme hier aufgeführt sind, umso langsamer startet Windows. Deshalb kann es sinnvoll sein, Software die man nicht unbedingt immer benötigt, aus dem Autostart zu entfernen. "Start-> ausführen-> "msconfig" (reinschreiben ohne ""-> OK" it-academy.cc pqtuning.de Laden von Programmen beim Start von Windows Vista verhindern - Bei allem Häkchen weg was nicht starten soll, aber immer nur einen deaktivieren (Haken weg), also Schrittweise -> Neustart... - Wird noch nach dem nächsten Neustart ein Hinweisfenster erscheinen, da ist ein Haken setzen : `Meldung nicht mehr anzeigen und dieses Programm beim Windows-Star nicht mehr starten` (Du kannst es jederzeit Rückgängig machen wenn du den Haken wieder reinmachst.) - Falls Du mal brauchst, manueller Start jederzeit möglich - Autostart-Einträge die Du nicht findest, kannst mit HJT fixen - Unter 04_Sektion - (*HijackThis Tutorial in German*): Alle Programme, Browser etc schließen→ HijackTis starten→ "Do a system scan only" anklicken→ Eintrag auswählen→ "Fix checked"klicken→ PC neu aufstarten HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen Code:
ATTFilter Du solltest nicht deaktivieren :
Grafiktreibers
Firewall
Antivirenprogramm
Sound
Gleich ein paar Vorschläge: Ohne zu bedenken deaktivieren: Code:
ATTFilter O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\\HomeCinema\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Saskia\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\MSOffice\Office10\OSA.EXE
Code:
ATTFilter O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [T-Home Dialerschutz-Software] "C:\Program Files\T-Online\Dialerschutz-Software\Defender.exe"
O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ClipIncSrvTray] "C:\Program Files\Tobit ClipInc\Player\ClipIncTray.exe"
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
mit HijackThis fixen: Code:
ATTFilter 08-09-18 Einträge - alle
016 auch - sind ActiveX Komponente, bei Bedarf wird erneut installiert, ansonsten sind nur Risikofaktoren
- Überflüssige Dienste belasten nur den Prozessor und Arbeitsspeicher, daher ist es empfehlenswert solche Dienste ganz einfach abschalten: Code:
ATTFilter O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update Service (gupdate1c9cdafc0fd0cb0) (gupdate1c9cdafc0fd0cb0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe mit der rechten Maustaste auf den Dienstnamen klicken→ wähle `Eigenschaften`→ `Starttyp`→ Deaktiviert, damit wird der Dienst ruhiggestellt. Den Dienst erst dann nur starten, wenn ein Programm ihn benötigt. 7. poste erneut - nach der vorgenommenen Reinigungsaktion: ► TrendMicro™ HijackThis™ -Logfile - Keine offenen Fenster, solang bis HijackThis läuft!! |
|
15.09.2010, 21:21
| #9 |
| | Win32.Agent.fbx auf dem Rechner Ok danke werde ich versuchen alles durchzuführen.. Nur eine Frage noch: Was ist nun mit meinen Trojanern? Google funktioniert immer noch nicht (es wird immernoch eine andere Seite angezeigt) |
|
15.09.2010, 21:58
| #10 | |
| /// Helfer-Team | Win32.Agent.fbx auf dem Rechner es geht noch natürlich weiter, fertig sind wir noch nicht Zitat:
> starten. Geändert von kira (15.09.2010 um 22:08 Uhr) |
|
| Themen zu Win32.Agent.fbx auf dem Rechner |
| antimalware, bericht, bli, computer, computern, einfach, einstellungen, entfernen, festgestellt, firefox, frage, infos, install, microsoft, nicht mehr, plugins, rechner, search, software, spybot, spybot search and destroy, superantispyware, trojaner, version, wenig ahnung, win, win32.agent.fbx, windows |
Linear-Darstellung
