Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Bluesreens und Systemprobleme durch Trojan.Agent/Gen-Frauder

Bluesreens und Systemprobleme durch Trojan.Agent/Gen-Frauder


Plagegeister aller Art und deren Bekämpfung: Bluesreens und Systemprobleme durch Trojan.Agent/Gen-Frauder

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 29.09.2010, 21:00   #1
Nuari
 
Bluesreens und Systemprobleme durch Trojan.Agent/Gen-Frauder - Standard

Bluesreens und Systemprobleme durch Trojan.Agent/Gen-Frauder


Hallo,
leider brauche ich mal wieder eure Hilfe.

Seit ca. 3 Tagen haben wir beim Hochfahren des Laptops ständig "Bluesreens". Nach einigen Versuchen klappt es irgendwann, dass der Laptop hochgefahren ist, was wir jetzt reduzieren, bevor gar nichts mehr geht. Es kommen auch irgendwelche Windows-Fehlermeldungen, die ich noch nie gesehen habe (kann sie leider auch nicht wiedergeben)

Unser Virenprogramm McAfee zeigt nichts an. Aber SUPERAntiSpyware hat mehrere Adware und einen Trojan.Agent/Gen-Frauder gefunden.
Die Internetverdindung bekomme ich auch nicht immer gleich zustande und der Explorer schließt sich des öfteren wegen eines Fehlers, weswegen ich das ganze hier zum wiederholten Male schreiben muss *grrr*
Alles in Allem funktioniert fast gar nichts mehr richtig.

Ich hoffe ihr könnt mir helfen.

Gruß Anne

Hier der Malware-Report:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4717

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

29.09.2010 19:24:32
mbam-log-2010-09-29 (19-24-32).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 150932
Laufzeit: 10 Minute(n), 22 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

und hier die beiden Logdateien von ODL:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 29.09.2010 19:50:56 - Run 2
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Anne\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 102,48 Gb Total Space | 6,75 Gb Free Space | 6,59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MARC-PC
Current User Name: Anne
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Anne\Desktop\OTL by Oldtimer.exe (OldTimer Tools)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10h_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
PRC - c:\PROGRA~1\mcafee.com\agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
PRC - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (McAfee, Inc.)
PRC - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe (McAfee)
PRC - C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
PRC - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
PRC - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
PRC - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation)
PRC - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe (Sony Corporation)
PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Apoint\Apntex.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Apoint\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Anne\Desktop\OTL by Oldtimer.exe (OldTimer Tools)
MOD - c:\PROGRA~1\mcafee\SITEAD~1\saHook.dll (McAfee, Inc.)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (mcmscsvc) -- C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (MpfService) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (McODS) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe (McAfee, Inc.)
SRV - (McShield) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (McAfee, Inc.)
SRV - (McSysmon) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.)
SRV - (MBackMonitor) -- C:\Program Files\McAfee\MBK\MBackMonitor.exe (McAfee)
SRV - (MSK80Service) -- C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
SRV - (McProxy) -- c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
SRV - (McNASvc) -- c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
SRV - (MSSQL$VAIO_VEDB) SQL Server (VAIO_VEDB) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLWriter) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (AAV UpdateService) -- C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-UPnP) VAIO Media Content Collection (UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-HTTP) VAIO Media Content Collection (HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (AdobeActiveFileMonitor5.0) -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe ()
SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VzFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\Anne\AppData\Local\Temp\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (MPFP) -- C:\Windows\System32\drivers\Mpfp.sys (McAfee, Inc.)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (ACEDRV07) -- C:\Windows\System32\drivers\ACEDRV07.sys (Protect Software GmbH)
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (SigmaTel, Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (ti21sony) -- C:\Windows\System32\drivers\ti21sony.sys (Texas Instruments)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (SiFilter) -- C:\Windows\system32\drivers\siwinacc.sys (Silicon Image, Inc.)
DRV - (SiRemFil) -- C:\Windows\system32\drivers\siremfil.sys (Silicon Image, Inc.)
DRV - (SI3132) -- C:\Windows\system32\DRIVERS\SI3132.sys (Silicon Image, Inc.)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (R5U870FLx86) -- C:\Windows\System32\drivers\R5U870FLx86.sys (Ricoh)
DRV - (R5U870FUx86) -- C:\Windows\System32\drivers\R5U870FUx86.sys (Ricoh)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (SNC) -- C:\Windows\System32\drivers\SonyNC.sys (Sony Corporation)
DRV - (tosporte) -- C:\Windows\System32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\TosRfhid.sys (TOSHIBA Corporation.)
DRV - (SonyImgF) -- C:\Windows\System32\drivers\SonyImgF.sys (Sony Corporation)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aol.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010.07.03 20:33:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.29 21:49:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.27 12:19:35 | 000,000,000 | ---D | M]
 
[2008.08.19 16:43:16 | 000,000,000 | ---D | M] -- C:\Users\Anne\AppData\Roaming\mozilla\Extensions
[2010.09.27 10:24:20 | 000,000,000 | ---D | M] -- C:\Users\Anne\AppData\Roaming\mozilla\Firefox\Profiles\qc82bxfd.default\extensions
[2009.09.06 15:12:03 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Anne\AppData\Roaming\mozilla\Firefox\Profiles\qc82bxfd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.09.24 16:25:09 | 000,000,950 | ---- | M] () -- C:\Users\Anne\AppData\Roaming\Mozilla\FireFox\Profiles\qc82bxfd.default\searchplugins\icqplugin-1.xml
[2009.12.09 23:19:09 | 000,000,950 | ---- | M] () -- C:\Users\Anne\AppData\Roaming\Mozilla\FireFox\Profiles\qc82bxfd.default\searchplugins\icqplugin-2.xml
[2010.01.11 20:41:41 | 000,000,950 | ---- | M] () -- C:\Users\Anne\AppData\Roaming\Mozilla\FireFox\Profiles\qc82bxfd.default\searchplugins\icqplugin-3.xml
[2010.01.13 20:22:34 | 000,000,950 | ---- | M] () -- C:\Users\Anne\AppData\Roaming\Mozilla\FireFox\Profiles\qc82bxfd.default\searchplugins\icqplugin-4.xml
[2010.02.25 19:07:45 | 000,000,950 | ---- | M] () -- C:\Users\Anne\AppData\Roaming\Mozilla\FireFox\Profiles\qc82bxfd.default\searchplugins\icqplugin-5.xml
[2010.05.29 21:49:42 | 000,000,950 | ---- | M] () -- C:\Users\Anne\AppData\Roaming\Mozilla\FireFox\Profiles\qc82bxfd.default\searchplugins\icqplugin-6.xml
[2010.05.30 19:17:10 | 000,000,950 | ---- | M] () -- C:\Users\Anne\AppData\Roaming\Mozilla\FireFox\Profiles\qc82bxfd.default\searchplugins\icqplugin-7.xml
[2010.02.03 14:37:50 | 000,000,947 | ---- | M] () -- C:\Users\Anne\AppData\Roaming\Mozilla\FireFox\Profiles\qc82bxfd.default\searchplugins\icqplugin.xml
[2010.05.21 17:20:38 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009.10.30 17:07:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.05.21 17:20:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.05.21 17:20:01 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009.12.02 18:23:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2009.12.02 18:23:12 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2009.12.02 18:23:12 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2009.12.02 18:23:13 | 000,000,986 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2009.12.02 18:23:13 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.05.12 23:37:30 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (Your Company Name)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe (McAfee)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [VAIOCameraUtility] C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe (Sony Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.191.74.11 192.168.0.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img19.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img19.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6729dedc-86d1-11df-bdbf-ea42bbaaf3ca}\Shell\AutoRun\command - "" = G:\Get_Started_for_Win.exe -- File not found
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Get_Started_for_Win.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.29 19:17:01 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Anne\Desktop\OTL by Oldtimer.exe
[2010.09.29 16:36:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.09.26 18:21:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NSS
[2010.09.26 18:21:27 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Scan
[2010.09.26 18:21:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010.09.26 18:21:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NSS\0207030.022
[2010.09.26 18:21:19 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2010.09.26 18:21:19 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010.09.24 16:30:20 | 000,086,016 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2010.09.24 16:28:59 | 000,000,000 | ---D | C] -- C:\Tivola
[2010.09.15 17:56:33 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.29 19:50:00 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{15A120CC-DE56-4CA8-A7F1-B6A324B7FAC3}.job
[2010.09.29 19:49:43 | 003,145,728 | -HS- | M] () -- C:\Users\Anne\ntuser.dat
[2010.09.29 19:17:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Anne\Desktop\OTL by Oldtimer.exe
[2010.09.29 18:37:38 | 000,005,789 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2010.09.29 18:03:00 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.29 18:02:59 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010.09.29 18:02:59 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.29 18:02:43 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.29 18:02:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.29 18:01:52 | 185,009,911 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.09.29 14:21:39 | 000,524,288 | -HS- | M] () -- C:\Users\Anne\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.09.29 14:21:39 | 000,065,536 | -HS- | M] () -- C:\Users\Anne\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.09.29 00:23:21 | 002,198,337 | -H-- | M] () -- C:\Users\Anne\AppData\Local\IconCache.db
[2010.09.29 00:21:08 | 000,039,936 | ---- | M] () -- C:\Users\Anne\Desktop\Wochenenddienstplan_Gr.2-2011.xls
[2010.09.28 19:10:50 | 000,000,846 | ---- | M] () -- C:\Users\Anne\Desktop\CCleaner.lnk
[2010.09.27 19:47:11 | 001,720,004 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.09.27 19:47:11 | 000,732,836 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.09.27 19:47:11 | 000,682,392 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.09.27 19:47:11 | 000,170,910 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.09.27 19:47:11 | 000,138,830 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.09.27 12:19:35 | 000,001,929 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010.09.26 20:01:41 | 000,000,472 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Anne.job
[2010.09.26 18:21:36 | 000,001,179 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2010.09.26 18:21:27 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\NSS\0207030.022\isolate.ini
[2010.09.26 13:08:35 | 000,001,430 | ---- | M] () -- C:\Users\Anne\Desktop\DivX Movies.lnk
[2010.09.26 13:07:20 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.09.24 16:30:20 | 000,000,736 | ---- | M] () -- C:\Users\Anne\Desktop\Abenteuer Stadt.lnk
[2010.09.22 14:04:57 | 000,002,032 | ---- | M] () -- C:\Users\Anne\AppData\Local\d3d9caps.dat
[2010.09.18 10:10:59 | 001,325,716 | ---- | M] () -- C:\Users\Anne\Desktop\Einführung Tauchen.pdf
[2010.09.15 13:26:01 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2010.09.05 12:35:22 | 000,022,528 | ---- | M] () -- C:\Users\Anne\Desktop\Handyrechnung Mutter.xls
[2010.09.01 08:48:54 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
 
========== Files Created - No Company Name ==========
 
[2010.09.29 00:21:06 | 000,039,936 | ---- | C] () -- C:\Users\Anne\Desktop\Wochenenddienstplan_Gr.2-2011.xls
[2010.09.28 23:48:45 | 185,009,911 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.09.27 02:31:39 | 000,001,929 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010.09.26 18:21:39 | 000,000,472 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Anne.job
[2010.09.26 18:21:35 | 000,001,179 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2010.09.26 18:21:27 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NSS\0207030.022\isolate.ini
[2010.09.26 13:07:20 | 000,000,959 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.09.24 16:30:20 | 000,000,736 | ---- | C] () -- C:\Users\Anne\Desktop\Abenteuer Stadt.lnk
[2010.09.18 10:11:15 | 001,325,716 | ---- | C] () -- C:\Users\Anne\Desktop\Einführung Tauchen.pdf
[2010.09.05 11:01:06 | 000,022,528 | ---- | C] () -- C:\Users\Anne\Desktop\Handyrechnung Mutter.xls
[2010.05.12 13:26:11 | 000,000,625 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009.08.04 23:25:07 | 000,000,552 | ---- | C] () -- C:\Users\Anne\AppData\Local\d3d8caps.dat
[2009.07.10 11:56:57 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.02.26 22:36:43 | 000,006,314 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008.12.02 22:30:34 | 000,000,092 | ---- | C] () -- C:\Users\Anne\AppData\Local\fusioncache.dat
[2008.07.03 23:30:58 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2008.07.03 23:30:57 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll
[2008.07.03 23:30:57 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2008.07.03 23:30:57 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2007.12.20 18:46:49 | 000,022,328 | ---- | C] () -- C:\Users\Anne\AppData\Roaming\PnkBstrK.sys
[2007.10.20 15:29:20 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2007.09.21 20:04:31 | 000,007,886 | ---- | C] () -- C:\Users\Anne\AppData\Roaming\wklnhst.dat
[2007.09.01 19:55:34 | 000,090,624 | ---- | C] () -- C:\Users\Anne\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.08.29 19:58:13 | 000,002,032 | ---- | C] () -- C:\Users\Anne\AppData\Local\d3d9caps.dat
[2007.06.19 09:59:36 | 000,070,400 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll
[2007.04.20 08:57:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2006.12.22 21:59:14 | 000,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI
[2006.12.22 21:48:41 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2006.12.22 21:44:18 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2006.12.22 21:38:51 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll
[2006.12.01 10:24:02 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2006.11.09 11:42:54 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006.11.08 16:02:38 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006.11.08 16:02:38 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.10.31 18:37:00 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.08.10 16:00:52 | 000,094,208 | ---- | C] () -- C:\Windows\System32\TosBtHcrpAPI.dll
[2005.07.22 22:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2004.12.20 11:08:28 | 000,155,648 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2004.12.20 11:03:26 | 000,679,936 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[1999.01.22 20:46:56 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL
 
========== LOP Check ==========
 
[2008.11.10 22:53:51 | 000,000,000 | ---D | M] -- C:\Users\Anne\AppData\Roaming\Alawar
[2009.01.27 12:49:14 | 000,000,000 | ---D | M] -- C:\Users\Anne\AppData\Roaming\Atari
[2009.05.11 19:40:44 | 000,000,000 | ---D | M] -- C:\Users\Anne\AppData\Roaming\CoSoSys
[2010.09.29 17:01:54 | 000,000,000 | ---D | M] -- C:\Users\Anne\AppData\Roaming\ICQ
[2007.10.24 21:29:23 | 000,000,000 | ---D | M] -- C:\Users\Anne\AppData\Roaming\ICQ Toolbar
[2007.09.30 17:35:16 | 000,000,000 | ---D | M] -- C:\Users\Anne\AppData\Roaming\ICQLite
[2010.01.05 01:25:13 | 000,000,000 | ---D | M] -- C:\Users\Anne\AppData\Roaming\Image Zone Express
[2008.10.03 17:22:58 | 000,000,000 | ---D | M] -- C:\Users\Anne\AppData\Roaming\InterVideo
[2009.11.28 20:53:48 | 000,000,000 | ---D | M] -- C:\Users\Anne\AppData\Roaming\LG Electronics
[2008.04.11 11:36:00 | 000,000,000 | ---D | M] -- C:\Users\Anne\AppData\Roaming\Opera
[2009.07.17 19:51:57 | 000,000,000 | ---D | M] -- C:\Users\Anne\AppData\Roaming\Printer Info Cache
[2008.11.10 20:59:26 | 000,000,000 | ---D | M] -- C:\Users\Anne\AppData\Roaming\PTV Game
[2010.05.25 11:36:08 | 000,000,000 | ---D | M] -- C:\Users\Anne\AppData\Roaming\SumatraPDF
[2010.09.12 16:42:11 | 000,000,000 | ---D | M] -- C:\Users\Anne\AppData\Roaming\temp
[2007.09.21 20:05:05 | 000,000,000 | ---D | M] -- C:\Users\Anne\AppData\Roaming\Template
[2009.01.12 15:27:19 | 000,000,000 | ---D | M] -- C:\Users\Anne\AppData\Roaming\Wildlife Park 2
[2010.09.15 13:26:01 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2010.09.01 08:48:54 | 000,000,330 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2010.09.29 14:21:41 | 000,032,510 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.09.29 19:50:00 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{15A120CC-DE56-4CA8-A7F1-B6A324B7FAC3}.job
 
========== Purity Check ==========
 
 
< End of report >
--- --- ---
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 29.09.2010 19:50:56 - Run 2
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Anne\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 102,48 Gb Total Space | 6,75 Gb Free Space | 6,59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MARC-PC
Current User Name: Anne
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0141EDB0-F960-4172-8804-B45B3A232AF7}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=c:\windows\system32\svchost.exe | 
"{1F2BCF97-3B63-43ED-A967-45E7B3EB1A79}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{206F1429-4A88-4892-8AFD-4F55A879F9E3}" = rport=445 | protocol=6 | dir=out | app=system | 
"{2CA950DA-D07A-401B-94B1-00971756F81D}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe | 
"{2FE04B2E-8852-468C-B196-A1C2C1F8738E}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=c:\windows\system32\dfsr.exe | 
"{41A9ED02-183F-413A-863A-C3FD2CF56199}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{43C67D2C-93F6-45CB-AD6B-679557A0A4B1}" = rport=137 | protocol=17 | dir=out | app=system | 
"{4631936B-86E4-4874-AD7E-08AA514BE214}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{47228324-D5D5-46F6-B118-B5A112BD19A4}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=c:\windows\system32\dfsr.exe | 
"{5140A2D5-B875-4204-8861-9C6A5FA737F1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{5D4009C5-2E18-43FA-BD3D-7A5C3BAC3285}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{651D9F11-EACB-4F6F-8E4E-84BA9D0D479D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{71ECEB4B-8BA8-40A3-8A43-877EA060EA23}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{8D6F06F9-D075-4B3C-BE10-EE161FB43399}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=c:\windows\system32\svchost.exe | 
"{8F0BD98C-19AA-4128-933D-9F2C5B9D914C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{94F08B2E-5D5B-409B-8834-E453152D6231}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{959313ED-3B20-4DBD-B96C-8CBE72353C98}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{9895AE91-A12D-4333-8BC4-DAA499F0786B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{A729F6A6-4818-4E52-B291-234775EDF72E}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{B0B5536D-07C2-4495-8310-87F4784B286F}" = rport=139 | protocol=6 | dir=out | app=system | 
"{B451B642-36C0-4958-88DB-AFCCFC76AA1E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BD16ADA6-DC8C-4F77-8412-CA6B38BE7B31}" = lport=445 | protocol=6 | dir=in | app=system | 
"{CCC25534-C0E3-4932-8591-8C0F9072C4D5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{CDE06401-43F0-40F0-AED9-61C59149F50A}" = lport=138 | protocol=17 | dir=in | app=system | 
"{CE0A00FB-87ED-4D89-95B2-1B5061A30643}" = lport=137 | protocol=17 | dir=in | app=system | 
"{D03BB095-81B4-479D-8C53-F125BB48DFC1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E6661A68-D8EB-451A-9377-649D59423F63}" = rport=138 | protocol=17 | dir=out | app=system | 
"{E7E650D8-8902-4DF3-97D4-EEE95B7FB120}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe | 
"{E8F328FB-DD77-4A9E-9FA7-E0EFC9F4AF39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FB6E9ED1-027A-47A3-9ABF-876F3B03C16C}" = lport=139 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00DF6CFA-40D9-4F6E-812E-244ADD190DBA}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{01F765A1-51AC-4FE2-B4D6-82B9F796A45A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{0934A995-5E1D-40C5-8C76-F57662C645B3}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{0C1A4BFC-9245-4B8C-8BBC-62F0B881B795}" = protocol=6 | dir=out | app=system | 
"{12FED8DC-4327-4852-90A9-6C030F1C8076}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1BE306BD-B0AF-4FE8-9AB4-B91672B9C59A}" = protocol=6 | dir=in | app=k:\spiele\unrealengine3\binaries\moha.exe | 
"{1DE5A667-C9B2-42D1-899E-B9EF26285B35}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{1E4543BB-B0D4-4EF2-8F3A-F6C2CAA1337E}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1F1B7C13-3500-4A57-83E7-22258EF223CB}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{21BA97E3-3912-4B1A-BC8F-95E869F7BA48}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe | 
"{2D6EE771-09AB-418C-A907-213BABBCADF7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{38977865-B776-4C23-8F96-916D5FF2022F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{38B3FCB6-8660-47CB-A596-F6F8C5DD2FFB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{3AF93B63-2332-4DBA-8179-189AA9B6883C}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe | 
"{3F151DB8-CB22-42F4-A71C-5D0CEB191CE5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{42CC82C8-2E6B-40BC-9F80-6950136DBDAB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{466FB82E-8856-43EC-AD4F-9566F31A6C50}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe | 
"{470617E8-BBC3-43B2-97AD-D70B94D51ECE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\silent hill homecoming\bin\silenthill.exe | 
"{47DA29F6-350E-4B10-87F8-33A543052EA0}" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4BC438A4-EBE2-4DDA-934E-AA101BF0EBD1}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"{4DF8AE98-2C7B-4264-94C3-702485656403}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe | 
"{528473FB-D777-470F-97E0-18DE3EB034CA}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\silent hill homecoming\bin\silenthill.exe | 
"{56EC9C8F-DDA4-43F5-BFFD-B179C45BCDCD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{660673FA-7965-4957-BA4A-EFD96BC6C499}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{66D6A128-2489-401E-8DA4-5AD9F4FBA5CA}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe | 
"{68F548E5-FE33-4889-BB29-DE409C695386}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{6E2FA903-96EC-4C86-AACE-D47569627ADE}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe | 
"{719B336D-4A89-4DC1-AE97-D503B6CBB8CA}" = protocol=6 | dir=in | app=c:\program files\windows collaboration\wincollab.exe | 
"{72B391EA-350C-4AF4-84CE-E067857BB4D5}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe | 
"{7BC495E8-9028-46B3-BEA4-C094F1AB9B2D}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe | 
"{7DC6A0BE-92C8-4C2A-B988-766BEA24E577}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{8774E354-9337-4169-AEE6-9E0ED2EB756A}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe | 
"{89F67C38-4681-4EA9-8B2D-394F76E63B6B}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe | 
"{8EA2BA9A-EEE5-4838-9856-E76823E77204}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{8F1390D7-20DD-4F71-A31C-95FF949E0031}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{8FAD7E95-34F5-40E9-B2B1-D13E708B14D2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{965EC27F-A33D-4944-9635-B90D07FF64D3}" = protocol=17 | dir=in | app=c:\program files\windows collaboration\wincollab.exe | 
"{96CE558F-7A8F-4ED4-A8F1-5888117ECBB3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{9D27720D-A072-4C83-A49D-4F85F39F05C0}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe | 
"{A5F0F7A4-760A-4B1E-93EB-7C1E0A749692}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{A60A0443-36D7-4E5D-B6B4-794CFC8ADE2E}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | 
"{ABBF4276-7C41-4245-8DBA-9FD3DFFC7355}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{AD9CE05B-8592-4136-9CEC-56D760E64749}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe | 
"{B1F9FA6E-E0F1-45E4-A772-E18DCD96E036}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{B4C26E50-97F8-422C-B368-8B3A24A7E349}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B5AC7D36-CDC4-4A87-AE35-C03F49F42D6B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B76C387E-F4CF-4559-80C9-09C892FFCB7D}" = protocol=6 | dir=out | app=c:\program files\windows collaboration\wincollab.exe | 
"{CF63EF43-9E90-451A-A6E4-08B4A51E04A0}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe | 
"{D26C2798-68E4-410F-BC60-C1CA77A11255}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E32F4DD7-F9EF-43C8-900F-B00F87733314}" = protocol=6 | dir=out | app=system | 
"{E7E34E0E-74DC-4621-B066-7E15046B796E}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"{EA746E8A-D78F-46AD-BB88-A98E2EB525C1}" = protocol=17 | dir=in | app=k:\spiele\unrealengine3\binaries\moha.exe | 
"{F30C496E-16AA-401D-BDAA-7367B6CF0852}" = protocol=17 | dir=out | app=c:\program files\windows collaboration\wincollab.exe | 
"{FAC39D9D-26A3-4B42-9251-EDCE7B23E862}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe | 
"{FD7BA1F4-65E2-42D8-B3E6-C22511F02535}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe | 
"TCP Query User{08F15A51-F56B-4806-9750-7C5A00915B2A}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | 
"TCP Query User{0F82C4F6-5137-4678-9C2E-9C475C6E7698}C:\gamigo games\smash online\smashonline.exe" = protocol=6 | dir=in | app=c:\gamigo games\smash online\smashonline.exe | 
"TCP Query User{3C9CB928-5274-4B86-918D-F121F30957C2}C:\program files\icq7.1\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe | 
"TCP Query User{41F8FF9A-E754-4197-A181-07C122107456}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{4B71AA99-3C8A-4C25-9417-754C4888EBD9}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\crytek\far cry\bin32\farcry.exe | 
"TCP Query User{4E9E2498-84A8-4EA8-BA51-82FE9EFFC4AD}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | 
"TCP Query User{85D0BB6C-00A7-4157-8D74-1B30BA151771}C:\gamigo games\smash online\smashonline.exe" = protocol=6 | dir=in | app=c:\gamigo games\smash online\smashonline.exe | 
"TCP Query User{9BD2CAB1-D359-4228-BF86-C886C6FD7165}C:\program files\activision\call of duty - world at war\codwaw.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe | 
"TCP Query User{A1E0452E-A800-4479-A94B-FD5A994DEBB8}K:\spiele marc\mohpa.exe" = protocol=6 | dir=in | app=k:\spiele marc\mohpa.exe | 
"TCP Query User{A69C32EA-7AE5-49B1-97B4-4D462B5ADA56}C:\program files\aim6\aim6.exe" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe | 
"TCP Query User{D12E3683-DABF-47AB-AD67-B5B12B1FBF95}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{D1F18FD1-22AE-4A35-9C09-172266AB94E0}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"TCP Query User{E2903D0C-9A2E-45B1-AD5A-DF7C7D848E42}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{FF51C641-9D11-4490-B4D0-0630AB0AA7B2}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | 
"UDP Query User{131D1105-E9E5-4B7B-825C-5DA043D0BAB8}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | 
"UDP Query User{2BEEB9F6-7898-4305-BAB2-1C5400053AE4}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{43F61BBF-0EF3-44CE-A262-2EAF0BF574EA}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"UDP Query User{50B42948-025E-4794-A238-8E6C4348DAC9}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{598AF476-F7DE-4033-BED4-F71BB3B5B5BB}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | 
"UDP Query User{69305D07-EB96-471F-A7EC-31CCF0F58B9A}K:\spiele marc\mohpa.exe" = protocol=17 | dir=in | app=k:\spiele marc\mohpa.exe | 
"UDP Query User{7154165B-8E16-4943-AE3D-CAD7B4640C0D}C:\program files\icq7.1\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe | 
"UDP Query User{A3972A2E-8CE7-4FEE-A610-B52032A1B841}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"UDP Query User{AADBEFA2-8B0E-4285-B024-457FDBF5DB4D}C:\gamigo games\smash online\smashonline.exe" = protocol=17 | dir=in | app=c:\gamigo games\smash online\smashonline.exe | 
"UDP Query User{AB630CDF-AF47-442E-8274-21599DF66D78}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\crytek\far cry\bin32\farcry.exe | 
"UDP Query User{B2A25010-496A-4DBC-BBDD-E48F167AF2DB}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | 
"UDP Query User{D4D94143-6833-4913-BB63-6DAF72A59827}C:\program files\activision\call of duty - world at war\codwaw.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe | 
"UDP Query User{DD79E6BA-B979-46A6-B44C-6B6A2259DE43}C:\program files\aim6\aim6.exe" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe | 
"UDP Query User{E0855FDB-5ADA-48BC-8537-8D9F47C8B927}C:\gamigo games\smash online\smashonline.exe" = protocol=17 | dir=in | app=c:\gamigo games\smash online\smashonline.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0D410F4D-9009-43F8-9DF1-BDADCE7FC43F}" = AAVUpdateManager
"{1417F599-1DBD-4499-9375-B2813E9F890C}" = VAIO Camera Utility
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{17C7703E-0B2A-4593-9CB7-E2FE14B6F8EA}" = Sony Snymsico for Vista
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{23DD6DAA-DDEF-41F5-A527-CECF07FA2CAF}" = 1500
"{24960AC2-C413-4A86-B1C1-E4CCADCA44D3}" = VAIO Information FLOW
"{25569723-DC5A-4467-A639-79535BF01B71}" = Adobe Help Center 2.1
"{25F28E39-FDBB-11DB-8314-0800200C9A66}" = Medal of Honor Airborne
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}" = VAIO Cozy Orange Wallpaper
"{32A3A4F4-B792-11D6-A78A-00B0D0160200}" = Java(TM) SE Development Kit 6 Update 20
"{32E00E5E-22B1-4D5A-9DC2-CD75E087A5E6}" = Steuer-Spar-Erklärung 2009
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{39CB30DB-27F8-4dd4-A294-CB4AE3B584FD}" = Copy
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D79DB6E-73DA-46C9-B8FA-DAE52108246F}" = OpenMG Secure Module 4.6.01
"{3EE2F527-F306-49E9-0086-662C337ADD3B}" = FUSSBALL MANAGER 07
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F0F82CF-F03A-4681-8606-C4FB3AE30E3A}" = Adobe Photoshop Elements 5.0.2 Patcher
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{500C3FDC-5E5F-485F-BDF5-2C445839CBE0}" = 
"{55B781F0-060E-11D4-99D7-00C04FCCB775}" = 
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}" = Medal of Honor Pacific Assault(tm)
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5958CAC6-373E-402F-84FE-0A699AA920B9}" = LAN Setting Utility
"{5E343EF6-D27C-4CFC-9FAE-9AAFB541BCEE}" = VAIO Photo 2007
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.0
"{7914BE1E-F186-4790-B8F4-9F63C52A41C1}" = Medal of Honor Allied Assault(tm) Spearhead
"{7B63B2922B174135AFC0E1377DD81EC2}" = 
"{7FB12670-0F93-4E1E-B2F5-4F339199A03A}" = Microsoft SQL Server Native Client
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{849A32C3-E75A-4791-9B11-E568BA3525A4}" = Microsoft SQL Server VSS Writer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{934A3213-1CB6-4264-84A2-EE080C017BCA}" = VAIO Tender Green Wallpaper
"{97260AE9-A1EE-492E-8DCC-FD0AFF785720}" = 
"{97BCD719-6ECB-458F-97D6-F38D2E07375E}" = VAIO Aqua Breeze Wallpaper
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A2101ACC-DC36-42AA-A576-6FD6A8D466DA}" = 1500_Help
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A4C6B32D-5088-40AF-B74D-CDABEF144F04}" = 1500Trb
"{A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}" = Adobe Photoshop Elements 5.0
"{A947C2B3-7445-42C4-9063-EE704CACCB22}" = VAIO Hardware Diagnostics
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.4 - Deutsch
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Easy Media Creator Home
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C183A21C-395A-490F-99D4-CCAB35E32859}" = 
"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}" = U3Launcher
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E2B38044-AEF2-40AF-BDD8-FEDE799A8633}" = 
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = 
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 5" = Adobe Photoshop Elements 5.0
"CCleaner" = CCleaner
"City" = Abenteuer Stadt
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"DivX Setup.divx.com" = DivX-Setup
"FHMcomCharMarsh_scenes" = FHMcomCharMarsh_scenes Screen Saver
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{3D79DB6E-73DA-46C9-B8FA-DAE52108246F}" = OpenMG Secure Module 4.6.01
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"MSC" = McAfee SecurityCenter
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoScape" = PhotoScape
"PROSet" = Intel(R) PRO Network Connections Drivers
"Skype_is1" = Skype 2.5
"Steam App 19000" = Silent Hill Homecoming
"Steuer-Spar-Erklärung 2008 deinstallieren" = Steuer-Spar-Erklärung 2008
"SumatraPDF" = SumatraPDF
"SystemRequirementsLab" = System Requirements Lab
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.6d
"XviD_is1" = XviD MPEG-4 Video Codec
"Zulu" = Zulu DJ Software
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 29.09.2010 08:25:08 | Computer Name = Marc-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.0.6002.18005 arbeitet nicht mehr 
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen 
über das Problem zu suchen. Prozess-ID: 2b8 Anfangszeit: 01cb5fd1052b8fcf Zeitpunkt
der Beendigung: 17
 
Error - 29.09.2010 08:25:15 | Computer Name = Marc-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung mobsync.exe, Version 6.0.6001.18000, Zeitstempel
0x47918e41, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821,
Ausnahmecode 0xc0000374, Fehleroffset 0x000afaf8, Prozess-ID 0x120, Anwendungsstartzeit
01cb5fd15e884d1f.
 
Error - 29.09.2010 08:26:38 | Computer Name = Marc-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.exe, Version 6.0.6002.18005 arbeitet nicht mehr 
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen 
über das Problem zu suchen. Prozess-ID: ae8 Anfangszeit: 01cb5fd1806287cf Zeitpunkt
der Beendigung: 12
 
Error - 29.09.2010 12:03:20 | Computer Name = Marc-PC | Source = McLogEvent | ID = 5022
Description = Initialisierung des MCSCAN32-Moduls ist fehlgeschlagen. Das Modul hat
folgenden Fehler ausgegeben: 8
 
Error - 29.09.2010 12:08:19 | Computer Name = Marc-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe_Dnscache, Version 6.0.6001.18000,
Zeitstempel 0x47918b89, fehlerhaftes Modul VSSAPI.DLL, Version 6.0.6002.18005, 
Zeitstempel 0x49e0380a, Ausnahmecode 0xc0000005, Fehleroffset 0x0007504a, Prozess-ID
0x62c, Anwendungsstartzeit 01cb5fefbf82a727.
 
Error - 29.09.2010 12:41:06 | Computer Name = Marc-PC | Source = McLogEvent | ID = 5022
Description = Initialisierung des MCSCAN32-Moduls ist fehlgeschlagen. Das Modul hat
folgenden Fehler ausgegeben: 8
 
Error - 29.09.2010 12:41:09 | Computer Name = Marc-PC | Source = McLogEvent | ID = 5022
Description = Initialisierung des MCSCAN32-Moduls ist fehlgeschlagen. Das Modul hat
folgenden Fehler ausgegeben: 8
 
Error - 29.09.2010 12:57:48 | Computer Name = Marc-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18943, Zeitstempel
0x4c25813d, fehlerhaftes Modul mshtml.dll, Version 8.0.6001.18943, Zeitstempel 
0x4c259878, Ausnahmecode 0xc0000096, Fehleroffset 0x001d2013, Prozess-ID 0x1234, 
Anwendungsstartzeit 01cb5ff5b956a5fc.
 
Error - 29.09.2010 12:57:59 | Computer Name = Marc-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18943, Zeitstempel
0x4c25813d, fehlerhaftes Modul mshtml.dll, Version 8.0.6001.18943, Zeitstempel 
0x4c259878, Ausnahmecode 0xc0000005, Fehleroffset 0x001d2014, Prozess-ID 0x1644, 
Anwendungsstartzeit 01cb5ff777506aec.
 
Error - 29.09.2010 13:12:57 | Computer Name = Marc-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18943, Zeitstempel
0x4c25813d, fehlerhaftes Modul mshtml.dll, Version 8.0.6001.18943, Zeitstempel 
0x4c259878, Ausnahmecode 0xc0000005, Fehleroffset 0x000f94dd, Prozess-ID 0xfe4, Anwendungsstartzeit
01cb5ff56741c51c.
 
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
--- --- ---
 

Themen zu Bluesreens und Systemprobleme durch Trojan.Agent/Gen-Frauder
32 bit, acroiehelper.dll, adobe, adware, bho, bluescreen, bluesreens, call of duty, components, corp./icp, data restore, defender, error, firefox, firefox.exe, flash player, format, google, home, home premium, iexplore.exe, local\temp, location, logfile, mozilla, nodrives, ntdll.dll, nvlddmkm.sys, nvstor.sys, officejet, oldtimer, otl logfile, phishing, plug-in, programdata, programm, reduzieren, registry, rundll, saver, searchplugins, secure search, security, server, shell32.dll, siteadvisor, skype.exe, software, studio, superantispyware, svchost.exe, system restore, trojan.agent/gen-frauder, udp, vista, vlc media player, world at war


« Antivirus2010 blockiert OTL.exe, malwarebuytes.exe, auch mit anderm Namen | Virus für den Mp3 Player »


Ähnliche Themen: Bluesreens und Systemprobleme durch Trojan.Agent/Gen-Frauder


  1. 2 Trojaner eingefangen durch E-Mail-Anhänge // Trojan-Banker.Win32.Agent.ubo und Trojan.Win32.Yakes.ghny
    Log-Analyse und Auswertung - 19.07.2015 (28)
  2. Trojan.Agent/Gen-Frauder
    Plagegeister aller Art und deren Bekämpfung - 18.11.2013 (5)
  3. trojan.agent/Gen-frauder und trojan.agent/Gen-Reputation gefunden
    Log-Analyse und Auswertung - 02.11.2013 (10)
  4. WinXp Trojan.Agent/Gen-Reputation Stolen.Data Trojan.Agent/Gen-DunDun Win32/Spy.Banker.YPK trojan
    Log-Analyse und Auswertung - 29.10.2013 (7)
  5. Trojan.Ransom.ED, Trojan.Agent.ED, Trojan.FakeMS.PRGen und Bublik b. durch Email erhalten?
    Plagegeister aller Art und deren Bekämpfung - 02.04.2013 (29)
  6. Infektion durch Trojan.Agent.ED, EXP/2012-1723.GE, TR/PSW.Fareit.1142 und weitere Malware
    Plagegeister aller Art und deren Bekämpfung - 19.03.2013 (35)
  7. Win.Trojan.Agent-228583, Win.Trojan.Expiro-1161 und Win.Trojan.Agent-232649
    Plagegeister aller Art und deren Bekämpfung - 13.03.2013 (8)
  8. Infiziert durch: PUP.Adware.Agent u. Trojan.FakeRP
    Log-Analyse und Auswertung - 26.02.2013 (21)
  9. Trojan.Fakesmoke, Trojan.Agent-128337, Trojan.Agent-128287 bei Desinfect 2012 (Clam AV)
    Log-Analyse und Auswertung - 06.02.2013 (17)
  10. Trojaner gefunden: Win 32:Patcher [Trj], Win.Trojan.Agent-36124, Win.Trojan.Agent-44393
    Log-Analyse und Auswertung - 02.02.2013 (7)
  11. TR/ATRAPS.Gen und TR/Kazy durch Antivir gemeldet; ferner Trojan.Agent.MRGGen, Trojan.0Access, Trojan.Dropper.BCMiner
    Plagegeister aller Art und deren Bekämpfung - 03.11.2012 (10)
  12. Trojan.Downloader, Trojan.Agent.VGENX, Trojan.Agent, PUP.Pantsoff.PasswordFinder, TR/spy.banker.gen5
    Log-Analyse und Auswertung - 27.10.2012 (1)
  13. Trojan.Agent Run|Regedit32 nicht durch MWB zu entfernen
    Plagegeister aller Art und deren Bekämpfung - 26.09.2012 (17)
  14. TR/Crypt.Gypikon.D.1 und Trojan.Agent.H nach Verschlüsselungstrojaner durch E-Mail
    Log-Analyse und Auswertung - 23.05.2012 (9)
  15. Trojan.Agent/Gen-Frauder
    Plagegeister aller Art und deren Bekämpfung - 03.06.2011 (3)
  16. Trojan.Agent/Gen-Frauder laut SUPERAntiSpyware bitte um schnelle antwort
    Log-Analyse und Auswertung - 13.05.2011 (1)
  17. Systemprobleme
    Plagegeister aller Art und deren Bekämpfung - 19.06.2008 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Bluesreens und Systemprobleme durch Trojan.Agent/Gen-Frauder - Hallo, leider brauche ich mal wieder eure Hilfe. Seit ca. 3 Tagen haben wir beim Hochfahren des Laptops ständig "Bluesreens". Nach einigen Versuchen klappt es irgendwann, dass der Laptop hochgefahren - Bluesreens und Systemprobleme durch Trojan.Agent/Gen-Frauder...
Archiv
Du betrachtest: Bluesreens und Systemprobleme durch Trojan.Agent/Gen-Frauder auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131