| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected ``Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.03.2011, 16:35
| #1 |
 |  TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected `` Hallo Leute , Seit gestern Abend nachdem ich so ein Java update bei mir durchgeführt habe taucht folgendes bei mir auf . -Antivir kommt immer wieder mit der Meldung ,dass es den Trojaner hier gefunden hat : TR/Crypt.XPACK.Gen -Desweiteren kommen solche Windows Meldungen : Windows -Delayed write Filed Windwos was unaeble to save all the data for the file //System32//496A8300.The data has been lost.This error may be caused by a failure of your computer hardware. Hard drive Failure The System has detected a problem with one or more install IDE / SATA Hard disks.It is recommended that you restart the System. Catalyst Control Centre :Host Application funktioniert nicht mehr . Damaged hard drive Clusters detected. Malwarebytes macht grad einen Vollscan und OTL habe ich auch schon gedownloadet . Bin um jede Hilfe dankbar .Ihr seid meine letzte Hoffnung  .lg Soo die Scans mit Malwarebytes und OTL sind abgeschlossen hier die Logs: Malwarebytes: Malwarebytes Datenbank Version: 6169 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 25.03.2011 16:51:58 mbam-log-2011-03-25 (16-51-39).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|) Durchsuchte Objekte: 288327 Laufzeit: 49 Minute(n), 39 Sekunde(n) Infizierte Speicherprozesse: 1 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 1 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 3 Infizierte Speicherprozesse: c:\programdata\scrrtwxnjagi.exe (Trojan.Downloader) -> 2788 -> No action taken. Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sCRrtWXnjAgI (Trojan.Downloader) -> Value: sCRrtWXnjAgI -> No action taken. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\programdata\scrrtwxnjagi.exe (Trojan.Downloader) -> No action taken. c:\Users\Vaio\AppData\Local\Temp\jar_cache262274732562599392.tmp (Trojan.Downloader) -> No action taken. c:\Users\Vaio\Desktop\null0.017095613465911375.exe (Trojan.Downloader) -> No action taken. OTL LOG 1:OTL Logfile: Code:
ATTFilter OTL logfile created on: 25.03.2011 16:55:01 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Vaio\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 455,16 Gb Total Space | 405,84 Gb Free Space | 89,17% Space Free | Partition Type: NTFS Computer Name: VAIO-VAIO | User Name: Vaio | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Vaio\Downloads\OTL.exe (OldTimer Tools) PRC - C:\ProgramData\sCRrtWXnjAgI.exe (FPAV) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.) PRC - C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe (Microsoft Corporation.) PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe (InternetCalls) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC) PRC - C:\Programme\Sony\VAIO Care\VCSpt.exe (Sony Corporation) PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation) PRC - C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) PRC - C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\Vaio\Downloads\OTL.exe (OldTimer Tools) MOD - c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll (McAfee, Inc.) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe () SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.) SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation) SRV:64bit: - (VSNService) -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) SRV:64bit: - (VUAgent) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation) SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation) SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (McAfee SiteAdvisor Service) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.) SRV - (VAIO Event Service) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (PMBDeviceInfoProvider) -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation) SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation) SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions) SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.) DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.) DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.) DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.) DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.) DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.) DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.) DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.) DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys () DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC) DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC) DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google Toolbar IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900 FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.01.21 23:36:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.01.21 23:36:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011.02.28 18:53:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.03.24 16:35:52 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.24 16:35:52 | 000,000,000 | ---D | M] [2010.01.10 19:14:37 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Vaio\AppData\Roaming\mozilla\Extensions [2011.03.25 00:36:41 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Vaio\AppData\Roaming\mozilla\Firefox\Profiles\um5t1ii3.default\extensions [2011.01.14 20:44:08 | 000,000,000 | -H-D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Vaio\AppData\Roaming\mozilla\Firefox\Profiles\um5t1ii3.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010.01.10 20:45:06 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Vaio\AppData\Roaming\mozilla\Firefox\Profiles\um5t1ii3.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.01.14 21:37:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.01.14 21:37:32 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2011.01.21 23:36:48 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO [2011.01.21 23:36:49 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA [2011.02.28 18:53:53 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR [2010.10.13 22:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll [2011.03.24 16:35:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.03.24 16:35:49 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.03.24 16:35:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.03.24 16:35:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.03.24 16:35:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho64.dll () O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\SystemCore\ScriptSn.20110114193924.dll (McAfee, Inc.) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll (Google Inc.) O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll () O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110114193924.dll (McAfee, Inc.) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [InternetCalls] C:\Program Files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe (InternetCalls) O4 - HKCU..\Run: [sCRrtWXnjAgI] C:\ProgramData\sCRrtWXnjAgI.exe (FPAV) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Vaio\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Vaio\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.) O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - c:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.03.25 15:56:35 | 000,000,000 | ---D | C] -- C:\Users\Vaio\AppData\Roaming\Malwarebytes [2011.03.25 15:56:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.03.25 15:56:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.03.25 15:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.03.25 15:56:24 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.03.25 15:56:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.03.25 14:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2011.03.25 01:05:26 | 000,000,000 | -H-D | C] -- C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery [2011.03.25 00:32:26 | 000,546,304 | -H-- | C] (FPAV) -- C:\ProgramData\sCRrtWXnjAgI.exe [2011.03.25 00:32:23 | 000,546,304 | -H-- | C] (FPAV) -- C:\Users\Vaio\Desktop\null0.017095613465911375.exe [2011.03.15 21:49:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veetle [2011.03.15 17:52:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP [2011.03.15 17:52:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard [2011.03.15 17:52:11 | 000,136,704 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpf3l70v.dll [2011.03.15 17:51:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP [2011.03.15 17:51:40 | 000,000,000 | -H-D | C] -- C:\Config.Msi [2011.03.15 17:50:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\HP [2011.03.15 17:50:28 | 000,880,640 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hposwia_d02c.dll [2011.03.15 17:50:28 | 000,748,544 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpost_d02c.dll [2011.03.15 17:50:28 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll [2011.03.15 17:50:28 | 000,551,424 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hppldcoi.dll [2011.03.15 17:50:28 | 000,515,072 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hposc_d02a.dll [2011.03.09 14:05:46 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2011.03.09 14:05:46 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2011.03.09 14:05:46 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2011.03.09 14:05:46 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2011.03.09 14:05:45 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll [2011.03.09 14:05:45 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll [2011.03.09 14:05:45 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2011.03.09 14:05:45 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2011.03.09 14:05:42 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2011.03.09 14:05:42 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2011.03.09 14:05:41 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2011.03.09 14:05:41 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2011.03.07 00:24:55 | 000,000,000 | -H-D | C] -- C:\Users\Vaio\AppData\Roaming\InternetCalls [2011.03.07 00:24:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InternetCalls [2011.03.07 00:24:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InternetCalls.com [2011.03.05 21:55:36 | 000,000,000 | -H-D | C] -- C:\Users\Vaio\AppData\Roaming\Apple Computer [2011.03.05 21:55:36 | 000,000,000 | -H-D | C] -- C:\Users\Vaio\AppData\Local\Apple Computer [2011.03.05 21:55:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.03.05 21:55:09 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll [2011.03.05 21:55:09 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll [2011.03.05 21:55:09 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys [2011.03.05 21:54:33 | 000,000,000 | ---D | C] -- C:\Programme\iTunes [2011.03.05 21:54:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2011.03.05 21:54:33 | 000,000,000 | ---D | C] -- C:\Programme\iPod [2011.03.05 21:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} [2011.03.05 21:53:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011.03.05 21:53:04 | 000,000,000 | -H-D | C] -- C:\ProgramData\Apple Computer [2011.03.05 21:53:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2011.03.05 21:52:52 | 000,000,000 | -H-D | C] -- C:\Users\Vaio\AppData\Local\Apple [2011.03.05 21:52:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2011.03.05 21:52:38 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple [2011.03.05 21:52:23 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour [2011.03.05 21:52:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2011.03.05 21:52:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\Apple [2011.03.05 21:52:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2011.03.01 21:06:13 | 000,000,000 | -H-D | C] -- C:\Users\Vaio\Documents\ICQ [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.03.25 16:25:02 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.03.25 15:56:28 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.03.25 15:54:12 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.03.25 15:54:12 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.03.25 15:44:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.03.25 14:14:55 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.03.25 14:14:37 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys [2011.03.25 01:06:18 | 000,000,128 | -H-- | M] () -- C:\ProgramData\~41803528r [2011.03.25 01:06:18 | 000,000,096 | -H-- | M] () -- C:\ProgramData\~41803528 [2011.03.25 01:05:36 | 000,000,631 | -H-- | M] () -- C:\Users\Vaio\Desktop\Windows Recovery.lnk [2011.03.25 00:32:25 | 000,546,304 | -H-- | M] (FPAV) -- C:\ProgramData\sCRrtWXnjAgI.exe [2011.03.25 00:32:25 | 000,546,304 | -H-- | M] (FPAV) -- C:\Users\Vaio\Desktop\null0.017095613465911375.exe [2011.03.24 19:20:55 | 000,030,326 | -H-- | M] () -- C:\Users\Vaio\Desktop\DXLA31_82900_76001_99_9999.jpg [2011.03.24 19:20:52 | 000,025,468 | -H-- | M] () -- C:\Users\Vaio\Desktop\DXLA01_82900_37005_99_9999.jpg [2011.03.24 19:20:47 | 000,014,688 | -H-- | M] () -- C:\Users\Vaio\Desktop\DXLA01_82900_09090_76_6570.jpg [2011.03.24 15:59:46 | 000,056,273 | -H-- | M] () -- C:\Users\Vaio\Desktop\catherine-zeta-jones-20060306-113776.jpg [2011.03.24 15:53:20 | 000,024,889 | -H-- | M] () -- C:\Users\Vaio\Desktop\58592_catfight_angelina_megan.jpg [2011.03.24 00:39:29 | 000,154,124 | -H-- | M] () -- C:\Users\Vaio\Desktop\4cb412f46e719.jpg [2011.03.23 19:31:44 | 000,082,217 | -H-- | M] () -- C:\Users\Vaio\Desktop\IMG_5887.JPG [2011.03.22 22:06:21 | 000,072,330 | -H-- | M] () -- C:\Users\Vaio\Desktop\kingsize7.jpg [2011.03.22 21:45:38 | 000,072,960 | -H-- | M] () -- C:\Users\Vaio\Desktop\149275_100928016647498_100001908993654_4881_8113473_n.jpg [2011.03.21 20:58:49 | 000,085,252 | -H-- | M] () -- C:\Users\Vaio\Desktop\197460_203555469672615_100000544905088_676048_6808101_n.jpg [2011.03.20 03:12:48 | 000,029,477 | -H-- | M] () -- C:\Users\Vaio\Desktop\DXLA01_79821_09090_52_6435.jpg [2011.03.20 03:10:12 | 000,018,218 | -H-- | M] () -- C:\Users\Vaio\Desktop\DXLA01_78440_34015_71_6255.jpg [2011.03.20 03:08:55 | 000,026,059 | -H-- | M] () -- C:\Users\Vaio\Desktop\DXLA01_79828_09090_72_6410.jpg [2011.03.19 01:56:52 | 000,031,090 | -H-- | M] () -- C:\Users\Vaio\Desktop\106441_FP_AlyssaMilano_1.jpg [2011.03.15 22:23:17 | 000,000,916 | -H-- | M] () -- C:\Users\Public\Documents\sprüche.rtf [2011.03.15 17:55:15 | 000,146,721 | ---- | M] () -- C:\Windows\hpoins44.dat [2011.03.15 17:11:40 | 000,005,463 | -H-- | M] () -- C:\Users\Vaio\Desktop\dfdfdf.rtf [2011.03.14 16:01:33 | 000,000,230 | -H-- | M] () -- C:\Users\Public\Documents\frauena..rtf [2011.03.12 03:30:11 | 000,003,584 | -H-- | M] () -- C:\Users\Vaio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.03.07 00:24:53 | 000,001,155 | -H-- | M] () -- C:\Users\Vaio\Desktop\InternetCalls.lnk [2011.03.05 22:58:17 | 000,685,145 | -H-- | M] () -- C:\Users\Vaio\Desktop\IMG_0117.JPG [2011.03.05 22:56:05 | 000,654,371 | -H-- | M] () -- C:\Users\Vaio\Desktop\IMG_0085.JPG [2011.03.05 22:55:13 | 000,740,763 | -H-- | M] () -- C:\Users\Vaio\Desktop\IMG_0055.JPG [2011.03.05 22:08:51 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.03.05 22:08:51 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.03.05 22:08:51 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.03.05 22:08:51 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.03.05 22:08:51 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.03.05 21:55:30 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.03.05 21:53:19 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.03.25 15:56:28 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.03.25 01:06:18 | 000,000,128 | -H-- | C] () -- C:\ProgramData\~41803528r [2011.03.25 01:06:16 | 000,000,096 | -H-- | C] () -- C:\ProgramData\~41803528 [2011.03.25 01:05:36 | 000,000,631 | -H-- | C] () -- C:\Users\Vaio\Desktop\Windows Recovery.lnk [2011.03.24 19:20:55 | 000,030,326 | -H-- | C] () -- C:\Users\Vaio\Desktop\DXLA31_82900_76001_99_9999.jpg [2011.03.24 19:20:52 | 000,025,468 | -H-- | C] () -- C:\Users\Vaio\Desktop\DXLA01_82900_37005_99_9999.jpg [2011.03.24 19:20:47 | 000,014,688 | -H-- | C] () -- C:\Users\Vaio\Desktop\DXLA01_82900_09090_76_6570.jpg [2011.03.24 15:59:46 | 000,056,273 | -H-- | C] () -- C:\Users\Vaio\Desktop\catherine-zeta-jones-20060306-113776.jpg [2011.03.24 15:53:20 | 000,024,889 | -H-- | C] () -- C:\Users\Vaio\Desktop\58592_catfight_angelina_megan.jpg [2011.03.24 00:39:29 | 000,154,124 | -H-- | C] () -- C:\Users\Vaio\Desktop\4cb412f46e719.jpg [2011.03.23 19:31:44 | 000,082,217 | -H-- | C] () -- C:\Users\Vaio\Desktop\IMG_5887.JPG [2011.03.22 22:06:21 | 000,072,330 | -H-- | C] () -- C:\Users\Vaio\Desktop\kingsize7.jpg [2011.03.22 21:45:38 | 000,072,960 | -H-- | C] () -- C:\Users\Vaio\Desktop\149275_100928016647498_100001908993654_4881_8113473_n.jpg [2011.03.21 20:58:49 | 000,085,252 | -H-- | C] () -- C:\Users\Vaio\Desktop\197460_203555469672615_100000544905088_676048_6808101_n.jpg [2011.03.20 03:12:48 | 000,029,477 | -H-- | C] () -- C:\Users\Vaio\Desktop\DXLA01_79821_09090_52_6435.jpg [2011.03.20 03:10:12 | 000,018,218 | -H-- | C] () -- C:\Users\Vaio\Desktop\DXLA01_78440_34015_71_6255.jpg [2011.03.20 03:08:55 | 000,026,059 | -H-- | C] () -- C:\Users\Vaio\Desktop\DXLA01_79828_09090_72_6410.jpg [2011.03.19 01:56:52 | 000,031,090 | -H-- | C] () -- C:\Users\Vaio\Desktop\106441_FP_AlyssaMilano_1.jpg [2011.03.15 22:23:17 | 000,000,916 | -H-- | C] () -- C:\Users\Public\Documents\sprüche.rtf [2011.03.15 17:50:34 | 000,146,721 | ---- | C] () -- C:\Windows\hpoins44.dat [2011.03.15 17:50:34 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat [2011.03.15 17:11:40 | 000,005,463 | -H-- | C] () -- C:\Users\Vaio\Desktop\dfdfdf.rtf [2011.03.14 16:01:33 | 000,000,230 | -H-- | C] () -- C:\Users\Public\Documents\frauena..rtf [2011.03.12 03:30:11 | 000,003,584 | -H-- | C] () -- C:\Users\Vaio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.03.07 00:24:53 | 000,001,155 | -H-- | C] () -- C:\Users\Vaio\Desktop\InternetCalls.lnk [2011.03.05 22:51:21 | 000,685,145 | -H-- | C] () -- C:\Users\Vaio\Desktop\IMG_0117.JPG [2011.03.05 22:51:14 | 000,654,371 | -H-- | C] () -- C:\Users\Vaio\Desktop\IMG_0085.JPG [2011.03.05 22:50:59 | 000,740,763 | -H-- | C] () -- C:\Users\Vaio\Desktop\IMG_0055.JPG [2011.03.05 21:55:30 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.03.05 21:53:19 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011.03.05 21:52:50 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2011.01.14 21:38:45 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.10.08 07:55:10 | 000,002,023 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010.01.29 23:21:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.01.29 21:36:40 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2010.01.29 21:36:40 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2010.01.29 21:36:40 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2010.01.29 21:36:40 | 000,050,036 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2010.01.29 21:36:39 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2010.01.29 21:36:34 | 000,028,732 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat [2010.01.29 21:36:34 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat [2010.01.04 13:38:40 | 000,002,119 | ---- | C] () -- C:\Windows\SysWow64\McOEMAppRules.dat [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat < End of report > LOG 2:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 25.03.2011 16:55:01 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Vaio\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455,16 Gb Total Space | 405,84 Gb Free Space | 89,17% Space Free | Partition Type: NTFS
Computer Name: VAIO-VAIO | User Name: Vaio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{259FD439-13B0-0136-D0A0-FA89BB05831D}" = ccc-utility64
"{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java(TM) 6 Update 16 (64-bit)
"{393A9268-A428-4F5A-9B20-BD753309A98E}" = Click to Disc MergeModules x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5BC83141-83DD-07BE-C940-04B385540F04}" = ATI Catalyst Install Manager
"{819CA3BC-2FF8-4811-B42F-421F7BFD3559}" = HP Deskjet F2400 All-in-One Driver 14.0 Rel. 6
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{B24A47E5-F196-461E-A7A4-AADB72CB19DD}" = iTunes
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{C37B6246-7D4A-4E5C-BFB4-11C8660BDC99}" = VAIO Movie Story MergeModules x64
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07B7598E-1FB8-1A95-7A30-F534A55726B4}" = CCC Help Czech
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{159E5135-4BEA-52B7-8CDC-823F1ED6D8A5}" = CCC Help Spanish
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{1E450972-E996-4EC1-A4C3-1518A46928D0}" = VAIO Content Metadata Intelligent Network Service Manager
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1FD416D0-CC16-41D1-A25C-C9986CD8BBAB}" = VAIO Content Metadata Intelligent Analyzing Manager
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{208345BE-27BB-4367-B245-A5B6E764FDD0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{2110ECBD-BF15-4673-8852-8C68DDEB26AC}" = Media Gallery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Einstellungen für VAIO-Inhaltsüberwachung
"{265F0D95-A883-7162-0458-B78085B6B693}" = Catalyst Control Center Graphics Light
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool
"{35111E7A-03B9-25EC-F434-A1CD976907FC}" = CCC Help Chinese Traditional
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{37531547-B1F4-45E6-98FC-8AF5F2F0EAA4}" = VAIO Content Metadata Manager Settings
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{427E8AD0-A4B1-D225-836E-CCB6068B490A}" = CCC Help French
"{4427F384-B5BE-4769-B7D0-C784FC321EB1}" = VAIO Content Metadata Intelligent Network Service Manager
"{44D25B45-5C0E-2187-6739-E2FA0E8AFE1D}" = CCC Help Portuguese
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{4E6DF745-C99E-909F-BCF0-B7C24A51E56E}" = CCC Help Japanese
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5546F4E9-B0F4-4F54-B949-2AB006C9284F}" = DJ_AIO_06_F2400_SW_Min
"{5736590B-36C7-4881-5EBE-F9B390F00774}" = Catalyst Control Center Core Implementation
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}" = VAIO Quick Web Access
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61F569A3-1647-B6F4-08C8-40A011831827}" = CCC Help English
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A3F204B-323C-7E32-F890-A7308768728D}" = CCC Help Russian
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D8ED20E-E792-4DAC-BB66-009836CBD80B}" = VAIO Content Monitoring Settings
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{7002773F-2A53-E9F2-E161-DB3DDA0F05BE}" = CCC Help Hungarian
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7392AA60-133D-4761-94DB-8FBC9B6CD5EA}" = VAIO Content Metadata Intelligent Network Service Manager
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76DECE17-BCF5-9640-2854-3CA049834A40}" = CCC Help Chinese Standard
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{7A63F0C4-6B2B-694C-ED72-D0670612BC29}" = CCC Help Swedish
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Energie Verwaltung
"{88001121-87E2-2104-F9F5-ECC15DFCA1E0}" = Catalyst Control Center Graphics Full Existing
"{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8EB34C0B-AF54-F265-844C-3E6FA9AE2FCD}" = CCC Help German
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{935B5086-C002-0FBC-0723-5741D2478EE7}" = Catalyst Control Center InstallProxy
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{96D8E26D-70CB-44DE-AE50-43095A39E5B2}" = VAIO Entertainment Platform
"{9B163B82-3B46-4CE5-BF01-A53E550A8E58}" = Sony Home Network Library
"{9C73041C-AB71-995D-EEC7-B4E940F93F36}" = CCC Help Finnish
"{9DA53D22-D922-494C-B1D7-51CD9BCB9E4A}" = VAIO Hardware Diagnostics
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Funktion Einstellungen
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A8D53A4E-77A1-E23E-A396-6D9C86A2F273}" = Catalyst Control Center Graphics Full New
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95187EF-BCF4-4468-B501-C0BAB976ADD1}" = VAIO Personalization Manager
"{AB259D46-F851-41B0-9AFA-AED8998AD68A}" = MusicStation
"{AC050677-EAFC-4B57-8F83-8205F65134D2}" = VAIO Content Metadata XML Interface Library
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{BCA907B6-5A0F-473E-8C63-0FF0CFAEB7B7}" = VAIO Personalization Manager
"{BFF37C6E-D735-4487-390C-271E030AA62C}" = CCC Help Italian
"{C2E171F6-9B58-4CE1-7B8B-B69FA04EBAB8}" = Catalyst Control Center Graphics Previews Vista
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C459D829-0FF0-C210-B2BF-83DB63FC1D61}" = CCC Help Korean
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C5529BC1-C2BF-44E8-B62A-01913D70081C}" = Catalyst Control Center - Branding
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C83B7CBB-C736-BF46-9832-7A9D07E9D94C}" = CCC Help Polish
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D49989B0-7BC2-F7F1-8017-3257F617347A}" = Catalyst Control Center Graphics Previews Common
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D6DEC295-88A0-5CFA-0B29-C8FDF091FFD3}" = CCC Help Dutch
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{DF693121-40C0-3020-D655-612E51616423}" = CCC Help Danish
"{E3DC1111-5D32-40F9-BB81-64E31294C1A4}" = VAIO Personalization Manager
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EBDDC3CC-343A-C0DD-79BA-8A12D0A2CA10}" = CCC Help Turkish
"{ECF0D151-BCA0-8E6D-62DB-5D44DB4A3836}" = CCC Help Thai
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings
"{F1B95046-E9DA-CFEC-42A8-C8224646AA32}" = ccc-core-static
"{F30FE437-0E45-D409-F629-5D86960A6591}" = CCC Help Norwegian
"{F5CC9A13-6C57-4948-75A8-3A2C92A3183B}" = Catalyst Control Center Localization All
"{F67C14C0-D73E-C55B-E132-B1904A1A709C}" = CCC Help Greek
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{F7E8DD1D-9BFD-38BB-86A5-BEF313B00C51}" = Catalyst Control Center InstallProxy
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"DivX Setup.divx.com" = DivX-Setup
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.32
"Freemake Video Downloader_is1" = Freemake Video Downloader Version 2.0.2
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"InternetCalls_is1" = InternetCalls
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MarketingTools" = VAIO Marketing Tools
"Messenger Plus! Live" = Messenger Plus! Live
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"MSC" = McAfee Internet Security
"Picasa 3" = Picasa 3
"splashtop" = VAIO Quick Web Access
"Uninstall_is1" = Uninstall 1.0.0.1
"VAIO Help and Support" =
"VAIO Premium Partners" = VAIO Premium Partners
"VAIO screensaver" = VAIO screensaver
"Veetle TV" = Veetle TV 0.9.18
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.03.2011 12:31:18 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3027
Error - 21.03.2011 12:31:18 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3027
Error - 21.03.2011 12:39:19 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 21.03.2011 12:39:19 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 483479
Error - 21.03.2011 12:39:19 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 483479
Error - 21.03.2011 12:55:08 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 21.03.2011 12:55:08 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1030
Error - 21.03.2011 12:55:08 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1030
Error - 21.03.2011 12:55:09 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 21.03.2011 12:55:09 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2044
[ System Events ]
Error - 12.03.2011 20:57:06 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows-Zeitgeber" wurde mit folgendem Fehler beendet:
%%1115
Error - 13.03.2011 03:09:52 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Upnp Server 10 erreicht.
Error - 13.03.2011 12:05:45 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Upnp Server 10 erreicht.
Error - 14.03.2011 08:23:57 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Upnp Server 10 erreicht.
Error - 14.03.2011 08:26:31 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Upnp Server 10 erreicht.
Error - 15.03.2011 07:55:32 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Upnp Server 10 erreicht.
Error - 16.03.2011 14:52:02 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Upnp Server 10 erreicht.
Error - 17.03.2011 14:12:16 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Upnp Server 10 erreicht.
Error - 18.03.2011 09:01:06 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Upnp Server 10 erreicht.
Error - 19.03.2011 09:00:27 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Upnp Server 10 erreicht.
< End of report >
Wie sehen jetzt die weiteren schritte aus? Tausend dank schon im vorraus  Hallo leute ich will jetzt nicht frech klingen und behaupten ,dass man mir helfen MUSS,aber ich wär euch sehr dankbar ,wenn das Jemand machen würde ...hab auch andere themen gefunden sind die so ähnlich sind wie mein Problem ,aber man darf die ja nicht nachmachen weil die ja auf diese gewißen probleme von den Personen zugeschnitten sind .Ich brauch einfach HILFE . |
|
26.03.2011, 20:54
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected `` Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.
__________________
__________________ |
|
27.03.2011, 01:46
| #3 |
| | TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected `` Nein leider nicht .Habe erst Malwarebytes installiert nachdem ich den Trojaner bekommen habe .
__________________ |
|
27.03.2011, 19:51
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected `` Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
[2011.03.25 01:06:18 | 000,000,128 | -H-- | C] () -- C:\ProgramData\~41803528r
[2011.03.25 01:06:16 | 000,000,096 | -H-- | C] () -- C:\ProgramData\~41803528
[2011.03.25 01:05:36 | 000,000,631 | -H-- | C] () -- C:\Users\Vaio\Desktop\Windows Recovery.lnk
[2011.03.25 01:06:18 | 000,000,128 | -H-- | M] () -- C:\ProgramData\~41803528r
[2011.03.25 01:06:18 | 000,000,096 | -H-- | M] () -- C:\ProgramData\~41803528
[2011.03.25 01:05:36 | 000,000,631 | -H-- | M] () -- C:\Users\Vaio\Desktop\Windows Recovery.lnk
[2011.03.25 00:32:25 | 000,546,304 | -H-- | M] (FPAV) -- C:\ProgramData\sCRrtWXnjAgI.exe
[2011.03.25 00:32:25 | 000,546,304 | -H-- | M] (FPAV) -- C:\Users\Vaio\Desktop\null0.017095613465911375.exe
[2011.03.05 21:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011.03.25 01:05:26 | 000,000,000 | -H-D | C] -- C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011.03.25 00:32:26 | 000,546,304 | -H-- | C] (FPAV) -- C:\ProgramData\sCRrtWXnjAgI.exe
[2011.03.25 00:32:23 | 000,546,304 | -H-- | C] (FPAV) -- C:\Users\Vaio\Desktop\null0.017095613465911375.exe
O4 - HKCU..\Run: [sCRrtWXnjAgI] C:\ProgramData\sCRrtWXnjAgI.exe (FPAV)
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.03.2011, 22:12
| #5 |
| | TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected `` Hallo Arne Als ich grade den Schritt den den du mir beschrieben hast durchführen wollte habe ich bei Antivir gesehen ,dass das Trojanische Pferd TR./Kazy .16727.1 in der Quarantäne hat .Das war gestern noch nicht da.Desweitern ist mit aufgefallen das die Fehlermeldungen stark abgenommen haben. Soll ich jetzt deinen Schritt trotzdem durchführen? lg |
|
28.03.2011, 08:50
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected `` Ja bitte den Fix ausführen.
__________________ --> TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected `` |
|
28.03.2011, 16:20
| #7 |
| | TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected `` So hab den fix durchgeführt .Hier der Log : *All processes killed ========== OTL ========== C:\ProgramData\~41803528r moved successfully. C:\ProgramData\~41803528 moved successfully. C:\Users\Vaio\Desktop\Windows Recovery.lnk moved successfully. File C:\ProgramData\~41803528r not found. File C:\ProgramData\~41803528 not found. File C:\Users\Vaio\Desktop\Windows Recovery.lnk not found. File C:\ProgramData\sCRrtWXnjAgI.exe not found. File C:\Users\Vaio\Desktop\null0.017095613465911375.exe not found. C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\x64 folder moved successfully. C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64 folder moved successfully. C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} folder moved successfully. C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery folder moved successfully. File C:\ProgramData\sCRrtWXnjAgI.exe not found. File C:\Users\Vaio\Desktop\null0.017095613465911375.exe not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\sCRrtWXnjAgI not found. File C:\ProgramData\sCRrtWXnjAgI.exe not found. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully * [EMPTYTEMP] * User: All Users * User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes * User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes * User: Public * User: Vaio ->Temp folder emptied: 896358554 bytes ->Temporary Internet Files folder emptied: 104665922 bytes ->Java cache emptied: 635446 bytes ->FireFox cache emptied: 58924749 bytes ->Flash cache emptied: 74633 bytes * %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 15026349 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 85501 bytes RecycleBin emptied: 372332951 bytes * Total Files Cleaned = 1.381,00 mb * * OTL by OldTimer - Version 3.2.22.3 log created on 03272011_231846 Files\Folders moved on Reboot... C:\Users\Vaio\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. Registry entries deleted on Reboot... |
|
28.03.2011, 19:14
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected `` Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.03.2011, 15:20
| #9 |
| | TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected `` Hallo Arne , Habe dem Combofix durchgeführt hier der text davon. Combofix Logfile: Code:
ATTFilter ComboFix 11-03-28.05 - Vaio 29.03.2011 14:45:22.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.3950.2693 [GMT 2:00]
ausgeführt von:: c:\users\Vaio\Desktop\cofi.exe..exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Vaio\AppData\Roaming\Local
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\2.ddi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\3.ddi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\5.ddi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\6.ddi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\7.ddi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\8.ddi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\housewivesS07E04de.avi.ddr
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\intro.Love.And.Other.Drugs.englisch.avi.ddr
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\intro_love.and.other.drugs.ts.md.avi.ddr
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\sof_desperate.housewives.s07e02.avi(2).ddr
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\sof_desperate.housewives.s07e02.avi.ddr
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\sof_desperate.housewives.s07e03.avi(2).ddr
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\sof_desperate.housewives.s07e03.avi.ddr
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\housewivesS07E04de.avi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\intro.Love.And.Other.Drugs.englisch.avi.ddp
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\intro_love.and.other.drugs.ts.md.avi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\sof_desperate.housewives.s07e01.avi(2).ddp
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\sof_desperate.housewives.s07e01.avi.ddp
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\sof_desperate.housewives.s07e02.avi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\sof_desperate.housewives.s07e02.avi(2).ddp
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\sof_desperate.housewives.s07e02.avi(3).ddp
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\sof_desperate.housewives.s07e02.avi.ddp
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\sof_desperate.housewives.s07e03(2).avi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\sof_desperate.housewives.s07e03.avi
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-02-28 bis 2011-03-29 ))))))))))))))))))))))))))))))
.
.
2011-03-29 12:30 . 2011-03-29 12:30 -------- d-----w- c:\program files\CCleaner
2011-03-27 21:18 . 2011-03-27 21:18 -------- d-----w- C:\_OTL
2011-03-27 21:17 . 2011-03-23 08:11 8424784 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2D6E821F-DE3D-4877-BD72-AED5EE489320}\mpengine.dll
2011-03-27 21:17 . 2011-02-02 16:11 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-03-25 14:56 . 2011-03-25 14:56 -------- d-----w- c:\users\Vaio\AppData\Roaming\Malwarebytes
2011-03-25 14:56 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-25 14:56 . 2011-03-25 14:56 -------- d-----w- c:\programdata\Malwarebytes
2011-03-25 14:56 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-25 14:56 . 2011-03-25 14:56 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-03-15 20:49 . 2011-03-15 20:49 -------- d-----w- c:\program files (x86)\Veetle
2011-03-15 16:54 . 2009-04-16 13:08 248320 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpfpp70v.dll
2011-03-15 16:52 . 2011-03-15 16:52 -------- d-----w- c:\program files (x86)\Common Files\HP
2011-03-15 16:52 . 2011-03-15 16:52 -------- d-----w- c:\program files (x86)\Common Files\Hewlett-Packard
2011-03-15 16:52 . 2009-04-16 13:08 136704 ----a-w- c:\windows\system32\hpf3l70v.dll
2011-03-15 16:51 . 2011-03-15 16:52 -------- d-----w- c:\program files (x86)\HP
2011-03-15 16:50 . 2011-03-15 16:50 -------- d--h--w- c:\programdata\HP
2011-03-15 16:50 . 2009-04-16 11:53 642360 ----a-w- c:\windows\system32\hpzids40.dll
2011-03-15 16:50 . 2009-02-11 11:03 880640 ----a-w- c:\windows\system32\hposwia_d02c.dll
2011-03-15 16:50 . 2009-02-11 11:03 748544 ----a-w- c:\windows\system32\hpost_d02c.dll
2011-03-15 16:50 . 2009-02-11 11:03 515072 ----a-w- c:\windows\system32\hposc_d02a.dll
2011-03-15 16:50 . 2008-10-29 00:27 551424 ----a-w- c:\windows\system32\hppldcoi.dll
2011-03-09 13:05 . 2010-12-23 06:07 961024 ----a-w- c:\windows\system32\CPFilters.dll
2011-03-09 13:05 . 2010-12-23 06:07 723968 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 13:05 . 2010-12-23 05:28 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2011-03-09 13:05 . 2010-12-23 05:28 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-03-09 13:05 . 2010-12-23 06:07 1118720 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 13:05 . 2010-12-23 06:02 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 13:05 . 2010-12-23 05:28 850432 ----a-w- c:\windows\SysWow64\sbe.dll
2011-03-09 13:05 . 2010-12-23 05:24 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2011-03-09 13:05 . 2010-12-18 06:12 3138048 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 13:05 . 2010-12-18 05:30 2690560 ----a-w- c:\windows\SysWow64\mstscax.dll
2011-03-09 13:05 . 2010-12-18 06:08 1097216 ----a-w- c:\windows\system32\mstsc.exe
2011-03-09 13:05 . 2010-12-18 05:26 1034240 ----a-w- c:\windows\SysWow64\mstsc.exe
2011-03-06 23:24 . 2011-03-06 23:36 -------- d--h--w- c:\users\Vaio\AppData\Roaming\InternetCalls
2011-03-06 23:24 . 2011-03-06 23:24 -------- d-----w- c:\program files (x86)\InternetCalls.com
2011-03-05 20:55 . 2011-03-05 21:49 -------- d--h--w- c:\users\Vaio\AppData\Roaming\Apple Computer
2011-03-05 20:55 . 2011-03-05 20:55 -------- d--h--w- c:\users\Vaio\AppData\Local\Apple Computer
2011-03-05 20:55 . 2009-05-18 12:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-03-05 20:55 . 2008-04-17 11:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2011-03-05 20:55 . 2008-04-17 11:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2011-03-05 20:54 . 2011-03-05 20:55 -------- d-----w- c:\program files\iTunes
2011-03-05 20:54 . 2011-03-05 20:55 -------- d-----w- c:\program files (x86)\iTunes
2011-03-05 20:54 . 2011-03-05 20:54 -------- d-----w- c:\program files\iPod
2011-03-05 20:52 . 2011-03-05 20:52 -------- d--h--w- c:\users\Vaio\AppData\Local\Apple
2011-03-05 20:52 . 2011-03-05 20:52 -------- d-----w- c:\program files (x86)\Apple Software Update
2011-03-05 20:52 . 2011-03-05 20:52 -------- d-----w- c:\program files\Common Files\Apple
2011-03-05 20:52 . 2011-03-05 20:52 -------- d-----w- c:\program files\Bonjour
2011-03-05 20:52 . 2011-03-05 20:52 -------- d-----w- c:\program files (x86)\Bonjour
2011-03-05 20:52 . 2011-03-05 20:55 -------- d--h--w- c:\programdata\Apple
2011-03-05 20:52 . 2011-03-05 20:54 -------- d-----w- c:\program files (x86)\Common Files\Apple
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-18 15:36 . 2011-02-18 15:36 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2011-02-18 15:36 . 2011-02-18 15:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-01-07 08:06 . 2011-02-10 00:20 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-01-07 07:27 . 2011-02-10 00:20 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-01-07 05:49 . 2011-02-10 00:20 366080 ----a-w- c:\windows\system32\atmfd.dll
2011-01-07 05:33 . 2011-02-10 00:20 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-01-05 06:20 . 2011-02-10 00:21 612352 ----a-w- c:\windows\system32\vbscript.dll
2011-01-05 05:37 . 2011-02-10 00:21 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-01-05 04:00 . 2011-02-10 00:21 3127808 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files (x86)\ICQ7.2\ICQ.exe" [2011-01-05 133432]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"InternetCalls"="c:\program files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe" [2010-12-20 12947768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-17 538472]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2009-10-24 597792]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2010-01-04 26624]
"SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [2010-01-04 149280]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-01-10 1230704]
"DivX Download Manager"="c:\program files (x86)\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-20 102400]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-01 421160]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 21:03 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-04 133104]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-15 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-15 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-15 427304]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-15 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-15 91432]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-01 361840]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-19 115568]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-04-09 1223024]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe [2011-02-16 101048]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2010-08-12 257936]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-14 642416]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-19 529776]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-08-11 845312]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-04 12:38]
.
2011-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-04 12:38]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-04 171520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube to MP3 Converter - c:\users\Vaio\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\um5t1ii3.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files (x86)\McAfee\SiteAdvisor
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-Apoint - %ProgramFiles%\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1566025896-931508188-2837753467-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1566025896-931508188-2837753467-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Sony\VAIO Care\VCSpt.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\SONY\VAIO Event Service\VESMgr.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\windows\SysWOW64\DllHost.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files\Sony\VAIO Care\listener.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-03-29 14:54:44 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-03-29 12:54
.
Vor Suchlauf: 7 Verzeichnis(se), 438.133.587.968 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 437.620.056.064 Bytes frei
.
- - End Of File - - 3A49AB9529E60ACDAED639B7C155CF1A
|
|
29.03.2011, 17:00
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected `` Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.03.2011, 22:05
| #11 |
| | TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected `` So hier der log 2011/03/29 22:59:46.0973 2072 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28 2011/03/29 22:59:47.0272 2072 ================================================================================ 2011/03/29 22:59:47.0272 2072 SystemInfo: 2011/03/29 22:59:47.0272 2072 2011/03/29 22:59:47.0273 2072 OS Version: 6.1.7600 ServicePack: 0.0 2011/03/29 22:59:47.0273 2072 Product type: Workstation 2011/03/29 22:59:47.0273 2072 ComputerName: VAIO-VAIO 2011/03/29 22:59:47.0273 2072 UserName: Vaio 2011/03/29 22:59:47.0273 2072 Windows directory: C:\Windows 2011/03/29 22:59:47.0273 2072 System windows directory: C:\Windows 2011/03/29 22:59:47.0273 2072 Running under WOW64 2011/03/29 22:59:47.0273 2072 Processor architecture: Intel x64 2011/03/29 22:59:47.0273 2072 Number of processors: 4 2011/03/29 22:59:47.0273 2072 Page size: 0x1000 2011/03/29 22:59:47.0273 2072 Boot type: Normal boot 2011/03/29 22:59:47.0273 2072 ================================================================================ 2011/03/29 22:59:47.0515 2072 Initialize success 2011/03/29 22:59:52.0196 4204 ================================================================================ 2011/03/29 22:59:52.0196 4204 Scan started 2011/03/29 22:59:52.0196 4204 Mode: Manual; 2011/03/29 22:59:52.0196 4204 ================================================================================ 2011/03/29 22:59:52.0648 4204 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys 2011/03/29 22:59:52.0772 4204 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys 2011/03/29 22:59:52.0887 4204 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys 2011/03/29 22:59:53.0036 4204 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 2011/03/29 22:59:53.0155 4204 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 2011/03/29 22:59:53.0259 4204 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 2011/03/29 22:59:53.0414 4204 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys 2011/03/29 22:59:53.0539 4204 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 2011/03/29 22:59:53.0683 4204 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 2011/03/29 22:59:53.0828 4204 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 2011/03/29 22:59:53.0941 4204 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 2011/03/29 22:59:54.0251 4204 amdkmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/03/29 22:59:54.0391 4204 amdkmdap (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys 2011/03/29 22:59:54.0498 4204 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 2011/03/29 22:59:54.0601 4204 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\drivers\amdsata.sys 2011/03/29 22:59:54.0718 4204 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 2011/03/29 22:59:54.0826 4204 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\drivers\amdxata.sys 2011/03/29 22:59:54.0971 4204 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\DRIVERS\Apfiltr.sys 2011/03/29 22:59:55.0086 4204 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 2011/03/29 22:59:55.0255 4204 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 2011/03/29 22:59:55.0357 4204 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 2011/03/29 22:59:55.0463 4204 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys 2011/03/29 22:59:55.0568 4204 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/03/29 22:59:55.0682 4204 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 2011/03/29 22:59:55.0898 4204 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys 2011/03/29 22:59:56.0188 4204 atikmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/03/29 22:59:56.0326 4204 avgntflt (39c2e2870fc0c2ae0595b883cbe716b4) C:\Windows\system32\DRIVERS\avgntflt.sys 2011/03/29 22:59:56.0437 4204 avipbb (c98fa6e5ad0e857d22716bd2b8b1f399) C:\Windows\system32\DRIVERS\avipbb.sys 2011/03/29 22:59:56.0565 4204 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 2011/03/29 22:59:56.0680 4204 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 2011/03/29 22:59:56.0806 4204 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 2011/03/29 22:59:56.0934 4204 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 2011/03/29 22:59:57.0068 4204 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys 2011/03/29 22:59:57.0181 4204 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 2011/03/29 22:59:57.0281 4204 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 2011/03/29 22:59:57.0394 4204 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 2011/03/29 22:59:57.0504 4204 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/03/29 22:59:57.0615 4204 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/03/29 22:59:57.0727 4204 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/03/29 22:59:57.0839 4204 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys 2011/03/29 22:59:57.0941 4204 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 2011/03/29 22:59:58.0055 4204 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 2011/03/29 22:59:58.0175 4204 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\Windows\system32\Drivers\BTHport.sys 2011/03/29 22:59:58.0316 4204 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\Windows\system32\Drivers\BTHUSB.sys 2011/03/29 22:59:58.0442 4204 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys 2011/03/29 22:59:58.0554 4204 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys 2011/03/29 22:59:58.0680 4204 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys 2011/03/29 22:59:58.0799 4204 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys 2011/03/29 22:59:58.0913 4204 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\drivers\btwrchid.sys 2011/03/29 22:59:59.0057 4204 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/03/29 22:59:59.0171 4204 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 2011/03/29 22:59:59.0290 4204 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 2011/03/29 22:59:59.0393 4204 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 2011/03/29 22:59:59.0546 4204 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 2011/03/29 22:59:59.0648 4204 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 2011/03/29 22:59:59.0763 4204 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 2011/03/29 22:59:59.0902 4204 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 2011/03/29 23:00:00.0014 4204 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys 2011/03/29 23:00:00.0120 4204 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 2011/03/29 23:00:00.0257 4204 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys 2011/03/29 23:00:00.0370 4204 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 2011/03/29 23:00:00.0486 4204 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 2011/03/29 23:00:00.0618 4204 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys 2011/03/29 23:00:00.0737 4204 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys 2011/03/29 23:00:00.0855 4204 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys 2011/03/29 23:00:00.0983 4204 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 2011/03/29 23:00:01.0116 4204 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys 2011/03/29 23:00:01.0313 4204 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 2011/03/29 23:00:01.0484 4204 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 2011/03/29 23:00:01.0590 4204 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 2011/03/29 23:00:01.0731 4204 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 2011/03/29 23:00:01.0835 4204 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 2011/03/29 23:00:01.0959 4204 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 2011/03/29 23:00:02.0095 4204 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 2011/03/29 23:00:02.0188 4204 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 2011/03/29 23:00:02.0306 4204 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 2011/03/29 23:00:02.0420 4204 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 2011/03/29 23:00:02.0529 4204 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 2011/03/29 23:00:02.0625 4204 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 2011/03/29 23:00:02.0736 4204 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys 2011/03/29 23:00:02.0839 4204 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 2011/03/29 23:00:02.0969 4204 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2011/03/29 23:00:03.0103 4204 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 2011/03/29 23:00:03.0218 4204 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 2011/03/29 23:00:03.0327 4204 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys 2011/03/29 23:00:03.0451 4204 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 2011/03/29 23:00:03.0549 4204 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 2011/03/29 23:00:03.0654 4204 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 2011/03/29 23:00:03.0767 4204 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 2011/03/29 23:00:03.0902 4204 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\drivers\hidusb.sys 2011/03/29 23:00:04.0026 4204 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys 2011/03/29 23:00:04.0147 4204 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 2011/03/29 23:00:04.0247 4204 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 2011/03/29 23:00:04.0374 4204 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/03/29 23:00:04.0496 4204 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys 2011/03/29 23:00:04.0622 4204 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\drivers\iaStorV.sys 2011/03/29 23:00:04.0907 4204 igfx (31d1aff484d8a0906cf8d44251ec390f) C:\Windows\system32\DRIVERS\igdkmd64.sys 2011/03/29 23:00:05.0043 4204 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 2011/03/29 23:00:05.0181 4204 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys 2011/03/29 23:00:05.0360 4204 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys 2011/03/29 23:00:05.0507 4204 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys 2011/03/29 23:00:05.0621 4204 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 2011/03/29 23:00:05.0738 4204 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 2011/03/29 23:00:05.0858 4204 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/03/29 23:00:05.0970 4204 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys 2011/03/29 23:00:06.0073 4204 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 2011/03/29 23:00:06.0189 4204 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 2011/03/29 23:00:06.0297 4204 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 2011/03/29 23:00:06.0393 4204 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys 2011/03/29 23:00:06.0509 4204 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 2011/03/29 23:00:06.0621 4204 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys 2011/03/29 23:00:06.0735 4204 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 2011/03/29 23:00:06.0857 4204 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys 2011/03/29 23:00:06.0981 4204 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 2011/03/29 23:00:07.0126 4204 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 2011/03/29 23:00:07.0282 4204 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 2011/03/29 23:00:07.0396 4204 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 2011/03/29 23:00:07.0510 4204 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 2011/03/29 23:00:07.0613 4204 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 2011/03/29 23:00:07.0728 4204 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 2011/03/29 23:00:07.0849 4204 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 2011/03/29 23:00:07.0961 4204 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 2011/03/29 23:00:08.0081 4204 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 2011/03/29 23:00:08.0182 4204 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 2011/03/29 23:00:08.0278 4204 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 2011/03/29 23:00:08.0383 4204 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys 2011/03/29 23:00:08.0499 4204 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 2011/03/29 23:00:08.0590 4204 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys 2011/03/29 23:00:08.0692 4204 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 2011/03/29 23:00:08.0806 4204 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 2011/03/29 23:00:08.0915 4204 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/03/29 23:00:09.0032 4204 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/03/29 23:00:09.0148 4204 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/03/29 23:00:09.0247 4204 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys 2011/03/29 23:00:09.0341 4204 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys 2011/03/29 23:00:09.0450 4204 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 2011/03/29 23:00:09.0563 4204 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 2011/03/29 23:00:09.0655 4204 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 2011/03/29 23:00:09.0780 4204 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 2011/03/29 23:00:09.0890 4204 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/03/29 23:00:10.0000 4204 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 2011/03/29 23:00:10.0112 4204 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 2011/03/29 23:00:10.0230 4204 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 2011/03/29 23:00:10.0337 4204 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 2011/03/29 23:00:10.0437 4204 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 2011/03/29 23:00:10.0540 4204 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 2011/03/29 23:00:10.0662 4204 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 2011/03/29 23:00:10.0793 4204 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 2011/03/29 23:00:10.0919 4204 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/03/29 23:00:11.0025 4204 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/03/29 23:00:11.0139 4204 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/03/29 23:00:11.0241 4204 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/03/29 23:00:11.0346 4204 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 2011/03/29 23:00:11.0481 4204 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 2011/03/29 23:00:11.0591 4204 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 2011/03/29 23:00:11.0723 4204 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 2011/03/29 23:00:11.0833 4204 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 2011/03/29 23:00:11.0942 4204 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 2011/03/29 23:00:12.0100 4204 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys 2011/03/29 23:00:12.0218 4204 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 2011/03/29 23:00:12.0339 4204 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\drivers\nvraid.sys 2011/03/29 23:00:12.0453 4204 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\drivers\nvstor.sys 2011/03/29 23:00:12.0578 4204 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 2011/03/29 23:00:12.0684 4204 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 2011/03/29 23:00:12.0812 4204 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 2011/03/29 23:00:12.0913 4204 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 2011/03/29 23:00:13.0026 4204 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys 2011/03/29 23:00:13.0141 4204 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 2011/03/29 23:00:13.0238 4204 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 2011/03/29 23:00:13.0334 4204 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 2011/03/29 23:00:13.0453 4204 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 2011/03/29 23:00:13.0688 4204 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 2011/03/29 23:00:13.0799 4204 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 2011/03/29 23:00:13.0945 4204 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 2011/03/29 23:00:14.0050 4204 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys 2011/03/29 23:00:14.0194 4204 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 2011/03/29 23:00:14.0319 4204 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 2011/03/29 23:00:14.0426 4204 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 2011/03/29 23:00:14.0530 4204 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 2011/03/29 23:00:14.0640 4204 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/03/29 23:00:14.0749 4204 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/03/29 23:00:14.0870 4204 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/03/29 23:00:14.0971 4204 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 2011/03/29 23:00:15.0077 4204 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 2011/03/29 23:00:15.0181 4204 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 2011/03/29 23:00:15.0290 4204 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/03/29 23:00:15.0401 4204 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 2011/03/29 23:00:15.0513 4204 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 2011/03/29 23:00:15.0621 4204 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 2011/03/29 23:00:15.0733 4204 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 2011/03/29 23:00:15.0848 4204 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 2011/03/29 23:00:15.0964 4204 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys 2011/03/29 23:00:16.0072 4204 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys 2011/03/29 23:00:16.0214 4204 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 2011/03/29 23:00:16.0334 4204 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\Windows\system32\drivers\RtHDMIVX.sys 2011/03/29 23:00:16.0467 4204 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys 2011/03/29 23:00:16.0577 4204 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 2011/03/29 23:00:16.0693 4204 sdbus (4e54822ed2350eb1f31f95f0fd674ef3) C:\Windows\system32\DRIVERS\sdbus.sys 2011/03/29 23:00:16.0827 4204 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/03/29 23:00:16.0963 4204 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 2011/03/29 23:00:17.0068 4204 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 2011/03/29 23:00:17.0168 4204 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 2011/03/29 23:00:17.0310 4204 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys 2011/03/29 23:00:17.0413 4204 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 2011/03/29 23:00:17.0513 4204 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 2011/03/29 23:00:17.0614 4204 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys 2011/03/29 23:00:17.0725 4204 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 2011/03/29 23:00:17.0837 4204 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 2011/03/29 23:00:17.0950 4204 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 2011/03/29 23:00:18.0064 4204 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 2011/03/29 23:00:18.0218 4204 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 2011/03/29 23:00:18.0363 4204 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys 2011/03/29 23:00:18.0497 4204 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys 2011/03/29 23:00:18.0615 4204 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys 2011/03/29 23:00:18.0744 4204 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 2011/03/29 23:00:18.0860 4204 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 2011/03/29 23:00:19.0043 4204 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys 2011/03/29 23:00:19.0206 4204 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys 2011/03/29 23:00:19.0330 4204 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 2011/03/29 23:00:19.0442 4204 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 2011/03/29 23:00:19.0543 4204 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 2011/03/29 23:00:19.0665 4204 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 2011/03/29 23:00:19.0784 4204 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys 2011/03/29 23:00:19.0943 4204 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/03/29 23:00:20.0051 4204 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 2011/03/29 23:00:20.0153 4204 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 2011/03/29 23:00:20.0265 4204 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 2011/03/29 23:00:20.0408 4204 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 2011/03/29 23:00:20.0503 4204 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 2011/03/29 23:00:20.0609 4204 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 2011/03/29 23:00:20.0749 4204 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys 2011/03/29 23:00:20.0867 4204 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/03/29 23:00:20.0970 4204 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 2011/03/29 23:00:21.0091 4204 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\drivers\usbehci.sys 2011/03/29 23:00:21.0212 4204 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\drivers\usbhub.sys 2011/03/29 23:00:21.0314 4204 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys 2011/03/29 23:00:21.0422 4204 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 2011/03/29 23:00:21.0533 4204 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 2011/03/29 23:00:21.0638 4204 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/03/29 23:00:21.0749 4204 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys 2011/03/29 23:00:21.0870 4204 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys 2011/03/29 23:00:22.0052 4204 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 2011/03/29 23:00:22.0170 4204 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/03/29 23:00:22.0276 4204 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 2011/03/29 23:00:22.0387 4204 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys 2011/03/29 23:00:22.0508 4204 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 2011/03/29 23:00:22.0611 4204 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys 2011/03/29 23:00:22.0727 4204 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 2011/03/29 23:00:22.0836 4204 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys 2011/03/29 23:00:22.0946 4204 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 2011/03/29 23:00:23.0091 4204 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 2011/03/29 23:00:23.0195 4204 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 2011/03/29 23:00:23.0325 4204 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 2011/03/29 23:00:23.0431 4204 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/03/29 23:00:23.0451 4204 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/03/29 23:00:23.0574 4204 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 2011/03/29 23:00:23.0689 4204 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 2011/03/29 23:00:23.0837 4204 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/03/29 23:00:23.0938 4204 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 2011/03/29 23:00:24.0122 4204 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 2011/03/29 23:00:24.0229 4204 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 2011/03/29 23:00:24.0375 4204 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 2011/03/29 23:00:24.0513 4204 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 2011/03/29 23:00:24.0622 4204 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/03/29 23:00:24.0772 4204 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys 2011/03/29 23:00:24.0840 4204 ================================================================================ 2011/03/29 23:00:24.0840 4204 Scan finished 2011/03/29 23:00:24.0840 4204 ================================================================================ gruß |
|
30.03.2011, 11:40
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected `` Bitte nun Logs mit GMER und mbrcheck erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg Anleitung zu mbrcheck: Downloade Dir MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.03.2011, 14:40
| #13 |
| | TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected `` So hab die Schritte durchgeführt : Log vom MBR: MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows 7 Home Premium Edition Windows Information: (build 7600), 64-bit Base Board Manufacturer: Sony Corporation BIOS Manufacturer: American Megatrends Inc. System Manufacturer: Sony Corporation System Product Name: VPCEB1M1E Logical Drives Mask: 0x0000003c Kernel Drivers (total 187): 0x03419000 \SystemRoot\system32\ntoskrnl.exe 0x039F6000 \SystemRoot\system32\hal.dll 0x00BB5000 \SystemRoot\system32\kdcom.dll 0x00C77000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x00CBB000 \SystemRoot\system32\PSHED.dll 0x00CCF000 \SystemRoot\system32\CLFS.SYS 0x00D2D000 \SystemRoot\system32\CI.dll 0x00E7B000 \SystemRoot\system32\drivers\Wdf01000.sys 0x00F1F000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x00F2E000 \SystemRoot\system32\drivers\ACPI.sys 0x00F85000 \SystemRoot\system32\drivers\WMILIB.SYS 0x00F8E000 \SystemRoot\system32\drivers\msisadrv.sys 0x00F98000 \SystemRoot\system32\drivers\pci.sys 0x00FCB000 \SystemRoot\system32\drivers\vdrvroot.sys 0x00FD8000 \SystemRoot\System32\drivers\partmgr.sys 0x00FED000 \SystemRoot\system32\drivers\compbatt.sys 0x00E00000 \SystemRoot\system32\drivers\BATTC.SYS 0x00E0C000 \SystemRoot\system32\drivers\volmgr.sys 0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys 0x00E21000 \SystemRoot\System32\drivers\mountmgr.sys 0x010F8000 \SystemRoot\system32\drivers\iaStor.sys 0x01300000 \SystemRoot\system32\drivers\atapi.sys 0x01309000 \SystemRoot\system32\drivers\ataport.SYS 0x01333000 \SystemRoot\system32\drivers\amdxata.sys 0x0133E000 \SystemRoot\system32\drivers\fltmgr.sys 0x0138A000 \SystemRoot\system32\drivers\fileinfo.sys 0x0139E000 \SystemRoot\System32\Drivers\PxHlpa64.sys 0x0141F000 \SystemRoot\System32\Drivers\Ntfs.sys 0x01000000 \SystemRoot\System32\Drivers\msrpc.sys 0x015C2000 \SystemRoot\System32\Drivers\ksecdd.sys 0x0105E000 \SystemRoot\System32\Drivers\cng.sys 0x015DC000 \SystemRoot\System32\drivers\pcw.sys 0x015ED000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x01604000 \SystemRoot\system32\drivers\ndis.sys 0x016F6000 \SystemRoot\system32\drivers\NETIO.SYS 0x01756000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x01781000 \SystemRoot\system32\drivers\volsnap.sys 0x017CD000 \SystemRoot\System32\Drivers\spldr.sys 0x013AB000 \SystemRoot\System32\drivers\rdyboost.sys 0x017D5000 \SystemRoot\System32\Drivers\mup.sys 0x017E7000 \SystemRoot\System32\drivers\hwpolicy.sys 0x00E3B000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x01400000 \SystemRoot\system32\drivers\disk.sys 0x018F3000 \SystemRoot\system32\drivers\CLASSPNP.SYS 0x04031000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x0405B000 \SystemRoot\System32\Drivers\Null.SYS 0x04064000 \SystemRoot\System32\Drivers\Beep.SYS 0x0406B000 \SystemRoot\System32\drivers\vga.sys 0x04079000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x0409E000 \SystemRoot\System32\drivers\watchdog.sys 0x040AE000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x040B7000 \SystemRoot\system32\drivers\rdpencdd.sys 0x040C0000 \SystemRoot\system32\drivers\rdprefmp.sys 0x040C9000 \SystemRoot\System32\Drivers\Msfs.SYS 0x040D4000 \SystemRoot\System32\Drivers\Npfs.SYS 0x02C01000 \SystemRoot\System32\drivers\tcpip.sys 0x040E5000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x0412F000 \SystemRoot\system32\DRIVERS\tdx.sys 0x0414D000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x0415A000 \SystemRoot\System32\DRIVERS\netbt.sys 0x01931000 \SystemRoot\system32\drivers\afd.sys 0x0419F000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x041A8000 \SystemRoot\system32\DRIVERS\pacer.sys 0x041CE000 \SystemRoot\system32\DRIVERS\vwififlt.sys 0x041E4000 \SystemRoot\system32\DRIVERS\netbios.sys 0x019BB000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x03E00000 \SystemRoot\system32\drivers\termdd.sys 0x01800000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x041F3000 \SystemRoot\system32\drivers\nsiproxy.sys 0x01851000 \SystemRoot\system32\drivers\mssmbios.sys 0x0185C000 \SystemRoot\System32\drivers\discache.sys 0x0186B000 \SystemRoot\System32\Drivers\dfsc.sys 0x01889000 \SystemRoot\system32\drivers\blbdrive.sys 0x0189A000 \SystemRoot\system32\DRIVERS\avipbb.sys 0x018BC000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x0428C000 \SystemRoot\system32\DRIVERS\atikmpag.sys 0x080F2000 \SystemRoot\system32\DRIVERS\atikmdag.sys 0x042C2000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x0879E000 \SystemRoot\System32\drivers\dxgmms1.sys 0x08000000 \SystemRoot\system32\drivers\HDAudBus.sys 0x08024000 \SystemRoot\system32\DRIVERS\HECIx64.sys 0x08035000 \SystemRoot\system32\drivers\usbehci.sys 0x08046000 \SystemRoot\system32\drivers\USBPORT.SYS 0x0446E000 \SystemRoot\system32\DRIVERS\athrx.sys 0x045EB000 \SystemRoot\system32\DRIVERS\vwifibus.sys 0x04400000 \SystemRoot\system32\DRIVERS\sdbus.sys 0x04420000 \SystemRoot\system32\drivers\rimssne64.sys 0x04440000 \SystemRoot\system32\drivers\risdsne64.sys 0x04200000 \SystemRoot\system32\DRIVERS\yk62x64.sys 0x0809C000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0x04458000 \SystemRoot\system32\drivers\kbdclass.sys 0x043B6000 \SystemRoot\system32\DRIVERS\Apfiltr.sys 0x080BA000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x04467000 \SystemRoot\system32\drivers\SFEP.sys 0x080C9000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys 0x080D6000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x045F8000 \SystemRoot\system32\drivers\CmBatt.sys 0x087E4000 \SystemRoot\system32\drivers\CompositeBus.sys 0x04265000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x019D6000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x087F4000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x04A9F000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x04ACE000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x04AE9000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x04B0A000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x04B24000 \SystemRoot\system32\drivers\swenum.sys 0x04B26000 \SystemRoot\system32\drivers\ks.sys 0x04B69000 \SystemRoot\system32\DRIVERS\umbus.sys 0x04B7B000 \SystemRoot\system32\drivers\usbhub.sys 0x04BD5000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x04A00000 \SystemRoot\system32\drivers\RtHDMIVX.sys 0x04A33000 \SystemRoot\system32\drivers\portcls.sys 0x04A70000 \SystemRoot\system32\drivers\drmk.sys 0x04A92000 \SystemRoot\system32\drivers\ksthunk.sys 0x056DA000 \SystemRoot\system32\drivers\RTKVHD64.sys 0x00020000 \SystemRoot\System32\win32k.sys 0x058F5000 \SystemRoot\System32\drivers\Dxapi.sys 0x05901000 \SystemRoot\System32\Drivers\crashdmp.sys 0x03E14000 \SystemRoot\System32\Drivers\dump_iaStor.sys 0x0590F000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x05922000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x0593F000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x05941000 \SystemRoot\System32\Drivers\usbvideo.sys 0x0596F000 \SystemRoot\system32\DRIVERS\ArcSoftKsUFilter.sys 0x05979000 \SystemRoot\system32\DRIVERS\monitor.sys 0x004E0000 \SystemRoot\System32\TSDDD.dll 0x00740000 \SystemRoot\System32\cdd.dll 0x05987000 \SystemRoot\system32\drivers\luafv.sys 0x059AA000 \SystemRoot\system32\DRIVERS\avgntflt.sys 0x059C7000 \SystemRoot\system32\drivers\WudfPf.sys 0x059E8000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x05600000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x05653000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x05666000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x064C1000 \SystemRoot\system32\drivers\HTTP.sys 0x06589000 \SystemRoot\system32\DRIVERS\bowser.sys 0x065A7000 \SystemRoot\System32\drivers\mpsdrv.sys 0x065BF000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x06400000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x0644E000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x07AEC000 \SystemRoot\system32\drivers\peauth.sys 0x07B92000 \SystemRoot\System32\Drivers\secdrv.SYS 0x07B9D000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x07BCA000 \SystemRoot\System32\drivers\tcpipreg.sys 0x07A00000 \SystemRoot\System32\DRIVERS\srv2.sys 0x08AE7000 \SystemRoot\System32\DRIVERS\srv.sys 0x08B7D000 \SystemRoot\system32\DRIVERS\WUDFRd.sys 0x76D00000 \Windows\System32\ntdll.dll 0x479E0000 \Windows\System32\smss.exe 0xFF020000 \Windows\System32\apisetschema.dll 0xFFA60000 \Windows\System32\autochk.exe 0x76BE0000 \Windows\System32\kernel32.dll 0xFEE30000 \Windows\System32\setupapi.dll 0x76AE0000 \Windows\System32\user32.dll 0x76ED0000 \Windows\System32\normaliz.dll 0xFEDE0000 \Windows\System32\Wldap32.dll 0x76EC0000 \Windows\System32\psapi.dll 0xFECB0000 \Windows\System32\wininet.dll 0xFEBD0000 \Windows\System32\oleaut32.dll 0xFEAF0000 \Windows\System32\advapi32.dll 0xFDD60000 \Windows\System32\shell32.dll 0xFDCC0000 \Windows\System32\msvcrt.dll 0xFDBB0000 \Windows\System32\msctf.dll 0xFDBA0000 \Windows\System32\nsi.dll 0xFDAD0000 \Windows\System32\usp10.dll 0xFD8C0000 \Windows\System32\ole32.dll 0xFD660000 \Windows\System32\iertutil.dll 0xFD640000 \Windows\System32\imagehlp.dll 0xFD610000 \Windows\System32\imm32.dll 0xFD590000 \Windows\System32\shlwapi.dll 0xFD4F0000 \Windows\System32\clbcatq.dll 0xFD4D0000 \Windows\System32\sechost.dll 0xFD3A0000 \Windows\System32\rpcrt4.dll 0xFD390000 \Windows\System32\lpk.dll 0xFD340000 \Windows\System32\ws2_32.dll 0xFD2A0000 \Windows\System32\comdlg32.dll 0xFD120000 \Windows\System32\urlmon.dll 0xFD0A0000 \Windows\System32\difxapi.dll 0xFD030000 \Windows\System32\gdi32.dll 0xFCEC0000 \Windows\System32\crypt32.dll 0xFCE80000 \Windows\System32\cfgmgr32.dll 0xFCDE0000 \Windows\System32\comctl32.dll 0xFCDC0000 \Windows\System32\devobj.dll 0xFCD50000 \Windows\System32\KernelBase.dll 0xFCD10000 \Windows\System32\wintrust.dll 0xFCD00000 \Windows\System32\msasn1.dll 0x76EB0000 \Windows\SysWOW64\normaliz.dll Processes (total 96): 0 System Idle Process 4 System 312 C:\Windows\System32\smss.exe 484 csrss.exe 552 C:\Windows\System32\wininit.exe 572 csrss.exe 608 C:\Windows\System32\services.exe 628 C:\Windows\System32\lsass.exe 636 C:\Windows\System32\lsm.exe 732 C:\Windows\System32\svchost.exe 848 C:\Windows\System32\svchost.exe 936 C:\Windows\System32\atiesrxx.exe 956 C:\Windows\System32\winlogon.exe 1012 C:\Windows\System32\svchost.exe 336 C:\Windows\System32\svchost.exe 496 C:\Windows\System32\svchost.exe 1080 C:\Windows\System32\svchost.exe 1156 C:\Windows\System32\svchost.exe 1236 C:\Windows\System32\atieclxx.exe 1404 C:\Windows\System32\spoolsv.exe 1432 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 1496 C:\Windows\System32\svchost.exe 1656 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 1696 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 1708 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe 1720 C:\Windows\System32\conhost.exe 1848 C:\Windows\System32\taskhost.exe 1924 C:\Windows\System32\dwm.exe 1960 C:\Windows\System32\taskeng.exe 2000 C:\Windows\System32\taskeng.exe 1032 C:\Windows\explorer.exe 1596 C:\Program Files\Sony\VAIO Care\VCSpt.exe 2068 C:\Program Files\Sony\VAIO Power Management\SPMgr.exe 2148 C:\Program Files (x86)\Bonjour\mDNSResponder.exe 2172 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 2308 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 2344 C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe 2368 C:\Windows\System32\svchost.exe 2460 C:\Windows\System32\rundll32.exe 2468 C:\Windows\SysWOW64\rundll32.exe 2508 C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe 2528 C:\Windows\System32\svchost.exe 2564 C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe 2632 C:\Program Files\Apoint\Apoint.exe 2668 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 2724 C:\Windows\System32\svchost.exe 2760 C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe 2820 C:\Program Files\Java\jre6\bin\jusched.exe 2852 C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe 2892 C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe 2916 C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe 2224 C:\Program Files\Sony\VAIO Smart Network\VSNService.exe 2284 dllhost.exe 1824 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe 1068 C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe 2216 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 2624 C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe 3104 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 3212 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 3220 C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe 3396 WmiPrvSE.exe 3496 C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe 3584 C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe 3640 C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe 3724 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 3896 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 3932 C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe 4056 C:\Windows\System32\SearchIndexer.exe 4132 C:\Program Files\Sony\VAIO Power Management\SPMService.exe 4196 C:\Windows\System32\svchost.exe 4224 C:\Program Files (x86)\iTunes\iTunesHelper.exe 4404 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 4540 C:\Windows\System32\svchost.exe 4632 WUDFHost.exe 4760 C:\Program Files\Apoint\ApMsgFwd.exe 5096 C:\Program Files\Apoint\ApntEx.exe 5108 C:\Program Files\Apoint\Apvfb.exe 2340 C:\Windows\System32\conhost.exe 3464 C:\Program Files\iPod\bin\iPodService.exe 5684 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 5780 C:\Program Files\Sony\VAIO Care\VCPerfService.exe 5572 C:\Program Files\Sony\VAIO Care\listener.exe 3596 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 4248 C:\Windows\System32\svchost.exe 4016 C:\Windows\System32\svchost.exe 5536 C:\Program Files\Sony\VAIO Care\VCsystray.exe 4596 C:\Windows\System32\UI0Detect.exe 4504 C:\Windows\System32\wuauclt.exe 5648 C:\Windows\explorer.exe 2292 C:\Windows\System32\SearchProtocolHost.exe 2868 C:\Windows\System32\SearchFilterHost.exe 3148 C:\Windows\System32\audiodg.exe 4536 dllhost.exe 3320 dllhost.exe 3052 C:\Users\Vaio\Desktop\MBRCheck.exe 4608 C:\Windows\System32\conhost.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`a6c00000 (NTFS) PhysicalDrive0 Model Number: TOSHIBAMK5055GSX, Rev: FG001A Size Device Name MBR Status -------------------------------------------- 465 GB \\.\PhysicalDrive0 Windows 7 MBR code detected SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79 Done! Und das andere : GMER Logfile: Code:
ATTFilter GMER 1.0.15.15570 - GMER - Rootkit Detector and Remover
Rootkit scan 2011-03-30 15:16:22
Windows 6.1.7600
Running: sli4ggz4.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076a27abb
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076a27abb (not active ControlSet)
---- EOF - GMER 1.0.15 ----
Hab noch ne frage ,also in den Anleitungen stand ,dass ich die Programme auf den Desktop speichern sollte ,aber bei würden die direkt bei den downloads gespreichert hab die dann auf den Desktop verschoben .Ist jetzt egal oder macht das was aus? |
|
31.03.2011, 10:39
| #14 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected `` Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.04.2011, 22:06
| #15 |
| | TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected `` so hier der Malwarebytes LOG Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes Datenbank Version: 6248 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 02.04.2011 22:56:15 mbam-log-2011-04-02 (22-56-15).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|) Durchsuchte Objekte: 276755 Laufzeit: 37 Minute(n), 39 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) und das andere : SUPERAntiSpyware Scan Log SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware! Generated 03/31/2011 at 11:24 PM Application Version : 4.50.1002 Core Rules Database Version : 6724 Trace Rules Database Version: 4536 Scan type : Quick Scan Total Scan Time : 00:21:46 Memory items scanned : 816 Memory threats detected : 0 Registry items scanned : 2897 Registry threats detected : 0 File items scanned : 17077 File threats detected : 13 Adware.Tracking Cookie C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@serving-sys[1].txt C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@atdmt.combing[2].txt C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@atdmt[1].txt C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@bs.serving-sys[1].txt C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@tradedoubler[2].txt C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@ad.yieldmanager[1].txt C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@revsci[1].txt C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@content.yieldmanager[2].txt C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@doubleclick[1].txt C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@adtech[1].txt C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@adserver.zonemedia[2].txt C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@content.yieldmanager[3].txt secure-uk.imrworldwide.com [ C:\Users\Vaio\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VR3GA546 ] |
|
| Themen zu TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected `` |
| 64-bit, antivir, avgntflt.sys, bingbar, c:\windows\system32\rundll32.exe, computer, control, data, data restore, detected, durchgeführt, error, folge, folgendes, funktioniert, funktioniert nicht, funktioniert nicht mehr, google chrome, hard disk, iastor.sys, ide, install, install.exe, jar_cache, java, java update, kommt immer wieder, leute, location, meldung, meldungen, microsoft office word, nicht mehr, office 2007, oldtimer, otl.exe, personen, picasa, plug-in, problem, programdata, saver, sched.exe, searchplugins, security update, shell32.dll, shortcut, start menu, syswow64, tr/crypt.xpack.ge, tr/crypt.xpack.gen, trojaner, update, webcheck, windows, windows live mesh, write |
Linear-Darstellung
