Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Firefox öffnet bei Suche mit Google Spamseiten (https://www.trojaner-board.de/93789-firefox-oeffnet-suche-google-spamseiten.html)

Etotherik 15.12.2010 11:15
Firefox öffnet bei Suche mit Google Spamseiten
 
Hallo,

ich habe seit neusten ein Problem mit einem Schädling. Immer wenn ich bei Google auf einen Link klicke wird nicht dieses Seite geöffnet sondern irgendeine Seite mit Werbung. Nachdem man dann ca. 3 mal auf den selben Link gedrückt hat wird die Richtige Seite geöffnet.

Habe mich dazu schon einmal über die Suche informiert, doch mir schienen die Angebotenen Lösungen sehr speziell zu geschnitten zu sein.


Ich benutze Win 7 Home Premium mit Comodo Internet Security Premium.

Hier mal ein paar Logs:

OTL:

Code:
OTL logfile created on: 15.12.2010 10:37:50 - Run 1
OTL by OldTimer - Version 3.2.17.3    Folder = C:\Users\***\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454,72 Gb Total Space | 239,16 Gb Free Space | 52,60% Space Free | Partition Type: NTFS
 
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2010.12.15 10:36:53 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
PRC - [2010.12.13 20:44:01 | 000,121,576 | ---- | M] (dotSyntax, LLC) -- C:\Program Files (x86)\Digsby\lib\digsby-app.exe
PRC - [2010.10.22 16:38:46 | 000,386,560 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2010.08.13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.07.27 23:40:54 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.05.14 13:29:50 | 000,217,968 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2010.03.18 07:56:06 | 000,852,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2010.03.02 15:22:44 | 000,120,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2010.02.24 13:59:08 | 000,422,768 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
PRC - [2010.02.24 13:59:08 | 000,108,400 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
PRC - [2010.02.24 13:59:08 | 000,067,952 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
PRC - [2009.11.20 23:25:24 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2008.09.18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.12.15 10:36:53 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
MOD - [2010.09.10 22:41:40 | 000,285,480 | ---- | M] (COMODO) -- C:\Windows\SysWOW64\guard32.dll
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009.07.14 02:15:31 | 000,154,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2009.07.14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Windows\SysNative\srvany.exe -- (KMService)
SRV:64bit: - [2010.09.10 22:41:42 | 002,528,856 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2010.08.26 13:40:32 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010.04.09 12:37:36 | 001,223,024 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2010.03.25 23:47:34 | 000,168,448 | ---- | M] (Sony of America Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\collsvc.exe -- (SampleCollector)
SRV:64bit: - [2010.03.08 10:04:04 | 000,822,784 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2010.02.08 09:46:46 | 000,302,448 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe -- (SpfService)
SRV:64bit: - [2010.01.20 14:10:10 | 000,574,320 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2010.11.23 15:39:08 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.10.22 16:38:46 | 000,386,560 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2010.10.19 18:37:57 | 005,250,048 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Programme\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV - [2010.09.09 21:40:19 | 000,607,040 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.08.26 13:45:00 | 001,403,200 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.08.26 13:40:24 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.08.13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.07.27 23:40:54 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.05.14 13:29:50 | 000,217,968 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010.04.08 13:27:18 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.03.18 07:56:06 | 000,852,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010.03.12 16:15:40 | 000,920,352 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.02.24 13:59:08 | 000,422,768 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2010.02.24 13:59:08 | 000,108,400 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2010.02.24 13:59:08 | 000,067,952 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009.11.25 03:49:14 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009.11.25 03:49:04 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009.11.20 23:25:24 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009.09.21 15:24:40 | 001,420,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2009.09.21 15:00:44 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.09.18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2003.04.18 18:06:26 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2010.10.20 11:51:49 | 000,353,360 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\a2djavs.sys -- (a2djavs)
DRV:64bit: - [2010.10.20 11:51:49 | 000,092,240 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\a2djusb.sys -- (a2djusb_svc)
DRV:64bit: - [2010.09.10 22:40:42 | 000,020,864 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:64bit: - [2010.07.27 22:10:03 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.04.19 19:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.03.20 11:06:18 | 002,203,136 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.03.19 11:03:49 | 000,093,184 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2010.03.19 11:03:46 | 000,077,312 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:64bit: - [2010.03.18 21:47:39 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.03.18 21:47:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.03.18 21:47:38 | 000,102,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.03.18 21:47:37 | 000,334,888 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.03.18 21:47:03 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.03.18 10:16:10 | 000,086,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010.03.17 21:02:57 | 000,299,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010.03.03 23:56:59 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.02.11 20:19:26 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009.11.20 23:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.10.20 16:02:25 | 000,393,216 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.10.10 03:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.09.15 11:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.09 11:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.26 13:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.04.21 16:03:56 | 000,044,560 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\a2djavs_x64.sys -- (a2djavs_x64)
DRV:64bit: - [2009.04.21 16:03:53 | 000,249,872 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\a2djusb_x64.sys -- (a2djusb_x64)
DRV:64bit: - [2007.04.17 10:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2010.02.24 13:41:50 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVED&bmod=EU01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/home
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.12.10 21:35:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.12.10 21:35:38 | 000,000,000 | ---D | M]
 
[2010.12.03 16:56:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.12.15 09:58:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0198mpz3.default\extensions
[2010.12.06 11:21:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0198mpz3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.12.10 21:35:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0198mpz3.default\extensions\vshare@toolbar
[2010.12.03 16:56:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\t4a4i8fy.default\extensions
[2010.11.22 18:44:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.10.18 10:01:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.09.15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.10.27 06:44:13 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.10.27 06:44:13 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.10.27 06:44:13 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.10.27 06:44:13 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.10.27 06:44:13 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
 
MsConfig:64bit - StartUpReg: Apoint - hkey= - key= - C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.12.15 10:38:39 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Viren Entfernung
[2010.12.15 10:36:44 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.12.14 19:19:59 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\immer dieses techno geschranze
[2010.12.13 21:18:53 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\podcasts & sets
[2010.12.13 15:52:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2010.12.13 15:37:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2010.12.07 19:50:51 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.12.07 18:00:35 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2010.12.07 18:00:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.12.07 18:00:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.12.07 18:00:26 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.12.07 18:00:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.12.06 21:41:04 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\set und so
[2010.12.06 12:21:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\{09E0C01F-3E52-43FD-9043-3A75BA69A3D0}
[2010.12.04 14:20:03 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Sunbelt Software
[2010.12.04 14:13:46 | 000,000,000 | ---D | C] -- C:\ProgramData\{589802B2-1BF3-4609-9ADE-CF6E6608D06D}
[2010.12.04 14:13:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010.12.04 14:13:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2010.12.02 10:12:06 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\fw mapping
[2010.12.01 19:08:53 | 000,000,000 | -H-D | C] -- C:\ProgramData\{013BB0BF-30DA-4354-AD33-636A6EB72DA6}
[2010.12.01 19:08:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Native Instruments
[2010.12.01 19:08:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\{BB25779E-744C-48F3-94DE-CD6F60A5AC55}
[2010.12.01 19:07:26 | 000,000,000 | -H-D | C] -- C:\ProgramData\{A6DB2A6F-FF9D-453F-99D6-C1AA54BC0C14}
[2010.12.01 16:16:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2010.12.01 13:39:47 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Average Quality
[2010.12.01 00:26:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.12.01 00:26:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010.11.30 23:39:53 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Songs needed in HQ
[2010.11.30 23:39:44 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\High Quality
[2010.11.30 20:16:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Native Instruments
[2010.11.30 20:16:35 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Native Instruments
[2010.11.30 20:05:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Native Instruments
[2010.11.30 17:39:02 | 000,000,000 | ---D | C] -- C:\Programme\Native Instruments
[2010.11.29 22:28:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010.11.29 22:15:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\backups
[2010.11.29 22:07:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SourceCode
[2010.11.29 22:07:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\files
[2010.11.29 22:07:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Docs
[2010.11.25 00:31:12 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\FUSSBALL MANAGER 10 ONLINE
[2010.11.24 16:49:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2010.11.24 16:08:11 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\FUSSBALL MANAGER 10
[2010.11.24 15:43:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA SPORTS
[2010.11.22 18:44:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2010.11.22 18:44:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pdfforge Toolbar
[2010.11.22 18:44:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.12.15 10:40:18 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2010.12.15 10:39:16 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.15 10:39:16 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.15 10:36:53 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.12.15 10:19:22 | 002,760,605 | ---- | M] () -- C:\Users\***\Desktop\otl4_htm.zip
[2010.12.15 09:40:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.12.15 09:40:18 | 3207,114,752 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.14 15:18:33 | 000,004,604 | ---- | M] () -- C:\Users\***\Desktop\Abschlussbericht.xml
[2010.12.10 15:03:59 | 159,383,596 | ---- | M] () -- C:\Users\***\Desktop\yep.wav
[2010.12.10 13:05:18 | 001,507,106 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.12.10 13:05:18 | 000,657,676 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.12.10 13:05:18 | 000,618,912 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.12.10 13:05:18 | 000,131,016 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.12.10 13:05:18 | 000,107,232 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.12.07 20:02:42 | 000,027,258 | ---- | M] () -- C:\Users\Public\Documents\cc_20101207_200238.reg
[2010.11.30 20:16:23 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_a2djusb_01009.Wdf
[2010.11.29 22:07:13 | 000,085,888 | ---- | M] () -- C:\Program Files (x86)\Uninstall.exe
[2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.11.29 17:42:06 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.12.15 10:19:06 | 002,760,605 | ---- | C] () -- C:\Users\***\Desktop\otl4_htm.zip
[2010.12.14 15:18:33 | 000,004,604 | ---- | C] () -- C:\Users\***\Desktop\Abschlussbericht.xml
[2010.12.10 14:48:56 | 159,383,596 | ---- | C] () -- C:\Users\***\Desktop\yep.wav
[2010.12.07 20:02:40 | 000,027,258 | ---- | C] () -- C:\Users\Public\Documents\cc_20101207_200238.reg
[2010.11.30 20:16:23 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_a2djusb_01009.Wdf
[2010.11.29 22:07:16 | 000,578,541 | ---- | C] () -- C:\Program Files (x86)\WinSetupFromUSB.log
[2010.11.29 22:07:10 | 000,085,888 | ---- | C] () -- C:\Program Files (x86)\Uninstall.exe
[2010.09.24 13:00:12 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.08.31 10:50:30 | 000,000,241 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2010.08.31 10:50:30 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2010.08.31 10:50:12 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.08.31 10:50:12 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.08.08 18:21:23 | 000,000,032 | ---- | C] () -- C:\Users\***\AppData\Local\xobni_installer_updater.log
[2010.08.07 15:32:58 | 000,011,264 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.31 10:11:13 | 001,500,444 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.07.27 11:53:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.07.16 21:57:25 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\SonyVideoProcessor.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.10.23 23:59:54 | 000,514,773 | ---- | C] () -- C:\Program Files (x86)\WinSetupFromUSB_0-1-1.exe
[2008.10.23 23:59:45 | 000,013,326 | ---- | C] () -- C:\Program Files (x86)\ReadMe.txt
[2008.10.22 04:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
 
========== LOP Check ==========
 
[2010.10.17 20:54:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ableton
[2010.07.27 22:35:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2010.07.31 10:32:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.12.07 17:42:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla
[2010.09.28 12:44:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FOG Downloader
[2010.09.28 11:54:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GHISLER
[2010.10.29 07:39:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ
[2010.07.27 23:37:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2010.08.01 13:07:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SoftGrid Client
[2010.10.03 21:22:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Steinberg
[2010.07.31 10:11:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TP
[2010.11.02 14:50:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Trillian
[2010.08.15 17:14:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2010.10.03 22:11:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\VST3 Presets
[2010.11.02 23:27:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Windows Live Writer
[2010.10.24 13:00:14 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*.exe >
 
< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
 
< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
 
< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< %SYSTEMDRIVE%\sceclt.dll /s /md5 >
 
< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >
 
< %SYSTEMDRIVE%\logevent.dll /s /md5 >
 
< %SYSTEMDRIVE%\iaStor.sys /s /md5 >
[2009.11.20 23:09:48 | 000,537,112 | ---- | M] (Intel Corporation) MD5=073A606333B6F7BBF20AA856DF7F0997 -- C:\Windows\SysWow64\DriverStore\FileRepository\iaahci.inf_amd64_neutral_53f33454d751d4bd\iaStor.sys
 
< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
 
< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
 
< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >
 
< %SYSTEMDRIVE%\viasraid.sys /s /md5 >
 
< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
 
< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >
 
< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >

< End of report >

Etotherik 15.12.2010 11:17
OTL Extra:

Code:
OTL Extras logfile created on: 15.12.2010 10:37:50 - Run 1
OTL by OldTimer - Version 3.2.17.3    Folder = C:\Users\***\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454,72 Gb Total Space | 239,16 Gb Free Space | 52,60% Space Free | Partition Type: NTFS
 
Computer Name: ERIK-VAIO | User Name: Erik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes
"{1387BA33-3FAC-49E9-B545-0E8D3BBC550B}" = Adobe Photoshop Lightroom 3 64-bit
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23A66953-369C-4d22-A189-C6E403D4A19F}" = Native Instruments Audio 2 DJ
"{26A24AE4-039D-4CA4-87B4-2F86416018FF}" = Java(TM) 6 Update 18 (64-bit)
"{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi-Software
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA57D9DF-BE05-416A-96E4-2BB4884308E7}" = MSI_SPF_x64
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{119F5471-91A6-47CC-80AB-380845C08E27}" = LevelR
"{1730D13B-7517-4321-A88B-64627CF67CDC}_is1" = Logon Screen 2.42
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21D1464A-1C54-451E-B780-3ECB3DF8BD4E}" = VAIO Content Monitoring Settings
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Einstellungen für VAIO-Inhaltsüberwachung
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 22
"{2BDD5DFD-9F1F-4754-8BEB-A780D49E8C73}" = Sony Home Network Library
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{44E0DB64-566D-4126-82E6-206B4D76E902}" = VAIO Original Function Settings
"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content
"{50FF1E1F-F8ED-4B63-AF68-5AB15F23F089}" = VAIO Care
"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{641DD10E-47E0-4A1D-B858-EF507F948C50}" = VAIO Hardware Diagnostics
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D320CE8-79EB-4D45-8C6D-DEF74D84B49A}" = VAIO Window Organizer
"{6D423AE8-0E7D-4703-8EF7-500C5D36FD7F}" = Sony Home Network Library
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{7020FC34-6E04-4858-924D-354B28CB2402}_is1" = Luminance HDR 2.0.0
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7D556460-6E5A-4C53-BCDD-7A7EAEBC169A}" = VAIO Entertainment Platform
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Energie Verwaltung
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84FFB317-A08A-4AEE-95EA-7FBA69A3F924}" = VAIO Entertainment Platform
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 ATL (x86) WinSXS MSM
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite MFC-235C
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Funktion Einstellungen
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.1 - Deutsch
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1BFDF6B-3C03-46fe-B5D7-BABB0063D8E0}" = pdfforge Toolbar v4.1
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{DF0415CC-0563-407F-B560-9B7F277122C5}" = VAIO BD Menu Data
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}" = Steinberg HALionOne Additional Content Set 01
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 1.2.6
"Digsby" = Digsby
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.3.4.1
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"FreePDF_XP" = FreePDF (Remove only)
"FUSSBALL MANAGER 10" = FUSSBALL MANAGER 10
"GPL Ghostscript 8.71" = GPL Ghostscript 8.71
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"IrfanView" = IrfanView (remove only)
"Live 8.1.4" = Live 8.1.4
"Mafia II_is1" = Mafia II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"mIRC" = mIRC
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Native Instruments Audio 2 DJ" = Native Instruments Audio 2 DJ
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Traktor" = Native Instruments Traktor
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"rgc:audio Triangle II Monophonic Synthesizer_is1" = rgc:audio Triangle II
"ShotOnline" = ShotOnline
"SopCast" = SopCast 3.2.9
"Steam App 10" = Counter-Strike
"Steam App 240" = Counter-Strike: Source
"Totalcmd" = Total Commander (Remove or Repair)
"TuneUp Utilities" = TuneUp Utilities
"VAIO Help and Support" =
"VAIO Premium Partners" = VAIO Premium Partners
"VAIO screensaver" = VAIO screensaver
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VLC media player 1.1.4
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"WinSetupFromUSB" = WinSetupFromUSB
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 30.11.2010 12:58:51 | Computer Name = Erik-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2028
 
Error - 30.11.2010 12:58:51 | Computer Name = Erik-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2028
 
Error - 30.11.2010 14:53:06 | Computer Name = Erik-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 30.11.2010 14:53:06 | Computer Name = Erik-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6857585
 
Error - 30.11.2010 14:53:06 | Computer Name = Erik-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6857585
 
Error - 01.12.2010 04:40:10 | Computer Name = Erik-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: digsby-app.exe, Version: 1.0.0.0,
 Zeitstempel: 0x49c25e1d  Name des fehlerhaften Moduls: libxml2.dll, Version: 0.0.0.0,
 Zeitstempel: 0x4c07c98d  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0007ad3a  ID des fehlerhaften
 Prozesses: 0xd88  Startzeit der fehlerhaften Anwendung: 0x01cb912d1663ed04  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Digsby\lib\digsby-app.exe  Pfad des
 fehlerhaften Moduls: C:\Program Files (x86)\Digsby\lib\libxml2.dll  Berichtskennung:
 9b198f06-fd26-11df-ae2d-f07bcbe88348
 
Error - 01.12.2010 11:18:43 | Computer Name = Erik-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: audacity.exe, Version: 0.0.0.0, Zeitstempel:
 0x455814e4  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559, Zeitstempel:
 0x4ba9b29c  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00038c19  ID des fehlerhaften Prozesses:
 0x524  Startzeit der fehlerhaften Anwendung: 0x01cb916ab929c9e4  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Audacity\audacity.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 4820e8a4-fd5e-11df-90d4-f07bcbe88348
 
Error - 01.12.2010 12:18:16 | Computer Name = Erik-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: audacity.exe, Version: 0.0.0.0, Zeitstempel:
 0x455814e4  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559, Zeitstempel:
 0x4ba9b29c  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00038c19  ID des fehlerhaften Prozesses:
 0x524  Startzeit der fehlerhaften Anwendung: 0x01cb917355cbb515  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Audacity\audacity.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 99fc583b-fd66-11df-90d4-f07bcbe88348
 
Error - 01.12.2010 12:18:53 | Computer Name = Erik-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: audacity.exe, Version: 0.0.0.0, Zeitstempel:
 0x455814e4  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559, Zeitstempel:
 0x4ba9b29c  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00038c19  ID des fehlerhaften Prozesses:
 0x464  Startzeit der fehlerhaften Anwendung: 0x01cb91736aca01f6  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Audacity\audacity.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: affb9e1f-fd66-11df-90d4-f07bcbe88348
 
Error - 01.12.2010 12:19:58 | Computer Name = Erik-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: audacity.exe, Version: 0.0.0.0, Zeitstempel:
 0x455814e4  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559, Zeitstempel:
 0x4ba9b29c  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00038c19  ID des fehlerhaften Prozesses:
 0x1770  Startzeit der fehlerhaften Anwendung: 0x01cb917377eeea6c  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Audacity\audacity.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: d6e917aa-fd66-11df-90d4-f07bcbe88348
 
[ System Events ]
Error - 06.12.2010 06:17:06 | Computer Name = Erik-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 06.12.2010 06:25:35 | Computer Name = Erik-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 06.12.2010 07:17:43 | Computer Name = Erik-VAIO | Source = DCOM | ID = 10010
Description =
 
Error - 06.12.2010 07:21:25 | Computer Name = Erik-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 06.12.2010 11:40:39 | Computer Name = Erik-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 07.12.2010 03:26:38 | Computer Name = Erik-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 07.12.2010 08:15:57 | Computer Name = Erik-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 07.12.2010 13:14:21 | Computer Name = Erik-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 07.12.2010 15:36:09 | Computer Name = Erik-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 08.12.2010 05:44:23 | Computer Name = Erik-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
 
< End of report >

Etotherik 15.12.2010 11:20
Malwarebytes Quickscan

Code:
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Datenbank Version: 5317

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

15.12.2010 11:20:24
mbam-log-2010-12-15 (11-20-24).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 156048
Laufzeit: 2 Minute(n), 46 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Etotherik 15.12.2010 11:49
Gmer Log:

Code:
GMER 1.0.15.15530 - hxxp://www.gmer.net
Rootkit scan 2010-12-15 11:48:03
Windows 6.1.7600 
Running: k2p5g4mo.exe


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0011b107a3a4                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076d49816                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f07bcbe88348                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f07bcbe88348@68ebae3c245f                            0xDC 0x1C 0xA6 0xEE ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f07bcbe88348@70f395817dea                            0x0D 0x4C 0x73 0xFA ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f07bcbe88348@002243e3cc38                            0x1D 0x3A 0xCE 0x5F ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1                                                                  771343423
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2                                                                  285507792
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0                                                                  1
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                   
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                0
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x2F 0x8E 0x5E 0x9F ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                C:\Program Files (x86)\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                         
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                    0xC1 0xC3 0x3A 0x0F ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                     
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0x6D 0x60 0x2F 0x0B ...
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0011b107a3a4 (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076d49816 (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f07bcbe88348 (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f07bcbe88348@68ebae3c245f                                0xDC 0x1C 0xA6 0xEE ...
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f07bcbe88348@70f395817dea                                0x0D 0x4C 0x73 0xFA ...
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f07bcbe88348@002243e3cc38                                0x1D 0x3A 0xCE 0x5F ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)               
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                    0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                    0
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x2F 0x8E 0x5E 0x9F ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                    C:\Program Files (x86)\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)     
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                        0xC1 0xC3 0x3A 0x0F ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) 
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0x6D 0x60 0x2F 0x0B ...

---- EOF - GMER 1.0.15 ----

Etotherik 17.12.2010 13:31
kann mir jemand helfen? :abklatsch:

cosinus 17.12.2010 15:49
Zitat:
Art des Suchlaufs: Quick-Scan
Hallo und :hallo:

Bitte routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Etotherik 17.12.2010 21:53
Hier das Ergebnis des vollständigen Suchlaufes

Code:
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Datenbank Version: 5345

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

17.12.2010 21:52:13
mbam-log-2010-12-17 (21-52-13).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 353293
Laufzeit: 54 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

cosinus 19.12.2010 15:27
Sieht unauffällig aus. Werden immer noch die Seiten umgelenkt?
Wenn ja, hast du zufällig einen Router, bei dem das Standardpasswort nicht verändert wurde?

Etotherik 19.12.2010 17:09
nein hab extra ein anderes password. bin auch der einzige im wlan net unserer wg mit diesem problem.

es öffnen sich auch manchmal einfach neue tabs mit spam seiten. es nervt!

aber extra deswegen den pc neu zumachen wäre äußerst schlecht!

cosinus 19.12.2010 17:41
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
http://saved.im/mtm0nzyzmzd5/cofi.jpg
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Etotherik 20.12.2010 22:42
Combofix Log

Code:
ComboFix 10-12-20.01 - Erik 20.12.2010  21:12:30.1.8 - x64
Microsoft Windows 7 Home Premium  6.1.7600.0.1252.49.1031.18.4078.2237 [GMT 1:00]
ausgeführt von:: c:\users\Erik\Desktop\cofi.exe
AV: COMODO Antivirus *Disabled/Updated* {675CEE69-9702-A524-3989-6D7CC8BF3695}
FW: COMODO Firewall *Disabled* {5F676F4C-DD6D-A47C-12D6-C449366C71EE}
SP: COMODO Defense+ *Disabled/Updated* {DC3D0F8D-B138-AAAA-0339-560EB3387C28}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.

((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\SysWow64\ui

.
(((((((((((((((((((((((  Dateien erstellt von 2010-11-20 bis 2010-12-20  ))))))))))))))))))))))))))))))
.

2010-12-20 20:59 . 2010-12-20 20:59        --------        d-----w-        c:\users\Default\AppData\Local\temp
2010-12-20 16:15 . 2010-12-20 16:15        --------        d--h--w-        c:\programdata\CanonBJ
2010-12-20 16:15 . 2009-07-14 01:40        83968        ----a-w-        c:\windows\system32\Spool\prtprocs\x64\CNBPP3.DLL
2010-12-19 10:55 . 2010-12-19 10:55        --------        d-----w-        c:\users\Erik\AppData\Roaming\PC-FAX TX
2010-12-17 11:59 . 2010-11-10 05:35        8199504        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{E3E71186-8082-49F4-A566-F385520C03E1}\mpengine.dll
2010-12-13 14:52 . 2010-12-13 14:52        --------        d-----w-        c:\program files (x86)\ESET
2010-12-13 14:37 . 2010-12-13 14:39        --------        d-----w-        c:\program files (x86)\trend micro
2010-12-07 18:50 . 2010-12-07 18:50        --------        d-----w-        c:\program files\CCleaner
2010-12-07 17:00 . 2010-12-07 17:00        --------        d-----w-        c:\users\Erik\AppData\Roaming\Malwarebytes
2010-12-07 17:00 . 2010-11-29 16:42        38224        ----a-w-        c:\windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-07 17:00 . 2010-12-07 17:00        --------        d-----w-        c:\programdata\Malwarebytes
2010-12-07 17:00 . 2010-12-07 17:00        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2010-12-07 17:00 . 2010-11-29 16:42        24152        ----a-w-        c:\windows\system32\drivers\mbam.sys
2010-12-06 11:21 . 2010-12-06 11:21        --------        dc-h--w-        c:\programdata\{09E0C01F-3E52-43FD-9043-3A75BA69A3D0}
2010-12-04 13:20 . 2010-12-04 13:20        --------        d-----w-        c:\users\Erik\AppData\Local\Sunbelt Software
2010-12-04 13:13 . 2010-12-06 10:21        --------        dc----w-        c:\programdata\{589802B2-1BF3-4609-9ADE-CF6E6608D06D}
2010-12-04 13:13 . 2010-12-04 13:22        --------        d-----w-        c:\programdata\Lavasoft
2010-12-04 13:13 . 2010-12-04 13:13        --------        d-----w-        c:\program files (x86)\Lavasoft
2010-12-01 18:08 . 2010-12-01 18:08        --------        dc-h--w-        c:\programdata\{013BB0BF-30DA-4354-AD33-636A6EB72DA6}
2010-12-01 18:08 . 2010-12-01 18:08        --------        d-----w-        c:\program files (x86)\Common Files\Native Instruments
2010-12-01 18:08 . 2010-12-01 18:08        --------        dc-h--w-        c:\programdata\{BB25779E-744C-48F3-94DE-CD6F60A5AC55}
2010-12-01 18:07 . 2010-12-01 18:07        --------        dc-h--w-        c:\programdata\{A6DB2A6F-FF9D-453F-99D6-C1AA54BC0C14}
2010-12-01 15:16 . 2010-12-01 15:16        --------        d-----w-        c:\program files (x86)\Audacity
2010-11-30 23:26 . 2010-12-07 18:59        --------        d-----w-        c:\programdata\Spybot - Search & Destroy
2010-11-30 23:26 . 2010-11-30 23:26        --------        d-----w-        c:\program files (x86)\Spybot - Search & Destroy
2010-11-30 19:16 . 2010-11-30 19:16        --------        d-----w-        c:\programdata\Native Instruments
2010-11-30 19:16 . 2010-12-01 18:08        --------        d-----w-        c:\program files\Common Files\Native Instruments
2010-11-30 19:05 . 2010-12-01 17:47        --------        d-----w-        c:\program files (x86)\Native Instruments
2010-11-30 16:39 . 2010-12-06 11:21        --------        d-----w-        c:\program files\Native Instruments
2010-11-29 21:28 . 2010-11-30 12:08        --------        d-----w-        c:\program files (x86)\DAEMON Tools Lite
2010-11-29 21:15 . 2010-11-29 22:22        --------        d-----w-        c:\program files (x86)\backups
2010-11-29 21:07 . 2010-11-29 21:07        --------        d-----w-        c:\program files (x86)\SourceCode
2010-11-29 21:07 . 2010-11-29 21:07        85888        ----a-w-        c:\program files (x86)\Uninstall.exe
2010-11-29 21:07 . 2010-11-29 21:07        --------        d-----w-        c:\program files (x86)\files
2010-11-29 21:07 . 2010-11-29 21:07        --------        d-----w-        c:\program files (x86)\Docs
2010-11-24 15:49 . 2010-11-25 07:29        --------        d-----w-        c:\programdata\Electronic Arts
2010-11-24 15:09 . 2008-07-12 07:18        3851784        ----a-w-        c:\windows\SysWow64\D3DX9_39.dll
2010-11-24 14:43 . 2010-11-24 14:43        --------        d-----w-        c:\program files (x86)\EA SPORTS
2010-11-22 17:44 . 2010-12-07 19:32        --------        d-----w-        c:\program files (x86)\pdfforge Toolbar
2010-11-22 17:44 . 2010-11-22 17:44        --------        d-----w-        c:\program files (x86)\Application Updater
2010-11-22 17:44 . 2010-11-22 17:44        --------        d-----w-        c:\program files (x86)\Common Files\Spigot

.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-20 10:51 . 2010-10-20 10:51        92240        ----a-w-        c:\windows\system32\drivers\a2djusb.sys
2010-10-20 10:51 . 2010-10-20 10:51        353360        ----a-w-        c:\windows\system32\drivers\a2djavs.sys
2010-10-19 09:41 . 2010-07-30 11:14        270720        ------w-        c:\windows\system32\MpSigStub.exe
2010-09-24 12:00 . 2010-09-24 12:00        952        --sha-w-        c:\programdata\KGyGaAvL.sys
2008-10-23 23:20 . 2008-10-23 22:59        514773        ----a-w-        c:\program files (x86)\WinSetupFromUSB_0-1-1.exe
.

((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-3-12 1125152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"IAStorIcon"=c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"BrMfcWnd"=c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
"ControlCenter3"=c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
"FreePDF Assistant"=c:\program files (x86)\FreePDF_XP\fpassist.exe
"SHTtray.exe"=c:\program files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-11-25 362992]
R2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
R3 a2djavs;Audio 2 DJ WDM Audio;c:\windows\system32\Drivers\a2djavs.sys [2010-10-20 353360]
R3 a2djavs_x64;a2djavs_x64;c:\windows\system32\Drivers\a2djavs_x64.sys [2009-04-21 44560]
R3 a2djusb_svc;Audio 2 DJ;c:\windows\system32\Drivers\a2djusb.sys [2010-10-20 92240]
R3 a2djusb_x64;a2djusb_x64;c:\windows\system32\Drivers\a2djusb_x64.sys [2009-04-21 249872]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-03-18 334888]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-18 39464]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-03-03 158720]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-11-25 313840]
R3 SampleCollector;Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2010-03-25 168448]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-04-19 50688]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-04-09 1223024]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-07-27 834544]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2010-09-10 20864]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-09-10 249496]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-09-10 33208]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2010-10-22 386560]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2010-10-19 5250048]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2010-03-19 93184]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2010-03-19 77312]
S2 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-02-24 108400]
S2 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-02-24 422768]
S2 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-02-24 67952]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-08-26 1403200]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-03-18 852336]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-03-08 822784]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-03-18 86120]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2010-02-11 12032]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe [2010-02-08 302448]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2010-02-24 11856]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-01-20 574320]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-10-20 393216]

.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-02-22 16397416]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-25 10060320]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-09-10 8892360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/home
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube to Mp3 Converter - c:\users\Erik\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\0198mpz3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/ig
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

HKLM-Run-Apoint - %ProgramFiles%\Apoint\Apoint.exe



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\S-1-5-21-2480485352-2265328641-4172169212-1001\Software\SecuROM\License information*]
"datasecu"=hex:04,f4,12,c6,7c,f4,61,b5,3b,9e,7f,cd,50,36,cd,4e,ee,42,29,99,66,
  c8,ed,55,cd,94,21,3c,6f,d3,b1,05,ae,4d,b6,77,58,0b,59,84,06,ba,2b,8e,cf,e2,\
"rkeysecu"=hex:7e,69,d5,74,a1,f1,a7,fe,40,97,6f,c2,ea,fc,53,16

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2010-12-20  22:32:12
ComboFix-quarantined-files.txt  2010-12-20 21:32

Vor Suchlauf: 14 Verzeichnis(se), 257.446.096.896 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 257.193.590.784 Bytes frei

- - End Of File - - 8AB1279C4BDB06C5DF0AB2A262F582F8

cosinus 21.12.2010 09:34
Zitat:
FW: COMODO Firewall *Disabled* {5F676F4C-DD6D-A47C-12D6-C449366C71EE}
Von Personal-Firewall-Geschichten kann ich nur abraten...deinstallieren und Windows-Firewall ggf. mit DSL-Router verwenden ist effektiver - weniger ist mehr.

Downloade Dir bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur eine Sekunde.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes

Etotherik 21.12.2010 12:50
ok danke für den tipp! und als free antivir prog? kann ich da weiterhin comodo benutzen oder lieber anti vir?

Code:
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:                       
Windows Version:                Windows 7 Home Premium Edition
Windows Information:                (build 7600), 64-bit
Base Board Manufacturer:        Sony Corporation
BIOS Manufacturer:                American Megatrends Inc.
System Manufacturer:                Sony Corporation
System Product Name:                VPCF12C5E
Logical Drives Mask:                0x00000034

Kernel Drivers (total 202):
  0x0341A000 \SystemRoot\system32\ntoskrnl.exe
  0x039F6000 \SystemRoot\system32\hal.dll
  0x00BAD000 \SystemRoot\system32\kdcom.dll
  0x00C12000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
  0x00C56000 \SystemRoot\system32\PSHED.dll
  0x00C6A000 \SystemRoot\system32\CLFS.SYS
  0x00CC8000 \SystemRoot\system32\CI.dll
  0x00E2B000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x00ECF000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x01097000 \SystemRoot\System32\Drivers\spzl.sys
  0x011BD000 \SystemRoot\System32\Drivers\WMILIB.SYS
  0x011C6000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
  0x01000000 \SystemRoot\system32\drivers\ACPI.sys
  0x01057000 \SystemRoot\system32\drivers\msisadrv.sys
  0x01061000 \SystemRoot\system32\drivers\vdrvroot.sys
  0x00EDE000 \SystemRoot\system32\drivers\pci.sys
  0x0106E000 \SystemRoot\System32\drivers\partmgr.sys
  0x01083000 \SystemRoot\system32\drivers\compbatt.sys
  0x00F11000 \SystemRoot\system32\drivers\BATTC.SYS
  0x00F1D000 \SystemRoot\system32\drivers\volmgr.sys
  0x00F32000 \SystemRoot\System32\drivers\volmgrx.sys
  0x00F8E000 \SystemRoot\System32\drivers\mountmgr.sys
  0x012A1000 \SystemRoot\system32\drivers\iaStor.sys
  0x014A9000 \SystemRoot\system32\drivers\atapi.sys
  0x014B2000 \SystemRoot\system32\drivers\ataport.SYS
  0x014DC000 \SystemRoot\system32\drivers\amdxata.sys
  0x014E7000 \SystemRoot\system32\drivers\fltmgr.sys
  0x01533000 \SystemRoot\system32\drivers\fileinfo.sys
  0x01547000 \SystemRoot\System32\Drivers\PxHlpa64.sys
  0x01608000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x01553000 \SystemRoot\System32\Drivers\msrpc.sys
  0x017AB000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x01200000 \SystemRoot\System32\Drivers\cng.sys
  0x017C5000 \SystemRoot\System32\drivers\pcw.sys
  0x017D6000 \SystemRoot\System32\Drivers\Fs_Rec.sys
  0x01867000 \SystemRoot\system32\drivers\ndis.sys
  0x01959000 \SystemRoot\system32\drivers\NETIO.SYS
  0x019B9000 \SystemRoot\System32\Drivers\ksecpkg.sys
  0x01A00000 \SystemRoot\System32\drivers\tcpip.sys
  0x01800000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x015B1000 \SystemRoot\system32\drivers\volsnap.sys
  0x0184A000 \SystemRoot\System32\Drivers\spldr.sys
  0x00FA8000 \SystemRoot\System32\drivers\rdyboost.sys
  0x01852000 \SystemRoot\System32\Drivers\mup.sys
  0x019E4000 \SystemRoot\System32\drivers\hwpolicy.sys
  0x00D88000 \SystemRoot\System32\DRIVERS\fvevol.sys
  0x017E0000 \SystemRoot\system32\drivers\disk.sys
  0x00DC2000 \SystemRoot\system32\drivers\CLASSPNP.SYS
  0x04512000 \SystemRoot\System32\DRIVERS\cmderd.sys
  0x0451B000 \SystemRoot\system32\DRIVERS\cdrom.sys
  0x04545000 \SystemRoot\System32\DRIVERS\cmdguard.sys
  0x04587000 \SystemRoot\System32\Drivers\Null.SYS
  0x04590000 \SystemRoot\System32\Drivers\Beep.SYS
  0x04597000 \SystemRoot\System32\drivers\vga.sys
  0x045A5000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x045CA000 \SystemRoot\System32\drivers\watchdog.sys
  0x045DA000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0x045E3000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x045EC000 \SystemRoot\system32\drivers\rdprefmp.sys
  0x045F5000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x04200000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x04211000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x0422F000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x0423C000 \SystemRoot\System32\DRIVERS\cmdhlp.sys
  0x04247000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x02E60000 \SystemRoot\system32\drivers\afd.sys
  0x02EEA000 \SystemRoot\system32\DRIVERS\wfplwf.sys
  0x02EF3000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x02F19000 \SystemRoot\system32\DRIVERS\vwififlt.sys
  0x02F2F000 \SystemRoot\system32\DRIVERS\inspect.sys
  0x02F47000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x02F56000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x02F71000 \SystemRoot\system32\drivers\termdd.sys
  0x02F85000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x02FD6000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x02FE2000 \SystemRoot\system32\drivers\mssmbios.sys
  0x02FED000 \SystemRoot\System32\drivers\discache.sys
  0x02E00000 \SystemRoot\System32\Drivers\dfsc.sys
  0x02E1E000 \SystemRoot\system32\drivers\blbdrive.sys
  0x02E2F000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x04A36000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
  0x0555D000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
  0x0463D000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x04731000 \SystemRoot\System32\drivers\dxgmms1.sys
  0x04777000 \SystemRoot\system32\drivers\HDAudBus.sys
  0x0479B000 \SystemRoot\system32\drivers\usbehci.sys
  0x0555F000 \SystemRoot\system32\drivers\USBPORT.SYS
  0x05898000 \SystemRoot\system32\DRIVERS\NETw5s64.sys
  0x05F45000 \SystemRoot\system32\DRIVERS\vwifibus.sys
  0x05F52000 \SystemRoot\system32\DRIVERS\sdbus.sys
  0x05F72000 \SystemRoot\system32\drivers\rimssne64.sys
  0x05F92000 \SystemRoot\system32\drivers\1394ohci.sys
  0x05FD0000 \SystemRoot\system32\drivers\risdsne64.sys
  0x05800000 \SystemRoot\system32\DRIVERS\yk62x64.sys
  0x05864000 \SystemRoot\system32\DRIVERS\i8042prt.sys
  0x05882000 \SystemRoot\system32\DRIVERS\kbdclass.sys
  0x047AC000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
  0x05FE9000 \SystemRoot\system32\DRIVERS\mouclass.sys
  0x05FF8000 \SystemRoot\system32\drivers\SFEP.sys
  0x04600000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
  0x055B5000 \SystemRoot\System32\Drivers\auulkwpg.SYS
  0x0460D000 \SystemRoot\system32\drivers\wmiacpi.sys
  0x04616000 \SystemRoot\system32\DRIVERS\intelppm.sys
  0x05FFB000 \SystemRoot\system32\drivers\CmBatt.sys
  0x0462C000 \SystemRoot\system32\drivers\CompositeBus.sys
  0x04A00000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
  0x0428C000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x04A16000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x042B0000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x01273000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x00E00000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x00FE2000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x05891000 \SystemRoot\system32\drivers\swenum.sys
  0x0622C000 \SystemRoot\system32\drivers\ks.sys
  0x0626F000 \SystemRoot\system32\DRIVERS\umbus.sys
  0x06281000 \SystemRoot\system32\DRIVERS\usbhub.sys
  0x062DB000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x062F0000 \SystemRoot\system32\drivers\nvhda64v.sys
  0x06309000 \SystemRoot\system32\drivers\portcls.sys
  0x06346000 \SystemRoot\system32\drivers\drmk.sys
  0x06368000 \SystemRoot\system32\drivers\ksthunk.sys
  0x07C7F000 \SystemRoot\system32\drivers\RTKVHD64.sys
  0x07EA8000 \SystemRoot\system32\DRIVERS\usbccgp.sys
  0x07EC5000 \SystemRoot\system32\DRIVERS\USBD.SYS
  0x07EC7000 \SystemRoot\System32\Drivers\usbvideo.sys
  0x07EF5000 \SystemRoot\system32\DRIVERS\ArcSoftKsUFilter.sys
  0x000D0000 \SystemRoot\System32\win32k.sys
  0x07C00000 \SystemRoot\System32\drivers\Dxapi.sys
  0x07C24000 \SystemRoot\system32\DRIVERS\hidusb.sys
  0x07C32000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
  0x07C4B000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
  0x07C54000 \SystemRoot\system32\DRIVERS\mouhid.sys
  0x07C61000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x042DF000 \SystemRoot\System32\Drivers\dump_iaStor.sys
  0x06200000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
  0x021A2000 \SystemRoot\system32\DRIVERS\monitor.sys
  0x00530000 \SystemRoot\System32\TSDDD.dll
  0x00740000 \SystemRoot\System32\cdd.dll
  0x021B0000 \SystemRoot\system32\drivers\luafv.sys
  0x021D3000 \SystemRoot\system32\drivers\WudfPf.sys
  0x06213000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x072EF000 \SystemRoot\system32\DRIVERS\nwifi.sys
  0x07342000 \SystemRoot\system32\DRIVERS\ndisuio.sys
  0x07355000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x07200000 \SystemRoot\system32\drivers\HTTP.sys
  0x072C8000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x0736D000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x07385000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x073B2000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x044E7000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0x0820D000 \SystemRoot\System32\Drivers\adfs.SYS
  0x08225000 \SystemRoot\system32\drivers\peauth.sys
  0x082CB000 \??\C:\Windows\system32\drivers\regi.sys
  0x082D3000 \SystemRoot\System32\Drivers\secdrv.SYS
  0x082DE000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0x0830B000 \SystemRoot\System32\drivers\tcpipreg.sys
  0x0831D000 \SystemRoot\system32\DRIVERS\vwifimp.sys
  0x08327000 \SystemRoot\System32\DRIVERS\srv2.sys
  0x09421000 \SystemRoot\System32\DRIVERS\srv.sys
  0x094B7000 \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
  0x09530000 \SystemRoot\System32\Drivers\a2djusb.sys
  0x0954B000 \SystemRoot\System32\Drivers\a2djavs.sys
  0x77540000 \Windows\System32\ntdll.dll
  0x478A0000 \Windows\System32\smss.exe
  0xFF860000 \Windows\System32\apisetschema.dll
  0xFF3E0000 \Windows\System32\autochk.exe
  0xFF7D0000 \Windows\System32\shlwapi.dll
  0xFF6F0000 \Windows\System32\advapi32.dll
  0xFF610000 \Windows\System32\oleaut32.dll
  0xFF570000 \Windows\System32\comdlg32.dll
  0xFF390000 \Windows\System32\setupapi.dll
  0xFF210000 \Windows\System32\urlmon.dll
  0xFF170000 \Windows\System32\msvcrt.dll
  0xFF140000 \Windows\System32\imm32.dll
  0x77710000 \Windows\System32\psapi.dll
  0xFF120000 \Windows\System32\sechost.dll
  0xFF050000 \Windows\System32\usp10.dll
  0xFF040000 \Windows\System32\lpk.dll
  0xFEFF0000 \Windows\System32\ws2_32.dll
  0xFEFD0000 \Windows\System32\imagehlp.dll
  0x77700000 \Windows\System32\normaliz.dll
  0xFEF50000 \Windows\System32\difxapi.dll
  0xFED40000 \Windows\System32\ole32.dll
  0x77440000 \Windows\System32\user32.dll
  0xFECA0000 \Windows\System32\clbcatq.dll
  0xFEC50000 \Windows\System32\Wldap32.dll
  0xFEC40000 \Windows\System32\nsi.dll
  0xFDEB0000 \Windows\System32\shell32.dll
  0xFDD80000 \Windows\System32\wininet.dll
  0xFDC70000 \Windows\System32\msctf.dll
  0x77320000 \Windows\System32\kernel32.dll
  0xFDA10000 \Windows\System32\iertutil.dll
  0xFD8E0000 \Windows\System32\rpcrt4.dll
  0xFD870000 \Windows\System32\gdi32.dll
  0xFD7D0000 \Windows\System32\comctl32.dll
  0xFD660000 \Windows\System32\crypt32.dll
  0xFD5F0000 \Windows\System32\KernelBase.dll
  0xFD5B0000 \Windows\System32\wintrust.dll
  0xFD590000 \Windows\System32\devobj.dll
  0xFD550000 \Windows\System32\cfgmgr32.dll
  0xFD540000 \Windows\System32\msasn1.dll
  0x75CD0000 \Windows\SysWOW64\normaliz.dll

Processes (total 81):
      0 System Idle Process
      4 System
    392 C:\Windows\System32\smss.exe
    572 csrss.exe
    656 C:\Windows\System32\wininit.exe
    672 csrss.exe
    732 C:\Windows\System32\services.exe
    748 C:\Windows\System32\lsass.exe
    756 C:\Windows\System32\lsm.exe
    904 C:\Windows\System32\svchost.exe
    976 C:\Windows\System32\nvvsvc.exe
    144 C:\Windows\System32\svchost.exe
    588 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    768 C:\Windows\System32\winlogon.exe
    900 C:\Windows\System32\svchost.exe
    1016 C:\Windows\System32\svchost.exe
    1068 C:\Windows\System32\svchost.exe
    1112 C:\Windows\System32\svchost.exe
    1340 C:\Windows\System32\svchost.exe
    1572 C:\Windows\System32\nvvsvc.exe
    1676 C:\Windows\System32\wlanext.exe
    1692 C:\Windows\System32\conhost.exe
    1792 C:\Windows\System32\spoolsv.exe
    1848 C:\Windows\System32\svchost.exe
    1956 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    1996 C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
    2024 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    1088 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    1292 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    1520 C:\Windows\System32\svchost.exe
    1916 C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
    1808 C:\Windows\SysWOW64\PnkBstrA.exe
    2088 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    2128 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    2172 C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
    2216 C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
    2412 C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
    2476 C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
    2512 C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
    2596 C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
    2672 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    2748 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    2784 unsecapp.exe
    2812 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    2928 WmiPrvSE.exe
    2972 C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
    2564 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe
    3128 C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    3212 dllhost.exe
    3780 C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
    3884 C:\Windows\System32\svchost.exe
    4064 C:\Windows\System32\svchost.exe
    4744 C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    4828 C:\Windows\System32\svchost.exe
    4900 C:\Program Files\Windows Media Player\wmpnetwk.exe
    2644 C:\Windows\System32\taskhost.exe
    3232 C:\Windows\System32\taskeng.exe
    896 C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
    4052 C:\Windows\System32\dwm.exe
    4628 C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
    1160 C:\Windows\explorer.exe
    4716 C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
    5020 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    4176 C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    944 C:\Program Files\Windows Sidebar\sidebar.exe
    1040 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    2044 C:\Windows\System32\audiodg.exe
    3140 C:\Windows\SysWOW64\rundll32.exe
    2620 WmiPrvSE.exe
    2496 C:\Windows\System32\svchost.exe
    5248 dllhost.exe
    5504 C:\Program Files (x86)\Digsby\lib\digsby-app.exe
    5536 C:\Program Files (x86)\Skype\Phone\Skype.exe
    5824 C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
    1084 C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    4588 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    1800 dllhost.exe
    5356 dllhost.exe
    5684 C:\Users\****\Desktop\MBRCheck.exe
    5548 C:\Windows\System32\conhost.exe
    2948 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`c2800000  (NTFS)

PhysicalDrive0 Model Number: ST9500420AS, Rev: 0002SDM2

      Size  Device Name          MBR Status
  --------------------------------------------
    465 GB  \\.\PhysicalDrive0  MBR Code Faked!
            SHA1: 1BB72AA843C54C64E74C9F6C9BD22FA2AFA08966


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

cosinus 21.12.2010 12:57
Zitat:
und als free antivir prog? kann ich da weiterhin comodo benutzen oder lieber anti vir?
Du kannst auch das kostenlose Security Essentials von MS nehmen, das ist genauso gut wie jeder andere Virenscanner aber nervt nicht so penetrant mit Popups! :mad:

Zitat:
465 GB \\.\PhysicalDrive0 MBR Code Faked!
SHA1: 1BB72AA843C54C64E74C9F6C9BD22FA2AFA08966
Noch andere betriebsssteme drauf oder nur Win7?

Etotherik 21.12.2010 15:22
nur win7 64 bit home premium

cosinus 21.12.2010 22:20
hast du eine Win7-DVD zur Hand? (wenn nicht besorg sie dir bitte)

Boote den Rechner von dieser DVD, klick auf Computerreparaturoptionen, weiter, Eingabeaufforderung - die Konsole öffnet sich. Da bitte bootrec.exe /fixboot eintippen (mit enter bestätigen), dann bootrec.exe /fixmbr eintippen (mit enter bestätigen) - Rechner neustarten, CD vorher rausnehmen - mach ein neues Log mit mbrcheck und poste es

Etotherik 22.12.2010 19:50
MBRCheck nach Fixboot und Fixmbr

Code:
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:                       
Windows Version:                Windows 7 Home Premium Edition
Windows Information:                (build 7600), 64-bit
Base Board Manufacturer:        Sony Corporation
BIOS Manufacturer:                American Megatrends Inc.
System Manufacturer:                Sony Corporation
System Product Name:                VPCF12C5E
Logical Drives Mask:                0x0000003c

Kernel Drivers (total 200):
  0x03400000 \SystemRoot\system32\ntoskrnl.exe
  0x039DC000 \SystemRoot\system32\hal.dll
  0x00B99000 \SystemRoot\system32\kdcom.dll
  0x00C0B000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
  0x00C4F000 \SystemRoot\system32\PSHED.dll
  0x00C63000 \SystemRoot\system32\CLFS.SYS
  0x00CC1000 \SystemRoot\system32\CI.dll
  0x00E59000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x00EFD000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x0107E000 \SystemRoot\System32\Drivers\spgk.sys
  0x011A4000 \SystemRoot\System32\Drivers\WMILIB.SYS
  0x011AD000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
  0x01000000 \SystemRoot\system32\drivers\ACPI.sys
  0x01057000 \SystemRoot\system32\drivers\msisadrv.sys
  0x01061000 \SystemRoot\system32\drivers\vdrvroot.sys
  0x00F0C000 \SystemRoot\system32\drivers\pci.sys
  0x011DC000 \SystemRoot\System32\drivers\partmgr.sys
  0x011F1000 \SystemRoot\system32\drivers\compbatt.sys
  0x0106E000 \SystemRoot\system32\drivers\BATTC.SYS
  0x00F3F000 \SystemRoot\system32\drivers\volmgr.sys
  0x00F54000 \SystemRoot\System32\drivers\volmgrx.sys
  0x00FB0000 \SystemRoot\System32\drivers\mountmgr.sys
  0x012FB000 \SystemRoot\system32\drivers\iaStor.sys
  0x01503000 \SystemRoot\system32\drivers\atapi.sys
  0x0150C000 \SystemRoot\system32\drivers\ataport.SYS
  0x01536000 \SystemRoot\system32\drivers\amdxata.sys
  0x01541000 \SystemRoot\system32\drivers\fltmgr.sys
  0x0158D000 \SystemRoot\system32\drivers\fileinfo.sys
  0x015A1000 \SystemRoot\System32\Drivers\PxHlpa64.sys
  0x0164B000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x01200000 \SystemRoot\System32\Drivers\msrpc.sys
  0x01600000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x0125E000 \SystemRoot\System32\Drivers\cng.sys
  0x0161A000 \SystemRoot\System32\drivers\pcw.sys
  0x0162B000 \SystemRoot\System32\Drivers\Fs_Rec.sys
  0x018EA000 \SystemRoot\system32\drivers\ndis.sys
  0x01800000 \SystemRoot\system32\drivers\NETIO.SYS
  0x01860000 \SystemRoot\System32\Drivers\ksecpkg.sys
  0x01A02000 \SystemRoot\System32\drivers\tcpip.sys
  0x0188B000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x015AD000 \SystemRoot\system32\drivers\volsnap.sys
  0x018D5000 \SystemRoot\System32\Drivers\spldr.sys
  0x00E00000 \SystemRoot\System32\drivers\rdyboost.sys
  0x019DC000 \SystemRoot\System32\Drivers\mup.sys
  0x019EE000 \SystemRoot\System32\drivers\hwpolicy.sys
  0x00D81000 \SystemRoot\System32\DRIVERS\fvevol.sys
  0x01635000 \SystemRoot\system32\drivers\disk.sys
  0x00FCA000 \SystemRoot\system32\drivers\CLASSPNP.SYS
  0x04426000 \SystemRoot\System32\DRIVERS\cmderd.sys
  0x0442F000 \SystemRoot\system32\DRIVERS\cdrom.sys
  0x04459000 \SystemRoot\System32\DRIVERS\cmdguard.sys
  0x0449B000 \SystemRoot\System32\Drivers\Null.SYS
  0x044A4000 \SystemRoot\System32\Drivers\Beep.SYS
  0x044AB000 \SystemRoot\System32\drivers\vga.sys
  0x044B9000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x044DE000 \SystemRoot\System32\drivers\watchdog.sys
  0x044EE000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0x044F7000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x04500000 \SystemRoot\system32\drivers\rdprefmp.sys
  0x04509000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x04514000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x04525000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x04543000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x04550000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x02E01000 \SystemRoot\system32\drivers\afd.sys
  0x02E8B000 \SystemRoot\system32\DRIVERS\wfplwf.sys
  0x02E94000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x02EBA000 \SystemRoot\system32\DRIVERS\vwififlt.sys
  0x02ED0000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x02EDF000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x02EFA000 \SystemRoot\system32\drivers\termdd.sys
  0x02F0E000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x02F5F000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x02F6B000 \SystemRoot\system32\drivers\mssmbios.sys
  0x02F76000 \SystemRoot\System32\drivers\discache.sys
  0x02F85000 \SystemRoot\System32\Drivers\dfsc.sys
  0x02FA3000 \SystemRoot\system32\drivers\blbdrive.sys
  0x02FB4000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x04A88000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
  0x055AF000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
  0x04651000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x04745000 \SystemRoot\System32\drivers\dxgmms1.sys
  0x0478B000 \SystemRoot\system32\drivers\HDAudBus.sys
  0x047AF000 \SystemRoot\system32\drivers\usbehci.sys
  0x04A00000 \SystemRoot\system32\drivers\USBPORT.SYS
  0x05812000 \SystemRoot\system32\DRIVERS\NETw5s64.sys
  0x05EBF000 \SystemRoot\system32\DRIVERS\vwifibus.sys
  0x05ECC000 \SystemRoot\system32\DRIVERS\sdbus.sys
  0x05EEC000 \SystemRoot\system32\drivers\rimssne64.sys
  0x05F0C000 \SystemRoot\system32\drivers\1394ohci.sys
  0x05F4A000 \SystemRoot\system32\drivers\risdsne64.sys
  0x05F63000 \SystemRoot\system32\DRIVERS\yk62x64.sys
  0x05FC7000 \SystemRoot\system32\DRIVERS\i8042prt.sys
  0x05FE5000 \SystemRoot\system32\DRIVERS\kbdclass.sys
  0x04600000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
  0x05800000 \SystemRoot\system32\DRIVERS\mouclass.sys
  0x0580F000 \SystemRoot\system32\drivers\SFEP.sys
  0x047C0000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
  0x055B1000 \SystemRoot\System32\Drivers\au57dq5e.SYS
  0x05FF4000 \SystemRoot\system32\drivers\wmiacpi.sys
  0x047CD000 \SystemRoot\system32\DRIVERS\intelppm.sys
  0x047E3000 \SystemRoot\system32\drivers\CmBatt.sys
  0x047E8000 \SystemRoot\system32\drivers\CompositeBus.sys
  0x04A56000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
  0x02FDA000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x04A6C000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x04595000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x045C4000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x045DF000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x012D1000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x05FFD000 \SystemRoot\system32\drivers\swenum.sys
  0x00DBB000 \SystemRoot\system32\drivers\ks.sys
  0x00E3A000 \SystemRoot\system32\DRIVERS\umbus.sys
  0x0687D000 \SystemRoot\system32\DRIVERS\usbhub.sys
  0x068D7000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x068EC000 \SystemRoot\system32\drivers\nvhda64v.sys
  0x06905000 \SystemRoot\system32\drivers\portcls.sys
  0x06942000 \SystemRoot\system32\drivers\drmk.sys
  0x06964000 \SystemRoot\system32\drivers\ksthunk.sys
  0x07C70000 \SystemRoot\system32\drivers\RTKVHD64.sys
  0x07E99000 \SystemRoot\system32\DRIVERS\usbccgp.sys
  0x07EB6000 \SystemRoot\system32\DRIVERS\USBD.SYS
  0x07EB8000 \SystemRoot\System32\Drivers\usbvideo.sys
  0x07EE6000 \SystemRoot\system32\DRIVERS\ArcSoftKsUFilter.sys
  0x000E0000 \SystemRoot\System32\win32k.sys
  0x07EF0000 \SystemRoot\System32\drivers\Dxapi.sys
  0x07EFC000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
  0x07F17000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x04200000 \SystemRoot\System32\Drivers\dump_iaStor.sys
  0x07F25000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
  0x07F38000 \SystemRoot\system32\DRIVERS\hidusb.sys
  0x07F46000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
  0x07F5F000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
  0x07F68000 \SystemRoot\system32\DRIVERS\mouhid.sys
  0x07F75000 \SystemRoot\system32\DRIVERS\monitor.sys
  0x005C0000 \SystemRoot\System32\TSDDD.dll
  0x00760000 \SystemRoot\System32\cdd.dll
  0x07F83000 \SystemRoot\system32\drivers\luafv.sys
  0x07FA6000 \SystemRoot\system32\drivers\WudfPf.sys
  0x07FC7000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x07C00000 \SystemRoot\system32\DRIVERS\nwifi.sys
  0x07C53000 \SystemRoot\system32\DRIVERS\ndisuio.sys
  0x07FDC000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x048A9000 \SystemRoot\system32\drivers\HTTP.sys
  0x04971000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x0498F000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x049A7000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x04800000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x0484E000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0x04871000 \SystemRoot\System32\Drivers\adfs.SYS
  0x08247000 \SystemRoot\system32\drivers\peauth.sys
  0x082ED000 \??\C:\Windows\system32\drivers\regi.sys
  0x082F5000 \SystemRoot\system32\DRIVERS\vwifimp.sys
  0x082FF000 \SystemRoot\System32\Drivers\secdrv.SYS
  0x0830A000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0x08337000 \SystemRoot\System32\drivers\tcpipreg.sys
  0x08349000 \SystemRoot\System32\DRIVERS\srv2.sys
  0x0696A000 \SystemRoot\System32\DRIVERS\srv.sys
  0x083B0000 \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
  0x083B8000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
  0x779D0000 \Windows\System32\ntdll.dll
  0x47840000 \Windows\System32\smss.exe
  0xFFCF0000 \Windows\System32\apisetschema.dll
  0xFF2B0000 \Windows\System32\autochk.exe
  0xFFC40000 \Windows\System32\clbcatq.dll
  0xFFBA0000 \Windows\System32\comdlg32.dll
  0xFFB90000 \Windows\System32\lpk.dll
  0xFFA10000 \Windows\System32\urlmon.dll
  0xFF7B0000 \Windows\System32\iertutil.dll
  0x778D0000 \Windows\System32\user32.dll
  0xFF680000 \Windows\System32\wininet.dll
  0xFF5B0000 \Windows\System32\usp10.dll
  0xFF580000 \Windows\System32\imm32.dll
  0xFF560000 \Windows\System32\sechost.dll
  0xFF480000 \Windows\System32\oleaut32.dll
  0x77BA0000 \Windows\System32\psapi.dll
  0xFF410000 \Windows\System32\gdi32.dll
  0xFE680000 \Windows\System32\shell32.dll
  0xFE660000 \Windows\System32\imagehlp.dll
  0xFE610000 \Windows\System32\ws2_32.dll
  0xFE530000 \Windows\System32\advapi32.dll
  0x777B0000 \Windows\System32\kernel32.dll
  0xFE490000 \Windows\System32\msvcrt.dll
  0xFE2B0000 \Windows\System32\setupapi.dll
  0xFE2A0000 \Windows\System32\nsi.dll
  0xFE170000 \Windows\System32\rpcrt4.dll
  0xFE0F0000 \Windows\System32\shlwapi.dll
  0xFDEE0000 \Windows\System32\ole32.dll
  0xFDE60000 \Windows\System32\difxapi.dll
  0xFDD50000 \Windows\System32\msctf.dll
  0x77B90000 \Windows\System32\normaliz.dll
  0xFDD00000 \Windows\System32\Wldap32.dll
  0xFDB90000 \Windows\System32\crypt32.dll
  0xFDB20000 \Windows\System32\KernelBase.dll
  0xFDAE0000 \Windows\System32\wintrust.dll
  0xFDAC0000 \Windows\System32\devobj.dll
  0xFDA20000 \Windows\System32\comctl32.dll
  0xFD9E0000 \Windows\System32\cfgmgr32.dll
  0xFD9D0000 \Windows\System32\msasn1.dll
  0x77B80000 \Windows\SysWOW64\normaliz.dll

Processes (total 75):
      0 System Idle Process
      4 System
    368 C:\Windows\System32\smss.exe
    544 csrss.exe
    620 C:\Windows\System32\wininit.exe
    640 csrss.exe
    684 C:\Windows\System32\services.exe
    700 C:\Windows\System32\lsass.exe
    708 C:\Windows\System32\lsm.exe
    828 C:\Windows\System32\svchost.exe
    892 C:\Windows\System32\nvvsvc.exe
    932 C:\Windows\System32\svchost.exe
    1000 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    160 C:\Windows\System32\winlogon.exe
    552 C:\Windows\System32\svchost.exe
    676 C:\Windows\System32\svchost.exe
    916 C:\Windows\System32\svchost.exe
    764 C:\Windows\System32\svchost.exe
    1176 C:\Windows\System32\audiodg.exe
    1236 C:\Windows\System32\svchost.exe
    1436 C:\Windows\System32\nvvsvc.exe
    1576 C:\Windows\System32\wlanext.exe
    1584 C:\Windows\System32\conhost.exe
    1636 C:\Windows\System32\spoolsv.exe
    1684 C:\Windows\System32\svchost.exe
    1812 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    1856 C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
    1884 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    1904 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    1944 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    1984 C:\Windows\System32\svchost.exe
    1164 C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
    1456 C:\Windows\SysWOW64\PnkBstrA.exe
    1708 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    2144 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    2176 C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
    2212 C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
    2240 C:\Windows\System32\svchost.exe
    2396 C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
    2440 C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
    2464 C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
    2508 C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
    2540 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    2588 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    2656 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    2740 dllhost.exe
    2788 unsecapp.exe
    2796 WmiPrvSE.exe
    2936 C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
    2288 C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
    2368 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe
    3412 C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    4028 C:\Windows\System32\svchost.exe
    4068 WUDFHost.exe
    856 C:\Windows\System32\taskhost.exe
    4120 C:\Windows\System32\taskeng.exe
    4132 C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
    4144 C:\Windows\System32\dwm.exe
    4176 C:\Windows\explorer.exe
    4184 C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
    4448 C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
    4504 C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    4616 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    4664 C:\Program Files\Windows Sidebar\sidebar.exe
    4704 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    4784 C:\Windows\SysWOW64\rundll32.exe
    3280 WmiPrvSE.exe
    4612 C:\Program Files\Windows Media Player\wmpnetwk.exe
    4364 C:\Windows\System32\svchost.exe
    5608 dllhost.exe
    5896 dllhost.exe
    5932 dllhost.exe
    5964 C:\Users\Erik\Desktop\System\MBRCheck.exe
    5976 C:\Windows\System32\conhost.exe
    6004 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`c2800000  (NTFS)

PhysicalDrive0 Model Number: ST9500420AS, Rev: 0002SDM2

      Size  Device Name          MBR Status
  --------------------------------------------
    465 GB  \\.\PhysicalDrive0  Windows 7 MBR code detected
            SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!

cosinus 22.12.2010 20:55
Code:
      Size  Device Name          MBR Status
  --------------------------------------------
    465 GB  \\.\PhysicalDrive0  Windows 7 MBR code detected
            SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Etotherik 23.12.2010 10:38
Malwarebytes neu
Code:
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Datenbank Version: 5345

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

23.12.2010 10:36:20
mbam-log-2010-12-23 (10-36-20).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 358817
Laufzeit: 1 Stunde(n), 22 Minute(n), 32 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Etotherik 23.12.2010 11:36
SUPERAntiSpyware Scan Log

Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 12/23/2010 at 11:23 AM

Application Version : 4.47.1000

Core Rules Database Version : 6061
Trace Rules Database Version: 3873

Scan type      : Complete Scan
Total Scan Time : 02:03:28

Memory items scanned      : 681
Memory threats detected  : 0
Registry items scanned    : 14358
Registry threats detected : 0
File items scanned        : 205247
File threats detected    : 2

Adware.Tracking Cookie
        C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\erik@2o7[2].txt
        C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\erik@perf.overture[1].txt


Alle Zeitangaben in WEZ +1. Es ist jetzt 21:46 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19