Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected `` (https://www.trojaner-board.de/96836-tr-crypt-xpack-gen-antivir-gefunden-windwosmeldung-damaged-hard-disk-clusters-detected.html)

rivaldo22 25.03.2011 16:35
TR/Crypt.XPACK.Gen von Antivir gefunden und Windwosmeldung ``Damaged hard disk clusters detected ``
 
Hallo Leute ,
Seit gestern Abend nachdem ich so ein Java update bei mir durchgeführt habe taucht folgendes bei mir auf .

-Antivir kommt immer wieder mit der Meldung ,dass es den Trojaner hier gefunden hat : TR/Crypt.XPACK.Gen

-Desweiteren kommen solche Windows Meldungen :

Windows -Delayed write Filed

Windwos was unaeble to save all the data for the file
//System32//496A8300.The data has been lost.This error may be caused by a failure of your computer hardware.


Hard drive Failure

The System has detected a problem with one or more install IDE / SATA Hard disks.It is recommended that you restart the System.


Catalyst Control Centre :Host Application funktioniert nicht mehr .


Damaged hard drive Clusters detected.



Malwarebytes macht grad einen Vollscan und OTL habe ich auch schon gedownloadet .


Bin um jede Hilfe dankbar .Ihr seid meine letzte Hoffnung :(.


lg

Soo die Scans mit malwarebytes und OTL sind abgeschlossen hier die Logs:

Malwarebytes:
Malwarebytes

Datenbank Version: 6169

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

25.03.2011 16:51:58
mbam-log-2011-03-25 (16-51-39).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Durchsuchte Objekte: 288327
Laufzeit: 49 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3

Infizierte Speicherprozesse:
c:\programdata\scrrtwxnjagi.exe (Trojan.Downloader) -> 2788 -> No action taken.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sCRrtWXnjAgI (Trojan.Downloader) -> Value: sCRrtWXnjAgI -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\programdata\scrrtwxnjagi.exe (Trojan.Downloader) -> No action taken.
c:\Users\Vaio\AppData\Local\Temp\jar_cache262274732562599392.tmp (Trojan.Downloader) -> No action taken.
c:\Users\Vaio\Desktop\null0.017095613465911375.exe (Trojan.Downloader) -> No action taken.




OTL

LOG 1:OTL Logfile:
Code:
OTL logfile created on: 25.03.2011 16:55:01 - Run 1
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Users\Vaio\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455,16 Gb Total Space | 405,84 Gb Free Space | 89,17% Space Free | Partition Type: NTFS
 
Computer Name: VAIO-VAIO | User Name: Vaio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Vaio\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\sCRrtWXnjAgI.exe (FPAV)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe (InternetCalls)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC)
PRC - C:\Programme\Sony\VAIO Care\VCSpt.exe (Sony Corporation)
PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation)
PRC - C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Vaio\Downloads\OTL.exe (OldTimer Tools)
MOD - c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll (McAfee, Inc.)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
SRV:64bit: - (VSNService) -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV:64bit: - (VUAgent) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (PMBDeviceInfoProvider) -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)
SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys ()
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google Toolbar
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.01.21 23:36:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.01.21 23:36:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011.02.28 18:53:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.03.24 16:35:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.24 16:35:52 | 000,000,000 | ---D | M]
 
[2010.01.10 19:14:37 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Vaio\AppData\Roaming\mozilla\Extensions
[2011.03.25 00:36:41 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Vaio\AppData\Roaming\mozilla\Firefox\Profiles\um5t1ii3.default\extensions
[2011.01.14 20:44:08 | 000,000,000 | -H-D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Vaio\AppData\Roaming\mozilla\Firefox\Profiles\um5t1ii3.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.01.10 20:45:06 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Vaio\AppData\Roaming\mozilla\Firefox\Profiles\um5t1ii3.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.01.14 21:37:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.01.14 21:37:32 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.01.21 23:36:48 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011.01.21 23:36:49 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2011.02.28 18:53:53 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2010.10.13 22:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2011.03.24 16:35:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.03.24 16:35:49 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.03.24 16:35:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.03.24 16:35:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.03.24 16:35:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\SystemCore\ScriptSn.20110114193924.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110114193924.dll (McAfee, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [InternetCalls] C:\Program Files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe (InternetCalls)
O4 - HKCU..\Run: [sCRrtWXnjAgI] C:\ProgramData\sCRrtWXnjAgI.exe (FPAV)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Vaio\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Vaio\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - c:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.03.25 15:56:35 | 000,000,000 | ---D | C] -- C:\Users\Vaio\AppData\Roaming\Malwarebytes
[2011.03.25 15:56:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.03.25 15:56:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.03.25 15:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.03.25 15:56:24 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.03.25 15:56:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.03.25 14:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011.03.25 01:05:26 | 000,000,000 | -H-D | C] -- C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011.03.25 00:32:26 | 000,546,304 | -H-- | C] (FPAV) -- C:\ProgramData\sCRrtWXnjAgI.exe
[2011.03.25 00:32:23 | 000,546,304 | -H-- | C] (FPAV) -- C:\Users\Vaio\Desktop\null0.017095613465911375.exe
[2011.03.15 21:49:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veetle
[2011.03.15 17:52:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2011.03.15 17:52:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2011.03.15 17:52:11 | 000,136,704 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpf3l70v.dll
[2011.03.15 17:51:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2011.03.15 17:51:40 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2011.03.15 17:50:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\HP
[2011.03.15 17:50:28 | 000,880,640 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hposwia_d02c.dll
[2011.03.15 17:50:28 | 000,748,544 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpost_d02c.dll
[2011.03.15 17:50:28 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll
[2011.03.15 17:50:28 | 000,551,424 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hppldcoi.dll
[2011.03.15 17:50:28 | 000,515,072 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hposc_d02a.dll
[2011.03.09 14:05:46 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011.03.09 14:05:46 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.03.09 14:05:46 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011.03.09 14:05:46 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.03.09 14:05:45 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011.03.09 14:05:45 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011.03.09 14:05:45 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011.03.09 14:05:45 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011.03.09 14:05:42 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2011.03.09 14:05:42 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2011.03.09 14:05:41 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2011.03.09 14:05:41 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011.03.07 00:24:55 | 000,000,000 | -H-D | C] -- C:\Users\Vaio\AppData\Roaming\InternetCalls
[2011.03.07 00:24:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InternetCalls
[2011.03.07 00:24:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InternetCalls.com
[2011.03.05 21:55:36 | 000,000,000 | -H-D | C] -- C:\Users\Vaio\AppData\Roaming\Apple Computer
[2011.03.05 21:55:36 | 000,000,000 | -H-D | C] -- C:\Users\Vaio\AppData\Local\Apple Computer
[2011.03.05 21:55:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.03.05 21:55:09 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2011.03.05 21:55:09 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2011.03.05 21:55:09 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011.03.05 21:54:33 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011.03.05 21:54:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.03.05 21:54:33 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.03.05 21:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011.03.05 21:53:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.03.05 21:53:04 | 000,000,000 | -H-D | C] -- C:\ProgramData\Apple Computer
[2011.03.05 21:53:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011.03.05 21:52:52 | 000,000,000 | -H-D | C] -- C:\Users\Vaio\AppData\Local\Apple
[2011.03.05 21:52:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.03.05 21:52:38 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2011.03.05 21:52:23 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2011.03.05 21:52:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011.03.05 21:52:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\Apple
[2011.03.05 21:52:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011.03.01 21:06:13 | 000,000,000 | -H-D | C] -- C:\Users\Vaio\Documents\ICQ
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.03.25 16:25:02 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.03.25 15:56:28 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.03.25 15:54:12 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.25 15:54:12 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.25 15:44:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.25 14:14:55 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.03.25 14:14:37 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys
[2011.03.25 01:06:18 | 000,000,128 | -H-- | M] () -- C:\ProgramData\~41803528r
[2011.03.25 01:06:18 | 000,000,096 | -H-- | M] () -- C:\ProgramData\~41803528
[2011.03.25 01:05:36 | 000,000,631 | -H-- | M] () -- C:\Users\Vaio\Desktop\Windows Recovery.lnk
[2011.03.25 00:32:25 | 000,546,304 | -H-- | M] (FPAV) -- C:\ProgramData\sCRrtWXnjAgI.exe
[2011.03.25 00:32:25 | 000,546,304 | -H-- | M] (FPAV) -- C:\Users\Vaio\Desktop\null0.017095613465911375.exe
[2011.03.24 19:20:55 | 000,030,326 | -H-- | M] () -- C:\Users\Vaio\Desktop\DXLA31_82900_76001_99_9999.jpg
[2011.03.24 19:20:52 | 000,025,468 | -H-- | M] () -- C:\Users\Vaio\Desktop\DXLA01_82900_37005_99_9999.jpg
[2011.03.24 19:20:47 | 000,014,688 | -H-- | M] () -- C:\Users\Vaio\Desktop\DXLA01_82900_09090_76_6570.jpg
[2011.03.24 15:59:46 | 000,056,273 | -H-- | M] () -- C:\Users\Vaio\Desktop\catherine-zeta-jones-20060306-113776.jpg
[2011.03.24 15:53:20 | 000,024,889 | -H-- | M] () -- C:\Users\Vaio\Desktop\58592_catfight_angelina_megan.jpg
[2011.03.24 00:39:29 | 000,154,124 | -H-- | M] () -- C:\Users\Vaio\Desktop\4cb412f46e719.jpg
[2011.03.23 19:31:44 | 000,082,217 | -H-- | M] () -- C:\Users\Vaio\Desktop\IMG_5887.JPG
[2011.03.22 22:06:21 | 000,072,330 | -H-- | M] () -- C:\Users\Vaio\Desktop\kingsize7.jpg
[2011.03.22 21:45:38 | 000,072,960 | -H-- | M] () -- C:\Users\Vaio\Desktop\149275_100928016647498_100001908993654_4881_8113473_n.jpg
[2011.03.21 20:58:49 | 000,085,252 | -H-- | M] () -- C:\Users\Vaio\Desktop\197460_203555469672615_100000544905088_676048_6808101_n.jpg
[2011.03.20 03:12:48 | 000,029,477 | -H-- | M] () -- C:\Users\Vaio\Desktop\DXLA01_79821_09090_52_6435.jpg
[2011.03.20 03:10:12 | 000,018,218 | -H-- | M] () -- C:\Users\Vaio\Desktop\DXLA01_78440_34015_71_6255.jpg
[2011.03.20 03:08:55 | 000,026,059 | -H-- | M] () -- C:\Users\Vaio\Desktop\DXLA01_79828_09090_72_6410.jpg
[2011.03.19 01:56:52 | 000,031,090 | -H-- | M] () -- C:\Users\Vaio\Desktop\106441_FP_AlyssaMilano_1.jpg
[2011.03.15 22:23:17 | 000,000,916 | -H-- | M] () -- C:\Users\Public\Documents\sprüche.rtf
[2011.03.15 17:55:15 | 000,146,721 | ---- | M] () -- C:\Windows\hpoins44.dat
[2011.03.15 17:11:40 | 000,005,463 | -H-- | M] () -- C:\Users\Vaio\Desktop\dfdfdf.rtf
[2011.03.14 16:01:33 | 000,000,230 | -H-- | M] () -- C:\Users\Public\Documents\frauena..rtf
[2011.03.12 03:30:11 | 000,003,584 | -H-- | M] () -- C:\Users\Vaio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.07 00:24:53 | 000,001,155 | -H-- | M] () -- C:\Users\Vaio\Desktop\InternetCalls.lnk
[2011.03.05 22:58:17 | 000,685,145 | -H-- | M] () -- C:\Users\Vaio\Desktop\IMG_0117.JPG
[2011.03.05 22:56:05 | 000,654,371 | -H-- | M] () -- C:\Users\Vaio\Desktop\IMG_0085.JPG
[2011.03.05 22:55:13 | 000,740,763 | -H-- | M] () -- C:\Users\Vaio\Desktop\IMG_0055.JPG
[2011.03.05 22:08:51 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.03.05 22:08:51 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.03.05 22:08:51 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.03.05 22:08:51 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.03.05 22:08:51 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.03.05 21:55:30 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.03.05 21:53:19 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.03.25 15:56:28 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.03.25 01:06:18 | 000,000,128 | -H-- | C] () -- C:\ProgramData\~41803528r
[2011.03.25 01:06:16 | 000,000,096 | -H-- | C] () -- C:\ProgramData\~41803528
[2011.03.25 01:05:36 | 000,000,631 | -H-- | C] () -- C:\Users\Vaio\Desktop\Windows Recovery.lnk
[2011.03.24 19:20:55 | 000,030,326 | -H-- | C] () -- C:\Users\Vaio\Desktop\DXLA31_82900_76001_99_9999.jpg
[2011.03.24 19:20:52 | 000,025,468 | -H-- | C] () -- C:\Users\Vaio\Desktop\DXLA01_82900_37005_99_9999.jpg
[2011.03.24 19:20:47 | 000,014,688 | -H-- | C] () -- C:\Users\Vaio\Desktop\DXLA01_82900_09090_76_6570.jpg
[2011.03.24 15:59:46 | 000,056,273 | -H-- | C] () -- C:\Users\Vaio\Desktop\catherine-zeta-jones-20060306-113776.jpg
[2011.03.24 15:53:20 | 000,024,889 | -H-- | C] () -- C:\Users\Vaio\Desktop\58592_catfight_angelina_megan.jpg
[2011.03.24 00:39:29 | 000,154,124 | -H-- | C] () -- C:\Users\Vaio\Desktop\4cb412f46e719.jpg
[2011.03.23 19:31:44 | 000,082,217 | -H-- | C] () -- C:\Users\Vaio\Desktop\IMG_5887.JPG
[2011.03.22 22:06:21 | 000,072,330 | -H-- | C] () -- C:\Users\Vaio\Desktop\kingsize7.jpg
[2011.03.22 21:45:38 | 000,072,960 | -H-- | C] () -- C:\Users\Vaio\Desktop\149275_100928016647498_100001908993654_4881_8113473_n.jpg
[2011.03.21 20:58:49 | 000,085,252 | -H-- | C] () -- C:\Users\Vaio\Desktop\197460_203555469672615_100000544905088_676048_6808101_n.jpg
[2011.03.20 03:12:48 | 000,029,477 | -H-- | C] () -- C:\Users\Vaio\Desktop\DXLA01_79821_09090_52_6435.jpg
[2011.03.20 03:10:12 | 000,018,218 | -H-- | C] () -- C:\Users\Vaio\Desktop\DXLA01_78440_34015_71_6255.jpg
[2011.03.20 03:08:55 | 000,026,059 | -H-- | C] () -- C:\Users\Vaio\Desktop\DXLA01_79828_09090_72_6410.jpg
[2011.03.19 01:56:52 | 000,031,090 | -H-- | C] () -- C:\Users\Vaio\Desktop\106441_FP_AlyssaMilano_1.jpg
[2011.03.15 22:23:17 | 000,000,916 | -H-- | C] () -- C:\Users\Public\Documents\sprüche.rtf
[2011.03.15 17:50:34 | 000,146,721 | ---- | C] () -- C:\Windows\hpoins44.dat
[2011.03.15 17:50:34 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat
[2011.03.15 17:11:40 | 000,005,463 | -H-- | C] () -- C:\Users\Vaio\Desktop\dfdfdf.rtf
[2011.03.14 16:01:33 | 000,000,230 | -H-- | C] () -- C:\Users\Public\Documents\frauena..rtf
[2011.03.12 03:30:11 | 000,003,584 | -H-- | C] () -- C:\Users\Vaio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.07 00:24:53 | 000,001,155 | -H-- | C] () -- C:\Users\Vaio\Desktop\InternetCalls.lnk
[2011.03.05 22:51:21 | 000,685,145 | -H-- | C] () -- C:\Users\Vaio\Desktop\IMG_0117.JPG
[2011.03.05 22:51:14 | 000,654,371 | -H-- | C] () -- C:\Users\Vaio\Desktop\IMG_0085.JPG
[2011.03.05 22:50:59 | 000,740,763 | -H-- | C] () -- C:\Users\Vaio\Desktop\IMG_0055.JPG
[2011.03.05 21:55:30 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.03.05 21:53:19 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011.03.05 21:52:50 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.01.14 21:38:45 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.10.08 07:55:10 | 000,002,023 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.01.29 23:21:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.01.29 21:36:40 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010.01.29 21:36:40 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010.01.29 21:36:40 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010.01.29 21:36:40 | 000,050,036 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010.01.29 21:36:39 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010.01.29 21:36:34 | 000,028,732 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat
[2010.01.29 21:36:34 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat
[2010.01.04 13:38:40 | 000,002,119 | ---- | C] () -- C:\Windows\SysWow64\McOEMAppRules.dat
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
< End of report >
--- --- ---



LOG 2:OTL Logfile:
Code:
OTL Extras logfile created on: 25.03.2011 16:55:01 - Run 1
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Users\Vaio\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455,16 Gb Total Space | 405,84 Gb Free Space | 89,17% Space Free | Partition Type: NTFS
 
Computer Name: VAIO-VAIO | User Name: Vaio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{259FD439-13B0-0136-D0A0-FA89BB05831D}" = ccc-utility64
"{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java(TM) 6 Update 16 (64-bit)
"{393A9268-A428-4F5A-9B20-BD753309A98E}" = Click to Disc MergeModules x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5BC83141-83DD-07BE-C940-04B385540F04}" = ATI Catalyst Install Manager
"{819CA3BC-2FF8-4811-B42F-421F7BFD3559}" = HP Deskjet F2400 All-in-One Driver 14.0 Rel. 6
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{B24A47E5-F196-461E-A7A4-AADB72CB19DD}" = iTunes
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{C37B6246-7D4A-4E5C-BFB4-11C8660BDC99}" = VAIO Movie Story MergeModules x64
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
"930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth  (09/09/2009 6.2.0.9405)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07B7598E-1FB8-1A95-7A30-F534A55726B4}" = CCC Help Czech
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{159E5135-4BEA-52B7-8CDC-823F1ED6D8A5}" = CCC Help Spanish
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{1E450972-E996-4EC1-A4C3-1518A46928D0}" = VAIO Content Metadata Intelligent Network Service Manager
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1FD416D0-CC16-41D1-A25C-C9986CD8BBAB}" = VAIO Content Metadata Intelligent Analyzing Manager
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{208345BE-27BB-4367-B245-A5B6E764FDD0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{2110ECBD-BF15-4673-8852-8C68DDEB26AC}" = Media Gallery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Einstellungen für VAIO-Inhaltsüberwachung
"{265F0D95-A883-7162-0458-B78085B6B693}" = Catalyst Control Center Graphics Light
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool
"{35111E7A-03B9-25EC-F434-A1CD976907FC}" = CCC Help Chinese Traditional
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{37531547-B1F4-45E6-98FC-8AF5F2F0EAA4}" = VAIO Content Metadata Manager Settings
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{427E8AD0-A4B1-D225-836E-CCB6068B490A}" = CCC Help French
"{4427F384-B5BE-4769-B7D0-C784FC321EB1}" = VAIO Content Metadata Intelligent Network Service Manager
"{44D25B45-5C0E-2187-6739-E2FA0E8AFE1D}" = CCC Help Portuguese
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{4E6DF745-C99E-909F-BCF0-B7C24A51E56E}" = CCC Help Japanese
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5546F4E9-B0F4-4F54-B949-2AB006C9284F}" = DJ_AIO_06_F2400_SW_Min
"{5736590B-36C7-4881-5EBE-F9B390F00774}" = Catalyst Control Center Core Implementation
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}" = VAIO Quick Web Access
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61F569A3-1647-B6F4-08C8-40A011831827}" = CCC Help English
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A3F204B-323C-7E32-F890-A7308768728D}" = CCC Help Russian
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D8ED20E-E792-4DAC-BB66-009836CBD80B}" = VAIO Content Monitoring Settings
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{7002773F-2A53-E9F2-E161-DB3DDA0F05BE}" = CCC Help Hungarian
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7392AA60-133D-4761-94DB-8FBC9B6CD5EA}" = VAIO Content Metadata Intelligent Network Service Manager
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76DECE17-BCF5-9640-2854-3CA049834A40}" = CCC Help Chinese Standard
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{7A63F0C4-6B2B-694C-ED72-D0670612BC29}" = CCC Help Swedish
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Energie Verwaltung
"{88001121-87E2-2104-F9F5-ECC15DFCA1E0}" = Catalyst Control Center Graphics Full Existing
"{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8EB34C0B-AF54-F265-844C-3E6FA9AE2FCD}" = CCC Help German
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{935B5086-C002-0FBC-0723-5741D2478EE7}" = Catalyst Control Center InstallProxy
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{96D8E26D-70CB-44DE-AE50-43095A39E5B2}" = VAIO Entertainment Platform
"{9B163B82-3B46-4CE5-BF01-A53E550A8E58}" = Sony Home Network Library
"{9C73041C-AB71-995D-EEC7-B4E940F93F36}" = CCC Help Finnish
"{9DA53D22-D922-494C-B1D7-51CD9BCB9E4A}" = VAIO Hardware Diagnostics
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Funktion Einstellungen
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A8D53A4E-77A1-E23E-A396-6D9C86A2F273}" = Catalyst Control Center Graphics Full New
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95187EF-BCF4-4468-B501-C0BAB976ADD1}" = VAIO Personalization Manager
"{AB259D46-F851-41B0-9AFA-AED8998AD68A}" = MusicStation
"{AC050677-EAFC-4B57-8F83-8205F65134D2}" = VAIO Content Metadata XML Interface Library
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{BCA907B6-5A0F-473E-8C63-0FF0CFAEB7B7}" = VAIO Personalization Manager
"{BFF37C6E-D735-4487-390C-271E030AA62C}" = CCC Help Italian
"{C2E171F6-9B58-4CE1-7B8B-B69FA04EBAB8}" = Catalyst Control Center Graphics Previews Vista
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C459D829-0FF0-C210-B2BF-83DB63FC1D61}" = CCC Help Korean
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C5529BC1-C2BF-44E8-B62A-01913D70081C}" = Catalyst Control Center - Branding
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C83B7CBB-C736-BF46-9832-7A9D07E9D94C}" = CCC Help Polish
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D49989B0-7BC2-F7F1-8017-3257F617347A}" = Catalyst Control Center Graphics Previews Common
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D6DEC295-88A0-5CFA-0B29-C8FDF091FFD3}" = CCC Help Dutch
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{DF693121-40C0-3020-D655-612E51616423}" = CCC Help Danish
"{E3DC1111-5D32-40F9-BB81-64E31294C1A4}" = VAIO Personalization Manager
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EBDDC3CC-343A-C0DD-79BA-8A12D0A2CA10}" = CCC Help Turkish
"{ECF0D151-BCA0-8E6D-62DB-5D44DB4A3836}" = CCC Help Thai
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings
"{F1B95046-E9DA-CFEC-42A8-C8224646AA32}" = ccc-core-static
"{F30FE437-0E45-D409-F629-5D86960A6591}" = CCC Help Norwegian
"{F5CC9A13-6C57-4948-75A8-3A2C92A3183B}" = Catalyst Control Center Localization All
"{F67C14C0-D73E-C55B-E132-B1904A1A709C}" = CCC Help Greek
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{F7E8DD1D-9BFD-38BB-86A5-BEF313B00C51}" = Catalyst Control Center InstallProxy
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"DivX Setup.divx.com" = DivX-Setup
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.32
"Freemake Video Downloader_is1" = Freemake Video Downloader Version 2.0.2
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"InternetCalls_is1" = InternetCalls
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MarketingTools" = VAIO Marketing Tools
"Messenger Plus! Live" = Messenger Plus! Live
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"MSC" = McAfee Internet Security
"Picasa 3" = Picasa 3
"splashtop" = VAIO Quick Web Access
"Uninstall_is1" = Uninstall 1.0.0.1
"VAIO Help and Support" =
"VAIO Premium Partners" = VAIO Premium Partners
"VAIO screensaver" = VAIO screensaver
"Veetle TV" = Veetle TV 0.9.18
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 21.03.2011 12:31:18 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3027
 
Error - 21.03.2011 12:31:18 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3027
 
Error - 21.03.2011 12:39:19 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 21.03.2011 12:39:19 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 483479
 
Error - 21.03.2011 12:39:19 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 483479
 
Error - 21.03.2011 12:55:08 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 21.03.2011 12:55:08 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1030
 
Error - 21.03.2011 12:55:08 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1030
 
Error - 21.03.2011 12:55:09 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 21.03.2011 12:55:09 | Computer Name = Vaio-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2044
 
[ System Events ]
Error - 12.03.2011 20:57:06 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows-Zeitgeber" wurde mit folgendem Fehler beendet:
  %%1115
 
Error - 13.03.2011 03:09:52 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 13.03.2011 12:05:45 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 14.03.2011 08:23:57 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 14.03.2011 08:26:31 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 15.03.2011 07:55:32 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 16.03.2011 14:52:02 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 17.03.2011 14:12:16 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 18.03.2011 09:01:06 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 19.03.2011 09:00:27 | Computer Name = Vaio-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
 
< End of report >
--- --- ---

Wie sehen jetzt die weiteren schritte aus?

Tausend dank schon im vorraus :)

Hallo leute ich will jetzt nicht frech klingen und behaupten ,dass man mir helfen MUSS,aber ich wär euch sehr dankbar ,wenn das Jemand machen würde ...hab auch andere themen gefunden sind die so ähnlich sind wie mein Problem ,aber man darf die ja nicht nachmachen weil die ja auf diese gewißen probleme von den Personen zugeschnitten sind .Ich brauch einfach HILFE .

cosinus 26.03.2011 20:54
Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.

rivaldo22 27.03.2011 01:46
Nein leider nicht .Habe erst Malwarebytes installiert nachdem ich den Trojaner bekommen habe .

cosinus 27.03.2011 19:51
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
[2011.03.25 01:06:18 | 000,000,128 | -H-- | C] () -- C:\ProgramData\~41803528r
[2011.03.25 01:06:16 | 000,000,096 | -H-- | C] () -- C:\ProgramData\~41803528
[2011.03.25 01:05:36 | 000,000,631 | -H-- | C] () -- C:\Users\Vaio\Desktop\Windows Recovery.lnk
[2011.03.25 01:06:18 | 000,000,128 | -H-- | M] () -- C:\ProgramData\~41803528r
[2011.03.25 01:06:18 | 000,000,096 | -H-- | M] () -- C:\ProgramData\~41803528
[2011.03.25 01:05:36 | 000,000,631 | -H-- | M] () -- C:\Users\Vaio\Desktop\Windows Recovery.lnk
[2011.03.25 00:32:25 | 000,546,304 | -H-- | M] (FPAV) -- C:\ProgramData\sCRrtWXnjAgI.exe
[2011.03.25 00:32:25 | 000,546,304 | -H-- | M] (FPAV) -- C:\Users\Vaio\Desktop\null0.017095613465911375.exe
[2011.03.05 21:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011.03.25 01:05:26 | 000,000,000 | -H-D | C] -- C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011.03.25 00:32:26 | 000,546,304 | -H-- | C] (FPAV) -- C:\ProgramData\sCRrtWXnjAgI.exe
[2011.03.25 00:32:23 | 000,546,304 | -H-- | C] (FPAV) -- C:\Users\Vaio\Desktop\null0.017095613465911375.exe
O4 - HKCU..\Run: [sCRrtWXnjAgI] C:\ProgramData\sCRrtWXnjAgI.exe (FPAV)
:Commands
[purity]
[resethosts]
[emptytemp]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

rivaldo22 27.03.2011 22:12
Hallo Arne
Als ich grade den Schritt den den du mir beschrieben hast durchführen wollte habe ich bei Antivir gesehen ,dass das Trojanische Pferd TR./Kazy .16727.1 in der Quarantäne hat .Das war gestern noch nicht da.Desweitern ist mit aufgefallen das die Fehlermeldungen stark abgenommen haben.

Soll ich jetzt deinen Schritt trotzdem durchführen?

lg

cosinus 28.03.2011 08:50
Ja bitte den Fix ausführen.

rivaldo22 28.03.2011 16:20
So hab den fix durchgeführt .Hier der Log :


*All processes killed
========== OTL ==========
C:\ProgramData\~41803528r moved successfully.
C:\ProgramData\~41803528 moved successfully.
C:\Users\Vaio\Desktop\Windows Recovery.lnk moved successfully.
File C:\ProgramData\~41803528r not found.
File C:\ProgramData\~41803528 not found.
File C:\Users\Vaio\Desktop\Windows Recovery.lnk not found.
File C:\ProgramData\sCRrtWXnjAgI.exe not found.
File C:\Users\Vaio\Desktop\null0.017095613465911375.exe not found.
C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\x64 folder moved successfully.
C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64 folder moved successfully.
C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} folder moved successfully.
C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery folder moved successfully.
File C:\ProgramData\sCRrtWXnjAgI.exe not found.
File C:\Users\Vaio\Desktop\null0.017095613465911375.exe not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\sCRrtWXnjAgI not found.
File C:\ProgramData\sCRrtWXnjAgI.exe not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
*
[EMPTYTEMP]
*
User: All Users
*
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
*
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
*
User: Public
*
User: Vaio
->Temp folder emptied: 896358554 bytes
->Temporary Internet Files folder emptied: 104665922 bytes
->Java cache emptied: 635446 bytes
->FireFox cache emptied: 58924749 bytes
->Flash cache emptied: 74633 bytes
*
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 15026349 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 85501 bytes
RecycleBin emptied: 372332951 bytes
*
Total Files Cleaned = 1.381,00 mb
*
*
OTL by OldTimer - Version 3.2.22.3 log created on 03272011_231846

Files\Folders moved on Reboot...
C:\Users\Vaio\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

cosinus 28.03.2011 19:14
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
http://saved.im/mtm0nzyzmzd5/cofi.jpg
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

rivaldo22 29.03.2011 15:20
Hallo Arne ,
Habe dem Combofix durchgeführt hier der text davon.
Combofix Logfile:
Code:
ComboFix 11-03-28.05 - Vaio 29.03.2011  14:45:22.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7600.0.1252.49.1031.18.3950.2693 [GMT 2:00]
ausgeführt von:: c:\users\Vaio\Desktop\cofi.exe..exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Vaio\AppData\Roaming\Local
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\2.ddi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\3.ddi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\5.ddi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\6.ddi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\7.ddi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\8.ddi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\housewivesS07E04de.avi.ddr
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\intro.Love.And.Other.Drugs.englisch.avi.ddr
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\intro_love.and.other.drugs.ts.md.avi.ddr
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\sof_desperate.housewives.s07e02.avi(2).ddr
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\sof_desperate.housewives.s07e02.avi.ddr
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\sof_desperate.housewives.s07e03.avi(2).ddr
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\sof_desperate.housewives.s07e03.avi.ddr
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\housewivesS07E04de.avi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\intro.Love.And.Other.Drugs.englisch.avi.ddp
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\intro_love.and.other.drugs.ts.md.avi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\sof_desperate.housewives.s07e01.avi(2).ddp
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\sof_desperate.housewives.s07e01.avi.ddp
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\sof_desperate.housewives.s07e02.avi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\sof_desperate.housewives.s07e02.avi(2).ddp
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\sof_desperate.housewives.s07e02.avi(3).ddp
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\sof_desperate.housewives.s07e02.avi.ddp
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\sof_desperate.housewives.s07e03(2).avi
c:\users\Vaio\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\sof_desperate.housewives.s07e03.avi
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-02-28 bis 2011-03-29  ))))))))))))))))))))))))))))))
.
.
2011-03-29 12:30 . 2011-03-29 12:30        --------        d-----w-        c:\program files\CCleaner
2011-03-27 21:18 . 2011-03-27 21:18        --------        d-----w-        C:\_OTL
2011-03-27 21:17 . 2011-03-23 08:11        8424784        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{2D6E821F-DE3D-4877-BD72-AED5EE489320}\mpengine.dll
2011-03-27 21:17 . 2011-02-02 16:11        270720        ------w-        c:\windows\system32\MpSigStub.exe
2011-03-25 14:56 . 2011-03-25 14:56        --------        d-----w-        c:\users\Vaio\AppData\Roaming\Malwarebytes
2011-03-25 14:56 . 2010-12-20 17:09        38224        ----a-w-        c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-25 14:56 . 2011-03-25 14:56        --------        d-----w-        c:\programdata\Malwarebytes
2011-03-25 14:56 . 2010-12-20 17:08        24152        ----a-w-        c:\windows\system32\drivers\mbam.sys
2011-03-25 14:56 . 2011-03-25 14:56        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2011-03-15 20:49 . 2011-03-15 20:49        --------        d-----w-        c:\program files (x86)\Veetle
2011-03-15 16:54 . 2009-04-16 13:08        248320        ----a-w-        c:\windows\system32\Spool\prtprocs\x64\hpfpp70v.dll
2011-03-15 16:52 . 2011-03-15 16:52        --------        d-----w-        c:\program files (x86)\Common Files\HP
2011-03-15 16:52 . 2011-03-15 16:52        --------        d-----w-        c:\program files (x86)\Common Files\Hewlett-Packard
2011-03-15 16:52 . 2009-04-16 13:08        136704        ----a-w-        c:\windows\system32\hpf3l70v.dll
2011-03-15 16:51 . 2011-03-15 16:52        --------        d-----w-        c:\program files (x86)\HP
2011-03-15 16:50 . 2011-03-15 16:50        --------        d--h--w-        c:\programdata\HP
2011-03-15 16:50 . 2009-04-16 11:53        642360        ----a-w-        c:\windows\system32\hpzids40.dll
2011-03-15 16:50 . 2009-02-11 11:03        880640        ----a-w-        c:\windows\system32\hposwia_d02c.dll
2011-03-15 16:50 . 2009-02-11 11:03        748544        ----a-w-        c:\windows\system32\hpost_d02c.dll
2011-03-15 16:50 . 2009-02-11 11:03        515072        ----a-w-        c:\windows\system32\hposc_d02a.dll
2011-03-15 16:50 . 2008-10-29 00:27        551424        ----a-w-        c:\windows\system32\hppldcoi.dll
2011-03-09 13:05 . 2010-12-23 06:07        961024        ----a-w-        c:\windows\system32\CPFilters.dll
2011-03-09 13:05 . 2010-12-23 06:07        723968        ----a-w-        c:\windows\system32\EncDec.dll
2011-03-09 13:05 . 2010-12-23 05:28        642048        ----a-w-        c:\windows\SysWow64\CPFilters.dll
2011-03-09 13:05 . 2010-12-23 05:28        534528        ----a-w-        c:\windows\SysWow64\EncDec.dll
2011-03-09 13:05 . 2010-12-23 06:07        1118720        ----a-w-        c:\windows\system32\sbe.dll
2011-03-09 13:05 . 2010-12-23 06:02        259072        ----a-w-        c:\windows\system32\mpg2splt.ax
2011-03-09 13:05 . 2010-12-23 05:28        850432        ----a-w-        c:\windows\SysWow64\sbe.dll
2011-03-09 13:05 . 2010-12-23 05:24        199680        ----a-w-        c:\windows\SysWow64\mpg2splt.ax
2011-03-09 13:05 . 2010-12-18 06:12        3138048        ----a-w-        c:\windows\system32\mstscax.dll
2011-03-09 13:05 . 2010-12-18 05:30        2690560        ----a-w-        c:\windows\SysWow64\mstscax.dll
2011-03-09 13:05 . 2010-12-18 06:08        1097216        ----a-w-        c:\windows\system32\mstsc.exe
2011-03-09 13:05 . 2010-12-18 05:26        1034240        ----a-w-        c:\windows\SysWow64\mstsc.exe
2011-03-06 23:24 . 2011-03-06 23:36        --------        d--h--w-        c:\users\Vaio\AppData\Roaming\InternetCalls
2011-03-06 23:24 . 2011-03-06 23:24        --------        d-----w-        c:\program files (x86)\InternetCalls.com
2011-03-05 20:55 . 2011-03-05 21:49        --------        d--h--w-        c:\users\Vaio\AppData\Roaming\Apple Computer
2011-03-05 20:55 . 2011-03-05 20:55        --------        d--h--w-        c:\users\Vaio\AppData\Local\Apple Computer
2011-03-05 20:55 . 2009-05-18 12:17        34152        ----a-w-        c:\windows\system32\drivers\GEARAspiWDM.sys
2011-03-05 20:55 . 2008-04-17 11:12        126312        ----a-w-        c:\windows\system32\GEARAspi64.dll
2011-03-05 20:55 . 2008-04-17 11:12        107368        ----a-w-        c:\windows\SysWow64\GEARAspi.dll
2011-03-05 20:54 . 2011-03-05 20:55        --------        d-----w-        c:\program files\iTunes
2011-03-05 20:54 . 2011-03-05 20:55        --------        d-----w-        c:\program files (x86)\iTunes
2011-03-05 20:54 . 2011-03-05 20:54        --------        d-----w-        c:\program files\iPod
2011-03-05 20:52 . 2011-03-05 20:52        --------        d--h--w-        c:\users\Vaio\AppData\Local\Apple
2011-03-05 20:52 . 2011-03-05 20:52        --------        d-----w-        c:\program files (x86)\Apple Software Update
2011-03-05 20:52 . 2011-03-05 20:52        --------        d-----w-        c:\program files\Common Files\Apple
2011-03-05 20:52 . 2011-03-05 20:52        --------        d-----w-        c:\program files\Bonjour
2011-03-05 20:52 . 2011-03-05 20:52        --------        d-----w-        c:\program files (x86)\Bonjour
2011-03-05 20:52 . 2011-03-05 20:55        --------        d--h--w-        c:\programdata\Apple
2011-03-05 20:52 . 2011-03-05 20:54        --------        d-----w-        c:\program files (x86)\Common Files\Apple
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-18 15:36 . 2011-02-18 15:36        51712        ----a-w-        c:\windows\system32\drivers\usbaapl64.sys
2011-02-18 15:36 . 2011-02-18 15:36        4184352        ----a-w-        c:\windows\system32\usbaaplrc.dll
2011-01-07 08:06 . 2011-02-10 00:20        46080        ----a-w-        c:\windows\system32\atmlib.dll
2011-01-07 07:27 . 2011-02-10 00:20        34304        ----a-w-        c:\windows\SysWow64\atmlib.dll
2011-01-07 05:49 . 2011-02-10 00:20        366080        ----a-w-        c:\windows\system32\atmfd.dll
2011-01-07 05:33 . 2011-02-10 00:20        294400        ----a-w-        c:\windows\SysWow64\atmfd.dll
2011-01-05 06:20 . 2011-02-10 00:21        612352        ----a-w-        c:\windows\system32\vbscript.dll
2011-01-05 05:37 . 2011-02-10 00:21        428032        ----a-w-        c:\windows\SysWow64\vbscript.dll
2011-01-05 04:00 . 2011-02-10 00:21        3127808        ----a-w-        c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files (x86)\ICQ7.2\ICQ.exe" [2011-01-05 133432]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"InternetCalls"="c:\program files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe" [2010-12-20 12947768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-17 538472]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2009-10-24 597792]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2010-01-04 26624]
"SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [2010-01-04 149280]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-01-10 1230704]
"DivX Download Manager"="c:\program files (x86)\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-20 102400]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-01 421160]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 21:03        98304        ----a-w-        c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-04 133104]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-15 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-15 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-15 427304]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-15 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-15 91432]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-01 361840]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-19 115568]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-04-09 1223024]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe [2011-02-16 101048]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2010-08-12 257936]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-14 642416]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-19 529776]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-08-11 845312]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-04 12:38]
.
2011-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-04 12:38]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-04 171520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube to MP3 Converter - c:\users\Vaio\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\um5t1ii3.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files (x86)\McAfee\SiteAdvisor
FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-Apoint - %ProgramFiles%\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1566025896-931508188-2837753467-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1566025896-931508188-2837753467-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Sony\VAIO Care\VCSpt.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\SONY\VAIO Event Service\VESMgr.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\windows\SysWOW64\DllHost.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files\Sony\VAIO Care\listener.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-03-29  14:54:44 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-03-29 12:54
.
Vor Suchlauf: 7 Verzeichnis(se), 438.133.587.968 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 437.620.056.064 Bytes frei
.
- - End Of File - - 3A49AB9529E60ACDAED639B7C155CF1A
--- --- ---

cosinus 29.03.2011 17:00
Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

rivaldo22 29.03.2011 22:05
So hier der log

2011/03/29 22:59:46.0973 2072 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/29 22:59:47.0272 2072 ================================================================================
2011/03/29 22:59:47.0272 2072 SystemInfo:
2011/03/29 22:59:47.0272 2072
2011/03/29 22:59:47.0273 2072 OS Version: 6.1.7600 ServicePack: 0.0
2011/03/29 22:59:47.0273 2072 Product type: Workstation
2011/03/29 22:59:47.0273 2072 ComputerName: VAIO-VAIO
2011/03/29 22:59:47.0273 2072 UserName: Vaio
2011/03/29 22:59:47.0273 2072 Windows directory: C:\Windows
2011/03/29 22:59:47.0273 2072 System windows directory: C:\Windows
2011/03/29 22:59:47.0273 2072 Running under WOW64
2011/03/29 22:59:47.0273 2072 Processor architecture: Intel x64
2011/03/29 22:59:47.0273 2072 Number of processors: 4
2011/03/29 22:59:47.0273 2072 Page size: 0x1000
2011/03/29 22:59:47.0273 2072 Boot type: Normal boot
2011/03/29 22:59:47.0273 2072 ================================================================================
2011/03/29 22:59:47.0515 2072 Initialize success
2011/03/29 22:59:52.0196 4204 ================================================================================
2011/03/29 22:59:52.0196 4204 Scan started
2011/03/29 22:59:52.0196 4204 Mode: Manual;
2011/03/29 22:59:52.0196 4204 ================================================================================
2011/03/29 22:59:52.0648 4204 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
2011/03/29 22:59:52.0772 4204 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
2011/03/29 22:59:52.0887 4204 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
2011/03/29 22:59:53.0036 4204 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
2011/03/29 22:59:53.0155 4204 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
2011/03/29 22:59:53.0259 4204 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
2011/03/29 22:59:53.0414 4204 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2011/03/29 22:59:53.0539 4204 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/03/29 22:59:53.0683 4204 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/03/29 22:59:53.0828 4204 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/03/29 22:59:53.0941 4204 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
2011/03/29 22:59:54.0251 4204 amdkmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/03/29 22:59:54.0391 4204 amdkmdap (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/03/29 22:59:54.0498 4204 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
2011/03/29 22:59:54.0601 4204 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\drivers\amdsata.sys
2011/03/29 22:59:54.0718 4204 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
2011/03/29 22:59:54.0826 4204 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\drivers\amdxata.sys
2011/03/29 22:59:54.0971 4204 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/03/29 22:59:55.0086 4204 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/03/29 22:59:55.0255 4204 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
2011/03/29 22:59:55.0357 4204 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
2011/03/29 22:59:55.0463 4204 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
2011/03/29 22:59:55.0568 4204 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/03/29 22:59:55.0682 4204 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/03/29 22:59:55.0898 4204 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
2011/03/29 22:59:56.0188 4204 atikmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/03/29 22:59:56.0326 4204 avgntflt (39c2e2870fc0c2ae0595b883cbe716b4) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/03/29 22:59:56.0437 4204 avipbb (c98fa6e5ad0e857d22716bd2b8b1f399) C:\Windows\system32\DRIVERS\avipbb.sys
2011/03/29 22:59:56.0565 4204 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
2011/03/29 22:59:56.0680 4204 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/03/29 22:59:56.0806 4204 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/03/29 22:59:56.0934 4204 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
2011/03/29 22:59:57.0068 4204 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2011/03/29 22:59:57.0181 4204 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
2011/03/29 22:59:57.0281 4204 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
2011/03/29 22:59:57.0394 4204 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/03/29 22:59:57.0504 4204 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/03/29 22:59:57.0615 4204 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/03/29 22:59:57.0727 4204 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/03/29 22:59:57.0839 4204 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/03/29 22:59:57.0941 4204 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
2011/03/29 22:59:58.0055 4204 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
2011/03/29 22:59:58.0175 4204 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\Windows\system32\Drivers\BTHport.sys
2011/03/29 22:59:58.0316 4204 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\Windows\system32\Drivers\BTHUSB.sys
2011/03/29 22:59:58.0442 4204 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
2011/03/29 22:59:58.0554 4204 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
2011/03/29 22:59:58.0680 4204 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
2011/03/29 22:59:58.0799 4204 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
2011/03/29 22:59:58.0913 4204 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\drivers\btwrchid.sys
2011/03/29 22:59:59.0057 4204 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/03/29 22:59:59.0171 4204 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/03/29 22:59:59.0290 4204 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
2011/03/29 22:59:59.0393 4204 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/03/29 22:59:59.0546 4204 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
2011/03/29 22:59:59.0648 4204 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/03/29 22:59:59.0763 4204 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/03/29 22:59:59.0902 4204 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
2011/03/29 23:00:00.0014 4204 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
2011/03/29 23:00:00.0120 4204 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
2011/03/29 23:00:00.0257 4204 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2011/03/29 23:00:00.0370 4204 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/03/29 23:00:00.0486 4204 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
2011/03/29 23:00:00.0618 4204 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
2011/03/29 23:00:00.0737 4204 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/03/29 23:00:00.0855 4204 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/03/29 23:00:00.0983 4204 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/03/29 23:00:01.0116 4204 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
2011/03/29 23:00:01.0313 4204 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
2011/03/29 23:00:01.0484 4204 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
2011/03/29 23:00:01.0590 4204 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/03/29 23:00:01.0731 4204 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/03/29 23:00:01.0835 4204 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/03/29 23:00:01.0959 4204 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
2011/03/29 23:00:02.0095 4204 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/03/29 23:00:02.0188 4204 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/03/29 23:00:02.0306 4204 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
2011/03/29 23:00:02.0420 4204 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/03/29 23:00:02.0529 4204 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/03/29 23:00:02.0625 4204 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/03/29 23:00:02.0736 4204 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
2011/03/29 23:00:02.0839 4204 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
2011/03/29 23:00:02.0969 4204 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/03/29 23:00:03.0103 4204 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/03/29 23:00:03.0218 4204 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/03/29 23:00:03.0327 4204 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
2011/03/29 23:00:03.0451 4204 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
2011/03/29 23:00:03.0549 4204 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
2011/03/29 23:00:03.0654 4204 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
2011/03/29 23:00:03.0767 4204 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
2011/03/29 23:00:03.0902 4204 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\drivers\hidusb.sys
2011/03/29 23:00:04.0026 4204 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
2011/03/29 23:00:04.0147 4204 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/03/29 23:00:04.0247 4204 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/03/29 23:00:04.0374 4204 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/03/29 23:00:04.0496 4204 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
2011/03/29 23:00:04.0622 4204 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\drivers\iaStorV.sys
2011/03/29 23:00:04.0907 4204 igfx (31d1aff484d8a0906cf8d44251ec390f) C:\Windows\system32\DRIVERS\igdkmd64.sys
2011/03/29 23:00:05.0043 4204 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
2011/03/29 23:00:05.0181 4204 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
2011/03/29 23:00:05.0360 4204 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys
2011/03/29 23:00:05.0507 4204 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys
2011/03/29 23:00:05.0621 4204 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/03/29 23:00:05.0738 4204 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/03/29 23:00:05.0858 4204 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/03/29 23:00:05.0970 4204 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
2011/03/29 23:00:06.0073 4204 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/03/29 23:00:06.0189 4204 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/03/29 23:00:06.0297 4204 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/03/29 23:00:06.0393 4204 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
2011/03/29 23:00:06.0509 4204 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
2011/03/29 23:00:06.0621 4204 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys
2011/03/29 23:00:06.0735 4204 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/03/29 23:00:06.0857 4204 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/03/29 23:00:06.0981 4204 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/03/29 23:00:07.0126 4204 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/03/29 23:00:07.0282 4204 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
2011/03/29 23:00:07.0396 4204 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
2011/03/29 23:00:07.0510 4204 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
2011/03/29 23:00:07.0613 4204 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
2011/03/29 23:00:07.0728 4204 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/03/29 23:00:07.0849 4204 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
2011/03/29 23:00:07.0961 4204 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
2011/03/29 23:00:08.0081 4204 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/03/29 23:00:08.0182 4204 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/03/29 23:00:08.0278 4204 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/03/29 23:00:08.0383 4204 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
2011/03/29 23:00:08.0499 4204 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/03/29 23:00:08.0590 4204 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
2011/03/29 23:00:08.0692 4204 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/03/29 23:00:08.0806 4204 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/03/29 23:00:08.0915 4204 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/03/29 23:00:09.0032 4204 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/03/29 23:00:09.0148 4204 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/03/29 23:00:09.0247 4204 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
2011/03/29 23:00:09.0341 4204 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
2011/03/29 23:00:09.0450 4204 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/03/29 23:00:09.0563 4204 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/03/29 23:00:09.0655 4204 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/03/29 23:00:09.0780 4204 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/03/29 23:00:09.0890 4204 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/03/29 23:00:10.0000 4204 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/03/29 23:00:10.0112 4204 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/03/29 23:00:10.0230 4204 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/03/29 23:00:10.0337 4204 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/03/29 23:00:10.0437 4204 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
2011/03/29 23:00:10.0540 4204 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/03/29 23:00:10.0662 4204 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/03/29 23:00:10.0793 4204 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/03/29 23:00:10.0919 4204 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/03/29 23:00:11.0025 4204 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/03/29 23:00:11.0139 4204 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/03/29 23:00:11.0241 4204 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/03/29 23:00:11.0346 4204 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/03/29 23:00:11.0481 4204 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/03/29 23:00:11.0591 4204 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/03/29 23:00:11.0723 4204 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
2011/03/29 23:00:11.0833 4204 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/03/29 23:00:11.0942 4204 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/03/29 23:00:12.0100 4204 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2011/03/29 23:00:12.0218 4204 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/03/29 23:00:12.0339 4204 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\drivers\nvraid.sys
2011/03/29 23:00:12.0453 4204 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\drivers\nvstor.sys
2011/03/29 23:00:12.0578 4204 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/03/29 23:00:12.0684 4204 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/03/29 23:00:12.0812 4204 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
2011/03/29 23:00:12.0913 4204 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/03/29 23:00:13.0026 4204 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
2011/03/29 23:00:13.0141 4204 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/03/29 23:00:13.0238 4204 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
2011/03/29 23:00:13.0334 4204 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/03/29 23:00:13.0453 4204 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/03/29 23:00:13.0688 4204 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/03/29 23:00:13.0799 4204 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
2011/03/29 23:00:13.0945 4204 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/03/29 23:00:14.0050 4204 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/03/29 23:00:14.0194 4204 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
2011/03/29 23:00:14.0319 4204 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
2011/03/29 23:00:14.0426 4204 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/03/29 23:00:14.0530 4204 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/03/29 23:00:14.0640 4204 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/03/29 23:00:14.0749 4204 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/03/29 23:00:14.0870 4204 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/03/29 23:00:14.0971 4204 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/03/29 23:00:15.0077 4204 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/03/29 23:00:15.0181 4204 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
2011/03/29 23:00:15.0290 4204 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/03/29 23:00:15.0401 4204 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/03/29 23:00:15.0513 4204 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/03/29 23:00:15.0621 4204 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/03/29 23:00:15.0733 4204 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2011/03/29 23:00:15.0848 4204 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/03/29 23:00:15.0964 4204 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys
2011/03/29 23:00:16.0072 4204 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys
2011/03/29 23:00:16.0214 4204 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/03/29 23:00:16.0334 4204 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\Windows\system32\drivers\RtHDMIVX.sys
2011/03/29 23:00:16.0467 4204 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
2011/03/29 23:00:16.0577 4204 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/03/29 23:00:16.0693 4204 sdbus (4e54822ed2350eb1f31f95f0fd674ef3) C:\Windows\system32\DRIVERS\sdbus.sys
2011/03/29 23:00:16.0827 4204 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/03/29 23:00:16.0963 4204 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
2011/03/29 23:00:17.0068 4204 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
2011/03/29 23:00:17.0168 4204 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
2011/03/29 23:00:17.0310 4204 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys
2011/03/29 23:00:17.0413 4204 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/03/29 23:00:17.0513 4204 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/03/29 23:00:17.0614 4204 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys
2011/03/29 23:00:17.0725 4204 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
2011/03/29 23:00:17.0837 4204 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
2011/03/29 23:00:17.0950 4204 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
2011/03/29 23:00:18.0064 4204 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/03/29 23:00:18.0218 4204 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/03/29 23:00:18.0363 4204 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
2011/03/29 23:00:18.0497 4204 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
2011/03/29 23:00:18.0615 4204 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/03/29 23:00:18.0744 4204 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
2011/03/29 23:00:18.0860 4204 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/03/29 23:00:19.0043 4204 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
2011/03/29 23:00:19.0206 4204 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/03/29 23:00:19.0330 4204 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/03/29 23:00:19.0442 4204 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/03/29 23:00:19.0543 4204 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/03/29 23:00:19.0665 4204 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/03/29 23:00:19.0784 4204 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
2011/03/29 23:00:19.0943 4204 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/03/29 23:00:20.0051 4204 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/03/29 23:00:20.0153 4204 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
2011/03/29 23:00:20.0265 4204 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/03/29 23:00:20.0408 4204 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/03/29 23:00:20.0503 4204 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/03/29 23:00:20.0609 4204 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
2011/03/29 23:00:20.0749 4204 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
2011/03/29 23:00:20.0867 4204 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/03/29 23:00:20.0970 4204 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/03/29 23:00:21.0091 4204 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\drivers\usbehci.sys
2011/03/29 23:00:21.0212 4204 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\drivers\usbhub.sys
2011/03/29 23:00:21.0314 4204 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
2011/03/29 23:00:21.0422 4204 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/03/29 23:00:21.0533 4204 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/03/29 23:00:21.0638 4204 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/03/29 23:00:21.0749 4204 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
2011/03/29 23:00:21.0870 4204 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
2011/03/29 23:00:22.0052 4204 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/03/29 23:00:22.0170 4204 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/03/29 23:00:22.0276 4204 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/03/29 23:00:22.0387 4204 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
2011/03/29 23:00:22.0508 4204 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/03/29 23:00:22.0611 4204 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
2011/03/29 23:00:22.0727 4204 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/03/29 23:00:22.0836 4204 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
2011/03/29 23:00:22.0946 4204 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
2011/03/29 23:00:23.0091 4204 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/03/29 23:00:23.0195 4204 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/03/29 23:00:23.0325 4204 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
2011/03/29 23:00:23.0431 4204 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/29 23:00:23.0451 4204 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/29 23:00:23.0574 4204 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
2011/03/29 23:00:23.0689 4204 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/03/29 23:00:23.0837 4204 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/03/29 23:00:23.0938 4204 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/03/29 23:00:24.0122 4204 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/03/29 23:00:24.0229 4204 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/03/29 23:00:24.0375 4204 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/03/29 23:00:24.0513 4204 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/03/29 23:00:24.0622 4204 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/03/29 23:00:24.0772 4204 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
2011/03/29 23:00:24.0840 4204 ================================================================================
2011/03/29 23:00:24.0840 4204 Scan finished
2011/03/29 23:00:24.0840 4204 ================================================================================


gruß

cosinus 30.03.2011 11:40
Bitte nun Logs mit GMER und mbrcheck erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg

Anleitung zu mbrcheck:
Downloade Dir MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur wenige Sekunden.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes

rivaldo22 30.03.2011 14:40
So hab die Schritte durchgeführt :

Log vom MBR:
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Sony Corporation
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: Sony Corporation
System Product Name: VPCEB1M1E
Logical Drives Mask: 0x0000003c

Kernel Drivers (total 187):
0x03419000 \SystemRoot\system32\ntoskrnl.exe
0x039F6000 \SystemRoot\system32\hal.dll
0x00BB5000 \SystemRoot\system32\kdcom.dll
0x00C77000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CBB000 \SystemRoot\system32\PSHED.dll
0x00CCF000 \SystemRoot\system32\CLFS.SYS
0x00D2D000 \SystemRoot\system32\CI.dll
0x00E7B000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F1F000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F2E000 \SystemRoot\system32\drivers\ACPI.sys
0x00F85000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00F8E000 \SystemRoot\system32\drivers\msisadrv.sys
0x00F98000 \SystemRoot\system32\drivers\pci.sys
0x00FCB000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00FD8000 \SystemRoot\System32\drivers\partmgr.sys
0x00FED000 \SystemRoot\system32\drivers\compbatt.sys
0x00E00000 \SystemRoot\system32\drivers\BATTC.SYS
0x00E0C000 \SystemRoot\system32\drivers\volmgr.sys
0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys
0x00E21000 \SystemRoot\System32\drivers\mountmgr.sys
0x010F8000 \SystemRoot\system32\drivers\iaStor.sys
0x01300000 \SystemRoot\system32\drivers\atapi.sys
0x01309000 \SystemRoot\system32\drivers\ataport.SYS
0x01333000 \SystemRoot\system32\drivers\amdxata.sys
0x0133E000 \SystemRoot\system32\drivers\fltmgr.sys
0x0138A000 \SystemRoot\system32\drivers\fileinfo.sys
0x0139E000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x0141F000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01000000 \SystemRoot\System32\Drivers\msrpc.sys
0x015C2000 \SystemRoot\System32\Drivers\ksecdd.sys
0x0105E000 \SystemRoot\System32\Drivers\cng.sys
0x015DC000 \SystemRoot\System32\drivers\pcw.sys
0x015ED000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01604000 \SystemRoot\system32\drivers\ndis.sys
0x016F6000 \SystemRoot\system32\drivers\NETIO.SYS
0x01756000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01781000 \SystemRoot\system32\drivers\volsnap.sys
0x017CD000 \SystemRoot\System32\Drivers\spldr.sys
0x013AB000 \SystemRoot\System32\drivers\rdyboost.sys
0x017D5000 \SystemRoot\System32\Drivers\mup.sys
0x017E7000 \SystemRoot\System32\drivers\hwpolicy.sys
0x00E3B000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01400000 \SystemRoot\system32\drivers\disk.sys
0x018F3000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x04031000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x0405B000 \SystemRoot\System32\Drivers\Null.SYS
0x04064000 \SystemRoot\System32\Drivers\Beep.SYS
0x0406B000 \SystemRoot\System32\drivers\vga.sys
0x04079000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x0409E000 \SystemRoot\System32\drivers\watchdog.sys
0x040AE000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x040B7000 \SystemRoot\system32\drivers\rdpencdd.sys
0x040C0000 \SystemRoot\system32\drivers\rdprefmp.sys
0x040C9000 \SystemRoot\System32\Drivers\Msfs.SYS
0x040D4000 \SystemRoot\System32\Drivers\Npfs.SYS
0x02C01000 \SystemRoot\System32\drivers\tcpip.sys
0x040E5000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x0412F000 \SystemRoot\system32\DRIVERS\tdx.sys
0x0414D000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x0415A000 \SystemRoot\System32\DRIVERS\netbt.sys
0x01931000 \SystemRoot\system32\drivers\afd.sys
0x0419F000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x041A8000 \SystemRoot\system32\DRIVERS\pacer.sys
0x041CE000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x041E4000 \SystemRoot\system32\DRIVERS\netbios.sys
0x019BB000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x03E00000 \SystemRoot\system32\drivers\termdd.sys
0x01800000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x041F3000 \SystemRoot\system32\drivers\nsiproxy.sys
0x01851000 \SystemRoot\system32\drivers\mssmbios.sys
0x0185C000 \SystemRoot\System32\drivers\discache.sys
0x0186B000 \SystemRoot\System32\Drivers\dfsc.sys
0x01889000 \SystemRoot\system32\drivers\blbdrive.sys
0x0189A000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x018BC000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x0428C000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x080F2000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x042C2000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x0879E000 \SystemRoot\System32\drivers\dxgmms1.sys
0x08000000 \SystemRoot\system32\drivers\HDAudBus.sys
0x08024000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x08035000 \SystemRoot\system32\drivers\usbehci.sys
0x08046000 \SystemRoot\system32\drivers\USBPORT.SYS
0x0446E000 \SystemRoot\system32\DRIVERS\athrx.sys
0x045EB000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x04400000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x04420000 \SystemRoot\system32\drivers\rimssne64.sys
0x04440000 \SystemRoot\system32\drivers\risdsne64.sys
0x04200000 \SystemRoot\system32\DRIVERS\yk62x64.sys
0x0809C000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x04458000 \SystemRoot\system32\drivers\kbdclass.sys
0x043B6000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0x080BA000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x04467000 \SystemRoot\system32\drivers\SFEP.sys
0x080C9000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x080D6000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x045F8000 \SystemRoot\system32\drivers\CmBatt.sys
0x087E4000 \SystemRoot\system32\drivers\CompositeBus.sys
0x04265000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x019D6000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x087F4000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x04A9F000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x04ACE000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x04AE9000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04B0A000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x04B24000 \SystemRoot\system32\drivers\swenum.sys
0x04B26000 \SystemRoot\system32\drivers\ks.sys
0x04B69000 \SystemRoot\system32\DRIVERS\umbus.sys
0x04B7B000 \SystemRoot\system32\drivers\usbhub.sys
0x04BD5000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x04A00000 \SystemRoot\system32\drivers\RtHDMIVX.sys
0x04A33000 \SystemRoot\system32\drivers\portcls.sys
0x04A70000 \SystemRoot\system32\drivers\drmk.sys
0x04A92000 \SystemRoot\system32\drivers\ksthunk.sys
0x056DA000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x00020000 \SystemRoot\System32\win32k.sys
0x058F5000 \SystemRoot\System32\drivers\Dxapi.sys
0x05901000 \SystemRoot\System32\Drivers\crashdmp.sys
0x03E14000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x0590F000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x05922000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x0593F000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x05941000 \SystemRoot\System32\Drivers\usbvideo.sys
0x0596F000 \SystemRoot\system32\DRIVERS\ArcSoftKsUFilter.sys
0x05979000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004E0000 \SystemRoot\System32\TSDDD.dll
0x00740000 \SystemRoot\System32\cdd.dll
0x05987000 \SystemRoot\system32\drivers\luafv.sys
0x059AA000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x059C7000 \SystemRoot\system32\drivers\WudfPf.sys
0x059E8000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x05600000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x05653000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x05666000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x064C1000 \SystemRoot\system32\drivers\HTTP.sys
0x06589000 \SystemRoot\system32\DRIVERS\bowser.sys
0x065A7000 \SystemRoot\System32\drivers\mpsdrv.sys
0x065BF000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x06400000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0644E000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x07AEC000 \SystemRoot\system32\drivers\peauth.sys
0x07B92000 \SystemRoot\System32\Drivers\secdrv.SYS
0x07B9D000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x07BCA000 \SystemRoot\System32\drivers\tcpipreg.sys
0x07A00000 \SystemRoot\System32\DRIVERS\srv2.sys
0x08AE7000 \SystemRoot\System32\DRIVERS\srv.sys
0x08B7D000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x76D00000 \Windows\System32\ntdll.dll
0x479E0000 \Windows\System32\smss.exe
0xFF020000 \Windows\System32\apisetschema.dll
0xFFA60000 \Windows\System32\autochk.exe
0x76BE0000 \Windows\System32\kernel32.dll
0xFEE30000 \Windows\System32\setupapi.dll
0x76AE0000 \Windows\System32\user32.dll
0x76ED0000 \Windows\System32\normaliz.dll
0xFEDE0000 \Windows\System32\Wldap32.dll
0x76EC0000 \Windows\System32\psapi.dll
0xFECB0000 \Windows\System32\wininet.dll
0xFEBD0000 \Windows\System32\oleaut32.dll
0xFEAF0000 \Windows\System32\advapi32.dll
0xFDD60000 \Windows\System32\shell32.dll
0xFDCC0000 \Windows\System32\msvcrt.dll
0xFDBB0000 \Windows\System32\msctf.dll
0xFDBA0000 \Windows\System32\nsi.dll
0xFDAD0000 \Windows\System32\usp10.dll
0xFD8C0000 \Windows\System32\ole32.dll
0xFD660000 \Windows\System32\iertutil.dll
0xFD640000 \Windows\System32\imagehlp.dll
0xFD610000 \Windows\System32\imm32.dll
0xFD590000 \Windows\System32\shlwapi.dll
0xFD4F0000 \Windows\System32\clbcatq.dll
0xFD4D0000 \Windows\System32\sechost.dll
0xFD3A0000 \Windows\System32\rpcrt4.dll
0xFD390000 \Windows\System32\lpk.dll
0xFD340000 \Windows\System32\ws2_32.dll
0xFD2A0000 \Windows\System32\comdlg32.dll
0xFD120000 \Windows\System32\urlmon.dll
0xFD0A0000 \Windows\System32\difxapi.dll
0xFD030000 \Windows\System32\gdi32.dll
0xFCEC0000 \Windows\System32\crypt32.dll
0xFCE80000 \Windows\System32\cfgmgr32.dll
0xFCDE0000 \Windows\System32\comctl32.dll
0xFCDC0000 \Windows\System32\devobj.dll
0xFCD50000 \Windows\System32\KernelBase.dll
0xFCD10000 \Windows\System32\wintrust.dll
0xFCD00000 \Windows\System32\msasn1.dll
0x76EB0000 \Windows\SysWOW64\normaliz.dll

Processes (total 96):
0 System Idle Process
4 System
312 C:\Windows\System32\smss.exe
484 csrss.exe
552 C:\Windows\System32\wininit.exe
572 csrss.exe
608 C:\Windows\System32\services.exe
628 C:\Windows\System32\lsass.exe
636 C:\Windows\System32\lsm.exe
732 C:\Windows\System32\svchost.exe
848 C:\Windows\System32\svchost.exe
936 C:\Windows\System32\atiesrxx.exe
956 C:\Windows\System32\winlogon.exe
1012 C:\Windows\System32\svchost.exe
336 C:\Windows\System32\svchost.exe
496 C:\Windows\System32\svchost.exe
1080 C:\Windows\System32\svchost.exe
1156 C:\Windows\System32\svchost.exe
1236 C:\Windows\System32\atieclxx.exe
1404 C:\Windows\System32\spoolsv.exe
1432 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
1496 C:\Windows\System32\svchost.exe
1656 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
1696 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1708 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
1720 C:\Windows\System32\conhost.exe
1848 C:\Windows\System32\taskhost.exe
1924 C:\Windows\System32\dwm.exe
1960 C:\Windows\System32\taskeng.exe
2000 C:\Windows\System32\taskeng.exe
1032 C:\Windows\explorer.exe
1596 C:\Program Files\Sony\VAIO Care\VCSpt.exe
2068 C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
2148 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
2172 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
2308 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
2344 C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
2368 C:\Windows\System32\svchost.exe
2460 C:\Windows\System32\rundll32.exe
2468 C:\Windows\SysWOW64\rundll32.exe
2508 C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe
2528 C:\Windows\System32\svchost.exe
2564 C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
2632 C:\Program Files\Apoint\Apoint.exe
2668 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
2724 C:\Windows\System32\svchost.exe
2760 C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
2820 C:\Program Files\Java\jre6\bin\jusched.exe
2852 C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
2892 C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
2916 C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
2224 C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
2284 dllhost.exe
1824 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
1068 C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
2216 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
2624 C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
3104 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
3212 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
3220 C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
3396 WmiPrvSE.exe
3496 C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
3584 C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe
3640 C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
3724 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
3896 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
3932 C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe
4056 C:\Windows\System32\SearchIndexer.exe
4132 C:\Program Files\Sony\VAIO Power Management\SPMService.exe
4196 C:\Windows\System32\svchost.exe
4224 C:\Program Files (x86)\iTunes\iTunesHelper.exe
4404 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
4540 C:\Windows\System32\svchost.exe
4632 WUDFHost.exe
4760 C:\Program Files\Apoint\ApMsgFwd.exe
5096 C:\Program Files\Apoint\ApntEx.exe
5108 C:\Program Files\Apoint\Apvfb.exe
2340 C:\Windows\System32\conhost.exe
3464 C:\Program Files\iPod\bin\iPodService.exe
5684 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
5780 C:\Program Files\Sony\VAIO Care\VCPerfService.exe
5572 C:\Program Files\Sony\VAIO Care\listener.exe
3596 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
4248 C:\Windows\System32\svchost.exe
4016 C:\Windows\System32\svchost.exe
5536 C:\Program Files\Sony\VAIO Care\VCsystray.exe
4596 C:\Windows\System32\UI0Detect.exe
4504 C:\Windows\System32\wuauclt.exe
5648 C:\Windows\explorer.exe
2292 C:\Windows\System32\SearchProtocolHost.exe
2868 C:\Windows\System32\SearchFilterHost.exe
3148 C:\Windows\System32\audiodg.exe
4536 dllhost.exe
3320 dllhost.exe
3052 C:\Users\Vaio\Desktop\MBRCheck.exe
4608 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`a6c00000 (NTFS)

PhysicalDrive0 Model Number: TOSHIBAMK5055GSX, Rev: FG001A

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!





Und das andere :
GMER Logfile:
Code:
GMER 1.0.15.15570 - GMER - Rootkit Detector and Remover
Rootkit scan 2011-03-30 15:16:22
Windows 6.1.7600 
Running: sli4ggz4.exe


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076a27abb                     
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076a27abb (not active ControlSet) 

---- EOF - GMER 1.0.15 ----
--- --- ---



Hab noch ne frage ,also in den Anleitungen stand ,dass ich die Programme auf den Desktop speichern sollte ,aber bei würden die direkt bei den downloads gespreichert hab die dann auf den Desktop verschoben .Ist jetzt egal oder macht das was aus?

cosinus 31.03.2011 10:39
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Zitat:
,aber bei würden die direkt bei den downloads gespreichert hab die dann auf den Desktop verschoben .Ist jetzt egal oder macht das was aus?
Das ist eigentlich egal. Du musst den Browser so einstellen, dass er bei jedem Download fragt, wo du es abspeichern müsstest. Oder du klickst den Link Rechts an und sagst Ziel speichern unter.

rivaldo22 02.04.2011 22:06
so hier der Malwarebytes LOG

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes

Datenbank Version: 6248

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

02.04.2011 22:56:15
mbam-log-2011-04-02 (22-56-15).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Durchsuchte Objekte: 276755
Laufzeit: 37 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)



und das andere :

SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 03/31/2011 at 11:24 PM

Application Version : 4.50.1002

Core Rules Database Version : 6724
Trace Rules Database Version: 4536

Scan type : Quick Scan
Total Scan Time : 00:21:46

Memory items scanned : 816
Memory threats detected : 0
Registry items scanned : 2897
Registry threats detected : 0
File items scanned : 17077
File threats detected : 13

Adware.Tracking Cookie
C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@serving-sys[1].txt
C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@atdmt.combing[2].txt
C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@atdmt[1].txt
C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@bs.serving-sys[1].txt
C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@tradedoubler[2].txt
C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@ad.yieldmanager[1].txt
C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@revsci[1].txt
C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@content.yieldmanager[2].txt
C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@doubleclick[1].txt
C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@adtech[1].txt
C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@adserver.zonemedia[2].txt
C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Cookies\vaio@content.yieldmanager[3].txt
secure-uk.imrworldwide.com [ C:\Users\Vaio\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VR3GA546 ]


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:09 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131