Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
3 (Download)Trojaner vorhanden

3 (Download)Trojaner vorhanden


Plagegeister aller Art und deren Bekämpfung: 3 (Download)Trojaner vorhanden

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 26.09.2010, 01:41   #1
Domeej
Gesperrt
 
3 (Download)Trojaner vorhanden - Ausrufezeichen

3 (Download)Trojaner vorhanden


Ich hab mir 3 trojaner auf meinen laptop gefangen
Ich befürchte es sind Downloadtrojaner

1 Dropper.Gen

2/3 Crypt.XPAC.gen

jetzt befinden sie sich in meinem Antivirusprogram (Avira Antivir) in quarantäne.

Ich bin gerade dabei einen VOLLSTÄNDIGEN suchlauf bei malewarebytes
und einen Suchlauf in Antivir zu machen

Ca. 1h später kam ein Bluescreen und der laptop startete sich neu

beim hochfahren stand: ohydy.exe konnte nich ausgeführt werden. das gleiche dannach mit xbkk.exe

Nun weiß ich das dies schwere trojaner sind

Was sollte bzw. müsste ich noch machen um mich 100% zu schützen?
Geändert von Domeej (26.09.2010 um 02:39 Uhr)

Alt 26.09.2010, 12:02   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
3 (Download)Trojaner vorhanden - Standard

3 (Download)Trojaner vorhanden


Immer die genauen Schädlingsnamen und Pfadangaben notieren und posten!

Aus den Regeln:

5. Beschreibe Dein Problem in einigen Sätzen und arbeite diese Anleitung ab Punkt 2. durch
Auch Funde von deiner Sicherheitssoftware bitte im Thema nennen: (z.B. c:\windows\virus.exe)
Fehlen diese Angaben, kann und wird dir hier niemand helfen.
__________________

__________________
Alt 26.09.2010, 13:02   #3
Domeej
Gesperrt
 
3 (Download)Trojaner vorhanden - Standard

3 (Download)Trojaner vorhanden


Hallo

also ich hab noch gestern mein C laufwerk wiederhergestellt also bis in die werkseinstellungen zurück weil wirklich nichts merh ging . der bluescreen kam ca. alle 10 minunte mein internetbrowser ging nicht mehr und und und..

ich hab jetzt einen OTL runscan gemacht fals dir das was bringt.

LOGFILESOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 26.09.2010 13:53:15 - Run 1
OTL by OldTimer - Version 3.2.14.1     Folder = C:\Users\Domeej\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 359,62 Gb Total Space | 331,91 Gb Free Space | 92,29% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 6,83 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: DOMEEJ-PC
Current User Name: Domeej
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Processes (SafeList) ==========
 
PRC - [2010.09.26 13:53:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Domeej\Desktop\OTL.exe
PRC - [2010.09.26 13:26:12 | 001,277,264 | ---- | M] (Microsoft Corporation) -- C:\Users\Domeej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PRVS14BX\wlmessengersetup-custom[1].exe
PRC - [2010.09.26 06:20:54 | 000,024,576 | ---- | M] (Sony Corporation) -- C:\Programme\sony\Marketing Tools\MarketingTools.exe
PRC - [2010.09.26 06:02:50 | 000,243,312 | ---- | M] () -- C:\Programme\Google\Google Toolbar\GoogleToolbarUser.exe
PRC - [2009.10.12 10:45:12 | 000,312,784 | ---- | M] () -- C:\Programme\3DataManager\WTGService.exe
PRC - [2009.10.12 10:44:48 | 008,181,200 | ---- | M] (WebToGo Mobile Internet GmbH) -- C:\Programme\3DataManager\3DataManager.exe
PRC - [2009.02.20 16:27:06 | 000,380,928 | ---- | M] (Bytemobile, Inc.) -- C:\Programme\3DataManager\bmctl.exe
PRC - [2008.11.25 14:40:33 | 000,030,192 | ---- | M] (Google) -- C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2008.11.22 04:33:20 | 000,303,104 | ---- | M] (Sony Corporation) -- C:\Programme\sony\Network Utility\NSUService.exe
PRC - [2008.11.22 04:33:20 | 000,270,336 | ---- | M] (Sony Corporation) -- C:\Programme\sony\Network Utility\LANUtil.exe
PRC - [2008.11.06 14:58:14 | 000,794,232 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MSC\McMscSvc.exe
PRC - [2008.11.05 18:32:28 | 000,203,624 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Event Service\VESMgr.exe
PRC - [2008.11.05 18:32:28 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Event Service\VESMgrSub.exe
PRC - [2008.10.17 19:16:54 | 000,415,584 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Power Management\SPMService.exe
PRC - [2008.10.17 12:28:57 | 000,102,400 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE
PRC - [2008.10.14 17:07:30 | 000,776,744 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.09.30 02:04:57 | 000,122,880 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\Apoint.exe
PRC - [2008.09.30 02:04:57 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApntEx.exe
PRC - [2008.09.30 02:04:55 | 000,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApMsgFwd.exe
PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2008.09.11 19:28:26 | 000,446,464 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2008.09.08 09:59:54 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2008.09.08 09:59:52 | 000,279,848 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2008.09.05 12:54:58 | 001,771,360 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Power Management\SPMgr.exe
PRC - [2008.08.28 20:21:36 | 000,870,240 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Update 4\VAIOUpdt.exe
PRC - [2008.08.25 04:57:21 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Java\jre1.6.0_07\bin\jusched.exe
PRC - [2008.08.20 16:38:30 | 000,860,160 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe
PRC - [2008.08.20 16:08:02 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008.07.23 18:52:06 | 000,206,112 | ---- | M] () -- C:\Programme\McAfee\SiteAdvisor\McSACore.exe
PRC - [2008.07.18 08:02:52 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2008.07.11 18:48:54 | 000,641,208 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee.com\Agent\mcagent.exe
PRC - [2008.07.09 17:36:30 | 000,884,360 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MPF\MpfSrv.exe
PRC - [2008.07.09 14:49:10 | 000,358,736 | ---- | M] (McAfee, Inc.) -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2008.07.09 14:35:34 | 000,025,416 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MSK\msksrver.exe
PRC - [2008.06.20 05:41:04 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\VirusScan\Mcshield.exe
PRC - [2008.06.20 05:01:18 | 000,605,512 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\VirusScan\mcsysmon.exe
PRC - [2008.06.11 23:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008.04.03 20:32:48 | 000,317,280 | ---- | M] (Sony Corporation) -- C:\Programme\sony\ISB Utility\ISBMgr.exe
PRC - [2008.03.25 04:32:44 | 000,218,496 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil9f.exe
PRC - [2008.01.21 04:24:49 | 000,299,520 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\ieuser.exe
PRC - [2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.21 04:23:50 | 000,625,664 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2008.01.21 04:23:33 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
PRC - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () -- c:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) -- c:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.09.26 13:53:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Domeej\Desktop\OTL.exe
MOD - [2008.07.23 18:52:10 | 000,012,576 | ---- | M] () -- C:\Programme\McAfee\SiteAdvisor\sahook.dll
MOD - [2008.01.21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008.01.21 04:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2009.10.12 10:45:12 | 000,312,784 | ---- | M] () [Auto | Running] -- C:\Programme\3DataManager\WTGService.exe -- (WTGService)
SRV - [2008.11.25 14:40:33 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2008.11.25 14:40:16 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.11.22 04:33:20 | 000,303,104 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\sony\Network Utility\NSUService.exe -- (NSUService)
SRV - [2008.11.06 14:58:14 | 000,794,232 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\McAfee\MSC\McMscSvc.exe -- (mcmscsvc)
SRV - [2008.11.05 18:32:28 | 000,203,624 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2008.10.21 10:52:38 | 000,353,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms)
SRV - [2008.10.21 10:52:38 | 000,062,752 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs)
SRV - [2008.10.21 10:52:36 | 000,103,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp)
SRV - [2008.10.17 19:16:54 | 000,415,584 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2008.10.17 12:28:57 | 000,102,400 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkAudioService)
SRV - [2008.10.01 18:18:48 | 000,369,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2008.09.19 10:06:22 | 000,083,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2008.09.11 19:28:26 | 000,446,464 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2008.09.08 09:59:56 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2008.09.08 09:59:54 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2008.09.08 09:59:52 | 000,279,848 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2008.08.20 16:38:30 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.08.20 16:08:02 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.08.01 14:31:00 | 000,109,056 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008.07.23 18:52:06 | 000,206,112 | ---- | M] () [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2008.07.18 08:02:52 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2008.07.09 17:36:30 | 000,884,360 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2008.07.09 14:49:10 | 000,358,736 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2008.07.09 14:35:34 | 000,025,416 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2008.06.20 13:10:22 | 000,361,800 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2008.06.20 05:41:04 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Programme\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2008.06.20 05:01:18 | 000,605,512 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Programme\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2008.05.20 01:51:34 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2008.05.20 01:49:04 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2008.05.20 01:29:06 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2008.01.21 04:24:45 | 000,376,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- c:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010.09.26 13:14:31 | 000,101,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.09.10 14:55:58 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008.10.24 02:06:27 | 000,150,560 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008.10.23 02:02:23 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2008.10.23 02:02:02 | 000,068,608 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008.10.21 03:17:13 | 000,018,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2008.10.21 03:17:12 | 000,109,096 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2008.10.21 03:17:12 | 000,084,008 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2008.10.21 03:16:52 | 000,029,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2008.10.17 12:28:48 | 002,149,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.10.17 04:16:55 | 000,327,192 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008.09.30 02:04:57 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008.09.25 02:44:13 | 003,847,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.08.28 23:48:46 | 003,664,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.08.22 17:22:42 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2008.08.22 02:06:22 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2008.06.27 06:08:40 | 000,207,656 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2008.06.27 06:08:40 | 000,079,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2008.06.27 06:08:40 | 000,040,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2008.06.27 06:08:40 | 000,035,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2008.06.20 05:41:38 | 000,034,152 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2008.06.07 02:02:55 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008.06.02 14:56:02 | 000,130,424 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2008.04.24 14:06:40 | 000,017,920 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2008.03.27 02:54:41 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2008.01.25 04:14:25 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008.01.25 04:14:16 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2008.01.25 04:14:12 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2008.01.25 04:14:12 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2008.01.21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 04:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008.01.21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 04:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 04:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 04:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Club VAIO | Choose your country
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Club VAIO | Choose your country
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Club VAIO | Choose your country
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010.09.26 13:27:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\3-addons\addon [2010.09.26 13:14:35 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Programme\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\4.1.805.1852\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe (Sony)
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Programme\sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [McENUI] C:\Programme\McAfee\MHN\McENUI.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\VAIO 08 img5 Wallpaper 1600x900.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\VAIO 08 img5 Wallpaper 1600x900.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.06.16 14:22:04 | 000,021,960 | R--- | M] () - G:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2008.06.16 18:14:06 | 000,000,057 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{cd6c00ab-c95e-11df-ac95-001dbaadd9b1}\Shell - "" = AutoRun
O33 - MountPoints2\{cd6c00ab-c95e-11df-ac95-001dbaadd9b1}\Shell\AutoRun\command - "" = G:\.\Autorun.exe -- [2008.06.16 14:22:04 | 000,021,960 | R--- | M] ()
O33 - MountPoints2\{cd6c00d3-c95e-11df-ac95-001dbaadd9b1}\Shell - "" = AutoRun
O33 - MountPoints2\{cd6c00d3-c95e-11df-ac95-001dbaadd9b1}\Shell\AutoRun\command - "" = G:\.\Autorun.exe -- [2008.06.16 14:22:04 | 000,021,960 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.26 13:56:47 | 000,000,000 | ---D | C] -- C:\Users\Domeej\Tracing
[2010.09.26 13:52:55 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Domeej\Desktop\OTL.exe
[2010.09.26 13:48:08 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft
[2010.09.26 13:47:58 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.09.26 13:47:48 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live SkyDrive
[2010.09.26 13:47:31 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live
[2010.09.26 13:26:23 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Windows Live
[2010.09.26 13:22:39 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010.09.26 13:22:38 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010.09.26 13:22:16 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010.09.26 13:22:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010.09.26 13:22:01 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Roaming\Macromedia
[2010.09.26 13:19:28 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Roaming\Google
[2010.09.26 13:16:48 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Roaming\3DataManager
[2010.09.26 13:15:02 | 000,112,128 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys
[2010.09.26 13:15:02 | 000,101,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbdev.sys
[2010.09.26 13:15:02 | 000,023,424 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2010.09.26 13:14:35 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bmutil.dll
[2010.09.26 13:14:35 | 000,471,040 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bmnet.dll
[2010.09.26 13:14:35 | 000,294,912 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bminstall.dll
[2010.09.26 13:14:35 | 000,126,976 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bmdumpd.bin
[2010.09.26 13:14:35 | 000,008,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sporder.dll
[2010.09.26 13:14:35 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Roaming\Program Files
[2010.09.26 13:14:34 | 000,022,528 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\BMLoad.sys
[2010.09.26 13:14:34 | 000,018,816 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\tcpipBM.sys
[2010.09.26 13:14:34 | 000,000,000 | ---D | C] -- C:\Programme\3-addons
[2010.09.26 13:14:31 | 000,102,912 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2010.09.26 13:14:30 | 000,000,000 | ---D | C] -- C:\Programme\3DataManager
[2010.09.26 08:58:41 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Local\Sony_Corporation
[2010.09.26 08:58:35 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Roaming\ATI
[2010.09.26 08:58:35 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Local\ATI
[2010.09.26 08:58:31 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Roaming\Sony Corporation
[2010.09.26 08:55:16 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Local\VirtualStore
[2010.09.26 08:55:14 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Vorlagen
[2010.09.26 08:55:14 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\AppData\Local\Verlauf
[2010.09.26 08:55:14 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\AppData\Local\Temporary Internet Files
[2010.09.26 08:55:14 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Startmenü
[2010.09.26 08:55:14 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\SendTo
[2010.09.26 08:55:14 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Recent
[2010.09.26 08:55:14 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Lokale Einstellungen
[2010.09.26 08:55:14 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Druckumgebung
[2010.09.26 08:55:14 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\AppData\Local\Anwendungsdaten
[2010.09.26 08:55:13 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Netzwerkumgebung
[2010.09.26 08:55:13 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Documents\Eigene Videos
[2010.09.26 08:55:13 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Documents\Eigene Musik
[2010.09.26 08:55:13 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Eigene Dateien
[2010.09.26 08:55:13 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Documents\Eigene Bilder
[2010.09.26 08:55:13 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Cookies
[2010.09.26 08:55:13 | 000,000,000 | -HSD | C] -- C:\Users\Domeej\Anwendungsdaten
[2010.09.26 08:55:07 | 000,000,000 | --SD | C] -- C:\Users\Domeej\AppData\Roaming\Microsoft
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Videos
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Searches
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Saved Games
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Pictures
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Music
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Links
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Favorites
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Downloads
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Documents
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Desktop
[2010.09.26 08:55:07 | 000,000,000 | R--D | C] -- C:\Users\Domeej\Contacts
[2010.09.26 08:55:07 | 000,000,000 | -H-D | C] -- C:\Users\Domeej\AppData
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Local\Temp
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\Roaming
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Local\Microsoft
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Roaming\Media Center Programs
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Roaming\Identities
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Local\Google
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\Documents\Eigene Google Gadgets
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Local\Broadcom
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\Documents\Bluetooth-Exchange-Ordner
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Roaming\Adobe
[2010.09.26 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\Domeej\AppData\Local\Adobe
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.09.26 08:51:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.09.26 06:35:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming
[2010.09.26 06:35:24 | 000,000,000 | ---D | C] -- C:\Programme\Cisco
[2010.09.26 06:35:22 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Intel
[2010.09.26 06:35:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2010.09.26 06:34:43 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\InterVideo
[2010.09.26 06:32:43 | 000,000,000 | ---D | C] -- C:\Programme\InterVideo
[2010.09.26 06:31:53 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010.09.26 06:31:53 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010.09.26 06:31:53 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010.09.26 06:31:53 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010.09.26 06:31:53 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010.09.26 06:31:53 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010.09.26 06:31:52 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010.09.26 06:31:52 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010.09.26 06:31:52 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010.09.26 06:31:52 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010.09.26 06:31:52 | 000,068,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010.09.26 06:31:52 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010.09.26 06:31:52 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010.09.26 06:31:48 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010.09.26 06:31:48 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010.09.26 06:31:48 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010.09.26 06:31:48 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010.09.26 06:31:48 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010.09.26 06:31:47 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010.09.26 06:31:47 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010.09.26 06:31:47 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010.09.26 06:31:47 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010.09.26 06:31:31 | 001,645,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2010.09.26 06:31:06 | 000,000,000 | ---D | C] -- C:\Documentation
[2010.09.26 06:28:16 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010.09.26 06:27:19 | 000,098,304 | ---- | C] (Sony Corporation) -- C:\Windows\System32\VESWinlogon.dll
[2010.09.26 06:23:01 | 000,155,648 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\SonyAIwo.dll
[2010.09.26 06:23:01 | 000,147,456 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\SonyAIds.dll
[2010.09.26 06:23:01 | 000,086,016 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\SonyAIwd.dll
[2010.09.26 06:22:40 | 000,135,168 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangRUSony.dll
[2010.09.26 06:22:40 | 000,098,304 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangITSony.dll
[2010.09.26 06:22:40 | 000,098,304 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangFRSony.dll
[2010.09.26 06:22:40 | 000,098,304 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangESSony.dll
[2010.09.26 06:22:40 | 000,098,304 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangDESony.dll
[2010.09.26 06:22:40 | 000,077,824 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangJASony.dll
[2010.09.26 06:22:40 | 000,069,632 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangZHSony.dll
[2010.09.26 06:22:22 | 000,770,048 | ---- | C] (Gracenote) -- C:\Windows\System32\CDDBUISony.dll
[2010.09.26 06:22:22 | 000,655,360 | ---- | C] (Gracenote, Inc.) -- C:\Windows\System32\CDDBControlSony.dll
[2010.09.26 06:22:22 | 000,589,824 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbMusicIDSony.dll
[2010.09.26 06:22:07 | 000,000,000 | ---D | C] -- C:\Programme\Skype
[2010.09.26 06:22:07 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype
[2010.09.26 06:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.09.26 06:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2010.09.26 06:21:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2010.09.26 06:21:40 | 000,000,000 | ---D | C] -- C:\Programme\Roxio
[2010.09.26 06:21:13 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Sonic Shared
[2010.09.26 06:21:04 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Roxio Shared
[2010.09.26 06:14:35 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office Suite Activation Assistant
[2010.09.26 06:12:09 | 000,032,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2010.09.26 06:11:36 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Works
[2010.09.26 06:11:24 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DESIGNER
[2010.09.26 06:11:11 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.09.26 06:11:11 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET
[2010.09.26 06:09:50 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2010.09.26 06:09:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010.09.26 06:09:34 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010.09.26 06:07:38 | 000,000,000 | ---D | C] -- C:\ProgramData\SiteAdvisor
[2010.09.26 06:04:29 | 000,034,152 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdk.sys
[2010.09.26 06:04:28 | 000,207,656 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys
[2010.09.26 06:04:28 | 000,079,240 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
[2010.09.26 06:04:28 | 000,040,488 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfesmfk.sys
[2010.09.26 06:04:28 | 000,035,240 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
[2010.09.26 06:04:26 | 000,130,424 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\Mpfp.sys
[2010.09.26 06:03:49 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\McAfee
[2010.09.26 06:03:31 | 000,000,000 | ---D | C] -- C:\Programme\McAfee.com
[2010.09.26 06:03:28 | 000,000,000 | ---D | C] -- C:\Programme\McAfee
[2010.09.26 06:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010.09.26 06:03:07 | 000,245,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unicows.dll
[2010.09.26 06:03:07 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\System32\PCDLIB32.DLL
[2010.09.26 06:03:01 | 000,055,808 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\System32\ArcSoftKsUFilter.dll
[2010.09.26 06:03:01 | 000,017,920 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys
[2010.09.26 06:02:59 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\ArcSoft
[2010.09.26 06:02:58 | 000,000,000 | ---D | C] -- C:\Programme\ArcSoft
[2010.09.26 06:02:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010.09.26 06:01:23 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2010.09.26 05:57:22 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PX Storage Engine
[2010.09.26 05:56:25 | 000,000,000 | ---D | C] -- C:\Programme\Picasa2
[2010.09.26 05:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.09.26 05:54:39 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies
[2010.09.26 05:53:59 | 000,000,000 | ---D | C] -- C:\Programme\Big Fish Games Spiel-Suite
[2010.09.26 05:52:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF
[2010.09.26 05:47:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.09.26 05:46:19 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxafs.dll
[2010.09.26 05:46:19 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxhpinst.exe
[2010.09.26 05:45:25 | 000,000,000 | ---D | C] -- C:\Windows\Sonysys
[2010.09.26 05:45:24 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.09.26 05:33:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.26 13:57:24 | 001,310,720 | -HS- | M] () -- C:\Users\Domeej\NTUSER.DAT
[2010.09.26 13:53:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Domeej\Desktop\OTL.exe
[2010.09.26 13:18:36 | 001,418,806 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.09.26 13:18:36 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.09.26 13:18:36 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.09.26 13:18:36 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.09.26 13:18:36 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.09.26 13:14:36 | 000,001,768 | ---- | M] () -- C:\Users\Public\Desktop\3DataManager.lnk
[2010.09.26 13:14:31 | 000,112,128 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys
[2010.09.26 13:14:31 | 000,101,248 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbdev.sys
[2010.09.26 13:14:31 | 000,023,424 | ---- | M] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2010.09.26 13:11:44 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.26 13:11:43 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.26 13:11:43 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.26 13:11:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.26 13:11:37 | 3186,663,424 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.26 12:50:50 | 000,003,307 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2010.09.26 12:50:50 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.09.26 12:50:49 | 000,524,288 | -HS- | M] () -- C:\Users\Domeej\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010.09.26 12:50:49 | 000,524,288 | -HS- | M] () -- C:\Users\Domeej\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.09.26 12:50:49 | 000,065,536 | -HS- | M] () -- C:\Users\Domeej\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.09.26 12:50:42 | 001,497,539 | -H-- | M] () -- C:\Users\Domeej\AppData\Local\IconCache.db
[2010.09.26 09:49:57 | 000,060,826 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.09.26 09:19:48 | 000,000,040 | -H-- | M] () -- C:\Windows\System32\ivireg.ivr
[2010.09.26 09:19:39 | 000,330,136 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.09.26 09:19:28 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2010.09.26 09:19:28 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
[2010.09.26 08:58:34 | 000,001,111 | ---- | M] () -- C:\Users\Domeej\Desktop\Google Desktop.lnk
[2010.09.26 08:57:03 | 000,000,000 | RH-- | M] () -- C:\Windows\System32\drivers\104D_Sony_VGN-FW31E.mrk
[2010.09.26 08:55:17 | 000,080,712 | ---- | M] () -- C:\Users\Domeej\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.09.26 06:31:04 | 000,000,000 | ---- | M] () -- C:\Windows\VAIOUpdt.INI
[2010.09.26 06:14:37 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Office - 60 Day Trial.lnk
[2010.09.26 06:08:19 | 000,001,761 | ---- | M] () -- C:\Users\Public\Desktop\Me&My VAIO.lnk
[2010.09.26 06:07:39 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2010.09.26 06:01:31 | 000,000,935 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2010.09.26 06:01:27 | 000,000,946 | ---- | M] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2010.09.26 05:52:02 | 000,000,002 | ---- | M] () -- C:\Windows\System32\Snyres.oem
[2010.09.26 05:46:05 | 000,000,209 | ---- | M] () -- C:\Windows\ODBCINST.INI
 
========== Files Created - No Company Name ==========
 
[2010.09.26 13:14:36 | 000,001,768 | ---- | C] () -- C:\Users\Public\Desktop\3DataManager.lnk
[2010.09.26 09:19:47 | 000,000,040 | -H-- | C] () -- C:\Windows\System32\ivireg.ivr
[2010.09.26 08:57:03 | 000,000,000 | RH-- | C] () -- C:\Windows\System32\drivers\104D_Sony_VGN-FW31E.mrk
[2010.09.26 08:55:13 | 000,524,288 | -HS- | C] () -- C:\Users\Domeej\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010.09.26 08:55:13 | 000,524,288 | -HS- | C] () -- C:\Users\Domeej\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.09.26 08:55:13 | 000,262,144 | -H-- | C] () -- C:\Users\Domeej\ntuser.dat.LOG1
[2010.09.26 08:55:13 | 000,065,536 | -HS- | C] () -- C:\Users\Domeej\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.09.26 08:55:13 | 000,000,000 | -H-- | C] () -- C:\Users\Domeej\ntuser.dat.LOG2
[2010.09.26 08:55:12 | 000,001,356 | ---- | C] () -- C:\Users\Domeej\AppData\Local\d3d9caps.dat
[2010.09.26 08:55:07 | 001,310,720 | -HS- | C] () -- C:\Users\Domeej\NTUSER.DAT
[2010.09.26 08:55:07 | 000,001,111 | ---- | C] () -- C:\Users\Domeej\Desktop\Google Desktop.lnk
[2010.09.26 08:55:07 | 000,000,020 | -HS- | C] () -- C:\Users\Domeej\ntuser.ini
[2010.09.26 06:31:04 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2010.09.26 06:22:49 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll
[2010.09.26 06:14:37 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office - 60 Day Trial.lnk
[2010.09.26 06:08:19 | 000,001,761 | ---- | C] () -- C:\Users\Public\Desktop\Me&My VAIO.lnk
[2010.09.26 06:07:49 | 000,003,307 | ---- | C] () -- C:\Windows\System32\Config.MPF
[2010.09.26 06:07:39 | 000,000,811 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2010.09.26 06:03:56 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\McDefragTask.job
[2010.09.26 06:03:54 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\McQcTask.job
[2010.09.26 06:01:31 | 000,000,935 | ---- | C] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2010.09.26 06:01:27 | 000,000,946 | ---- | C] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2010.09.26 05:52:02 | 000,000,002 | ---- | C] () -- C:\Windows\System32\Snyres.oem
[2010.09.26 05:33:48 | 3186,663,424 | -HS- | C] () -- C:\hiberfil.sys
[2008.11.25 20:42:47 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.08.08 19:14:10 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.08.08 19:11:22 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008.08.08 19:11:22 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008.08.08 19:10:34 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001.11.14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
< End of report >
--- --- ---
__________________
Alt 26.09.2010, 16:12   #4
Domeej
Gesperrt
 
3 (Download)Trojaner vorhanden - Standard

3 (Download)Trojaner vorhanden


mein antivirusschutzsystem hat mir gerade gemeldet das alles im grünen bereich ist
malewarebytes log ist gerade am drüberlaufen

Alt 26.09.2010, 18:16   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
3 (Download)Trojaner vorhanden - Standard

3 (Download)Trojaner vorhanden


Hast Du mein Posting ignoriert? Ich wollte die Pfadangaben zu den gefunden Schädlingen haben!

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 26.09.2010, 18:31   #6
Domeej
Gesperrt
 
3 (Download)Trojaner vorhanden - Standard

3 (Download)Trojaner vorhanden


Zitat:
Zitat von cosinus Beitrag anzeigen
Hast Du mein Posting ignoriert? Ich wollte die Pfadangaben zu den gefunden Schädlingen haben!
tut mir leid ich kenn mich leider null aus

die pfadangaben sind nicht mehr da weil ich mein C laufwerk wiederhergestellt hab da einfach nichts mehr funktionierte
ich wollt nur wissen ob ich noch von vieren befallen bin nach dem wiederherstellen des C laufwerkes.
ich habs hier nochmal zusammengeschrieben mit OTL und malewarebyte
http://www.trojaner-board.de/91164-t...tml#post572285
.

Alt 26.09.2010, 19:48   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
3 (Download)Trojaner vorhanden - Standard

3 (Download)Trojaner vorhanden


Was genau verstehst Du unter einer Wiederherstellung? Systemwiederherstellung? Format c: plus Neuinstallation? Was genau hast Du gemacht?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 26.09.2010, 19:55   #8
Domeej
Gesperrt
 
3 (Download)Trojaner vorhanden - Standard

3 (Download)Trojaner vorhanden


Zitat:
Zitat von cosinus Beitrag anzeigen
Was genau verstehst Du unter einer Wiederherstellung? Systemwiederherstellung? Format c: plus Neuinstallation? Was genau hast Du gemacht?
beim hochfahren die f10 taste gedrückt
dannach auf c: wiederherstellen
das ist dan alles auf die werkseinstellungen zurückgegangen
ich hab mir nen neun benutzer machen müssen....
alle meine persönlichen sachen waren weg

Alt 26.09.2010, 20:04   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
3 (Download)Trojaner vorhanden - Standard

3 (Download)Trojaner vorhanden


Zitat:
alle meine persönlichen sachen waren weg
Deswegen sichert man ja auch vorher die Daten oder fragt nach bevor man solche Dinge macht
Was Du gemacht hast, nennt man auch Recovern und dann sind die Schädlinge definitiv weg, weil das Gerät im Ausliferungszustand ist.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 26.09.2010, 20:06   #10
Domeej
Gesperrt
 
3 (Download)Trojaner vorhanden - Standard

3 (Download)Trojaner vorhanden


Zitat:
Zitat von cosinus Beitrag anzeigen
Deswegen sichert man ja auch vorher die Daten oder fragt nach bevor man solche Dinge macht
Was Du gemacht hast, nennt man auch Recovern und dann sind die Schädlinge definitiv weg, weil das Gerät im Ausliferungszustand ist.
super danke

daten hab ich mir schon länger gesichert

eine frage wen ich meinen acount hier lösche gehn die beiträge von alleine weg oder muss ich das einzeln machen

Antwort

Themen zu 3 (Download)Trojaner vorhanden
100%, avira, avira antivir, befinden, bluescree, download, gefangen, gen, laptop, schütze, schützen, troja, trojaner, vorhanden


« *Windows XP lässt sich nach Reperatur/Neu-Aufsetzen nicht mehr starten /booten . | PDM:Worm.Win32.TestBSSHeurVerdict in C:/Windows/System32/svhost.exe »


Ähnliche Themen: 3 (Download)Trojaner vorhanden


  1. Download von filepony und in Programm PUP (Free You tupe Download) drin
    Diskussionsforum - 20.03.2014 (7)
  2. GVU-Trojaner , OTL.txt vorhanden
    Log-Analyse und Auswertung - 17.11.2013 (4)
  3. Trojaner vorhanden?
    Plagegeister aller Art und deren Bekämpfung - 18.07.2013 (19)
  4. GVU-Trojaner , OTL.txt vorhanden
    Plagegeister aller Art und deren Bekämpfung - 21.05.2013 (9)
  5. BKA Trojaner OTL.txt und EXTRA.txt vorhanden
    Log-Analyse und Auswertung - 19.08.2012 (5)
  6. Bundestrojaner evtl . noch vorhanden, ComboFix + Malwarebytes ausgeführt, Logfiles vorhanden
    Log-Analyse und Auswertung - 27.07.2012 (5)
  7. 50/100€ Trojaner, OTL vorhanden
    Log-Analyse und Auswertung - 24.04.2012 (24)
  8. BKA Trojaner 3.04 Systemwiederherstellung aktiviert noch Reste vom Trojaner vorhanden ?
    Log-Analyse und Auswertung - 09.04.2012 (22)
  9. BKA-Trojaner, OTL.txt vorhanden, brauche fix.txt
    Log-Analyse und Auswertung - 19.07.2011 (3)
  10. bka-Trojaner otl.txt vorhanden
    Log-Analyse und Auswertung - 29.04.2011 (21)
  11. Trojaner downloader gen noch vorhanden? Download langsam
    Log-Analyse und Auswertung - 15.12.2010 (1)
  12. diverse Trojaner vorhanden.
    Plagegeister aller Art und deren Bekämpfung - 27.09.2010 (13)
  13. Trojaner nach Formatierung immer noch vorhanden- Trojaner auf externer HD?
    Plagegeister aller Art und deren Bekämpfung - 30.12.2009 (11)
  14. Trojaner vorhanden?
    Log-Analyse und Auswertung - 07.03.2009 (10)
  15. Trojaner vorhanden?
    Log-Analyse und Auswertung - 26.11.2007 (4)
  16. Rest vom Trojaner Vorhanden ?
    Log-Analyse und Auswertung - 08.09.2006 (7)
  17. Trojaner vorhanden ?
    Log-Analyse und Auswertung - 16.09.2005 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema 3 (Download)Trojaner vorhanden - Ich hab mir 3 trojaner auf meinen laptop gefangen Ich befürchte es sind Downloadtrojaner 1 Dropper.Gen 2/3 Crypt.XPAC.gen jetzt befinden sie sich in meinem Antivirusprogram (Avira Antivir) in quarantäne. Ich - 3 (Download)Trojaner vorhanden...
Archiv
Du betrachtest: 3 (Download)Trojaner vorhanden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58