Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Malewarebytes Antimalware stoppt "svchost.exe" ip :82.98.97.183 bis 82.98.97.205

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Alt 27.12.2011, 21:29   #1
Sohn_des_Mondes
 
Malewarebytes Antimalware stoppt "svchost.exe" ip :82.98.97.183 bis 82.98.97.205 - Standard

Malewarebytes Antimalware stoppt "svchost.exe" ip :82.98.97.183 bis 82.98.97.205



Hallo, Antimalware stoppt immer den zugriff auf "svchost.exe"
Dieses geschiet ca alle 10 Minuten.

Antivir

Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Sonntag, 25. Dezember 2011  23:39

Es wird nach 2970283 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira AntiVir Personal - Free Antivirus
Seriennummer   : 0000149996-ADJIE-0000001
Plattform      : Windows 7 x64
Windowsversion : (plain)  [6.1.7600]
Boot Modus     : Normal gebootet
Benutzername   : Sony User
Computername   : SONYUSER-VAIO

Versionsinformationen:
BUILD.DAT      : 12.0.0.872     41826 Bytes  15.12.2011 16:24:00
AVSCAN.EXE     : 12.1.0.18     490448 Bytes  15.12.2011 13:59:39
AVSCAN.DLL     : 12.1.0.17      65744 Bytes  15.12.2011 13:59:56
LUKE.DLL       : 12.1.0.17      68304 Bytes  15.12.2011 13:59:47
AVSCPLR.DLL    : 12.1.0.21      99536 Bytes  15.12.2011 13:59:39
AVREG.DLL      : 12.1.0.27     227536 Bytes  15.12.2011 13:59:38
VBASE000.VDF   : 7.10.0.0    19875328 Bytes  06.11.2009 18:18:34
VBASE001.VDF   : 7.11.0.0    13342208 Bytes  14.12.2010 23:31:49
VBASE002.VDF   : 7.11.19.170 14374912 Bytes  20.12.2011 21:08:17
VBASE003.VDF   : 7.11.19.171     2048 Bytes  20.12.2011 21:08:17
VBASE004.VDF   : 7.11.19.172     2048 Bytes  20.12.2011 21:08:17
VBASE005.VDF   : 7.11.19.173     2048 Bytes  20.12.2011 21:08:17
VBASE006.VDF   : 7.11.19.174     2048 Bytes  20.12.2011 21:08:17
VBASE007.VDF   : 7.11.19.175     2048 Bytes  20.12.2011 21:08:17
VBASE008.VDF   : 7.11.19.176     2048 Bytes  20.12.2011 21:08:18
VBASE009.VDF   : 7.11.19.177     2048 Bytes  20.12.2011 21:08:18
VBASE010.VDF   : 7.11.19.178     2048 Bytes  20.12.2011 21:08:18
VBASE011.VDF   : 7.11.19.179     2048 Bytes  20.12.2011 21:08:18
VBASE012.VDF   : 7.11.19.180     2048 Bytes  20.12.2011 21:08:18
VBASE013.VDF   : 7.11.19.217   182784 Bytes  22.12.2011 21:08:18
VBASE014.VDF   : 7.11.19.255   148480 Bytes  24.12.2011 21:08:19
VBASE015.VDF   : 7.11.20.0       2048 Bytes  24.12.2011 21:08:19
VBASE016.VDF   : 7.11.20.1       2048 Bytes  24.12.2011 21:08:19
VBASE017.VDF   : 7.11.20.2       2048 Bytes  24.12.2011 21:08:19
VBASE018.VDF   : 7.11.20.3       2048 Bytes  24.12.2011 21:08:19
VBASE019.VDF   : 7.11.20.4       2048 Bytes  24.12.2011 21:08:19
VBASE020.VDF   : 7.11.20.5       2048 Bytes  24.12.2011 21:08:19
VBASE021.VDF   : 7.11.20.6       2048 Bytes  24.12.2011 21:08:19
VBASE022.VDF   : 7.11.20.7       2048 Bytes  24.12.2011 21:08:19
VBASE023.VDF   : 7.11.20.8       2048 Bytes  24.12.2011 21:08:19
VBASE024.VDF   : 7.11.20.9       2048 Bytes  24.12.2011 21:08:19
VBASE025.VDF   : 7.11.20.10      2048 Bytes  24.12.2011 21:08:19
VBASE026.VDF   : 7.11.20.11      2048 Bytes  24.12.2011 21:08:19
VBASE027.VDF   : 7.11.20.12      2048 Bytes  24.12.2011 21:08:19
VBASE028.VDF   : 7.11.20.13      2048 Bytes  24.12.2011 21:08:19
VBASE029.VDF   : 7.11.20.14      2048 Bytes  24.12.2011 21:08:19
VBASE030.VDF   : 7.11.20.15      2048 Bytes  24.12.2011 21:08:19
VBASE031.VDF   : 7.11.20.18     81920 Bytes  25.12.2011 21:08:20
Engineversion  : 8.2.8.8   
AEVDF.DLL      : 8.1.2.2       106868 Bytes  15.12.2011 13:59:36
AESCRIPT.DLL   : 8.1.3.92      495996 Bytes  25.12.2011 21:08:24
AESCN.DLL      : 8.1.7.2       127349 Bytes  14.12.2011 23:31:02
AESBX.DLL      : 8.2.4.5       434549 Bytes  15.12.2011 13:59:35
AERDL.DLL      : 8.1.9.15      639348 Bytes  14.12.2011 23:31:02
AEPACK.DLL     : 8.2.15.1      770423 Bytes  15.12.2011 13:59:35
AEOFFICE.DLL   : 8.1.2.24      201084 Bytes  25.12.2011 21:08:23
AEHEUR.DLL     : 8.1.3.8      4231543 Bytes  25.12.2011 21:08:23
AEHELP.DLL     : 8.1.18.0      254327 Bytes  15.12.2011 13:59:31
AEGEN.DLL      : 8.1.5.17      405877 Bytes  15.12.2011 13:59:31
AEEMU.DLL      : 8.1.3.0       393589 Bytes  14.12.2011 23:30:58
AECORE.DLL     : 8.1.24.2      201080 Bytes  25.12.2011 21:08:20
AEBB.DLL       : 8.1.1.0        53618 Bytes  14.12.2011 23:30:58
AVWINLL.DLL    : 12.1.0.17      27344 Bytes  15.12.2011 13:59:41
AVPREF.DLL     : 12.1.0.17      51920 Bytes  15.12.2011 13:59:38
AVREP.DLL      : 12.1.0.17     179408 Bytes  15.12.2011 13:59:38
AVARKT.DLL     : 12.1.0.19     208848 Bytes  15.12.2011 13:59:36
AVEVTLOG.DLL   : 12.1.0.17     169168 Bytes  15.12.2011 13:59:37
SQLITE3.DLL    : 3.7.0.0       398288 Bytes  15.12.2011 13:59:50
AVSMTP.DLL     : 12.1.0.17      62928 Bytes  15.12.2011 13:59:39
NETNT.DLL      : 12.1.0.17      17104 Bytes  15.12.2011 13:59:47
RCIMAGE.DLL    : 12.1.0.17    4447952 Bytes  15.12.2011 13:59:58
RCTEXT.DLL     : 12.1.0.16      98512 Bytes  15.12.2011 13:59:59

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Lokale Laufwerke
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\alldrives.avp
Protokollierung.......................: standard
Primäre Aktion........................: löschen
Sekundäre Aktion......................: löschen
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, E:, F:, 
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: ein
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Abweichende Archivtypen...............: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, +ISO 9660, 
Makrovirenheuristik...................: ein
Dateiheuristik........................: vollständig
Abweichende Gefahrenkategorien........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,

Beginn des Suchlaufs: Sonntag, 25. Dezember 2011  23:39

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
    [INFO]      Es wurde kein Virus gefunden!
Masterbootsektor HD1
    [INFO]      Es wurde kein Virus gefunden!
Masterbootsektor HD2
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
    [INFO]      Es wurde kein Virus gefunden!
Bootsektor 'D:\'
    [INFO]      Im  Laufwerk 'D:\' ist kein Datenträger eingelegt!
Bootsektor 'E:\'
    [INFO]      Im  Laufwerk 'E:\' ist kein Datenträger eingelegt!

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamgui.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamservice.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdobeARM.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCSW.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ISBMgr.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgrSub.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'VMCService.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'VzCdbSvc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCFw.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgr.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'uCamMonitor.exe' - '1' Modul(e) wurden durchsucht

Untersuchung der Systemdateien wird begonnen:
Signiert -> 'C:\Windows\system32\svchost.exe'
Signiert -> 'C:\Windows\system32\winlogon.exe'
Signiert -> 'C:\Windows\explorer.exe'
Signiert -> 'C:\Windows\system32\smss.exe'
Signiert -> 'C:\Windows\system32\wininet.DLL'
Signiert -> 'C:\Windows\system32\wsock32.DLL'
Signiert -> 'C:\Windows\system32\ws2_32.DLL'
Signiert -> 'C:\Windows\system32\services.exe'
Signiert -> 'C:\Windows\system32\lsass.exe'
Signiert -> 'C:\Windows\system32\csrss.exe'
Signiert -> 'C:\Windows\system32\drivers\kbdclass.sys'
Signiert -> 'C:\Windows\system32\spoolsv.exe'
Signiert -> 'C:\Windows\system32\alg.exe'
Signiert -> 'C:\Windows\system32\wuauclt.exe'
Signiert -> 'C:\Windows\system32\advapi32.DLL'
Signiert -> 'C:\Windows\system32\user32.DLL'
Signiert -> 'C:\Windows\system32\gdi32.DLL'
Signiert -> 'C:\Windows\system32\kernel32.DLL'
Signiert -> 'C:\Windows\system32\ntdll.DLL'
Signiert -> 'C:\Windows\system32\ntoskrnl.exe'
Signiert -> 'C:\Windows\system32\ctfmon.exe'
Die Systemdateien wurden durchsucht ('21' Dateien)

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '2857' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\'
C:\Users\Sony User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KTDI2CKT\wlsetup-all.exe
  [0] Archivtyp: Portable Executable Resource
  --> object
      [1] Archivtyp: CAB (Microsoft)
    --> WriterProdLang.7z
        [2] Archivtyp: 7-Zip
      --> WriterProdLang.cab
          [3] Archivtyp: CAB (Microsoft)
        --> writerprodlang.msi
            [WARNUNG]   Die Datei konnte nicht gelesen werden!
  --> object
      [1] Archivtyp: CAB (Microsoft)
    --> LanguageSelector64.7z
        [2] Archivtyp: 7-Zip
      --> LanguageSelector64.cab
          [3] Archivtyp: CAB (Microsoft)
        --> LanguageSelector64.msi
            [WARNUNG]   Die Datei konnte nicht gelesen werden!
C:\Users\Sony User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\1dd6a40c-251ef117
  [0] Archivtyp: ZIP
  --> ________vload.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/CVE-2008-5353.KM
  --> vmain.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/CVE-2008-5353.ND
  [HINWEIS]   Eine Sicherungskopie wurde unter dem Namen 4944268e.qua erstellt ( QUARANTÄNE )
  [HINWEIS]   Die Datei wurde gelöscht.
C:\Users\Sony User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\105e14d2-140a64fd
  [0] Archivtyp: ZIP
  --> Base64cod.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Dldr.Small.hej
  --> Googles.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.F.18035
  [HINWEIS]   Eine Sicherungskopie wurde unter dem Namen 51a4091d.qua erstellt ( QUARANTÄNE )
  [HINWEIS]   Die Datei wurde gelöscht.
C:\Users\Sony User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\160ba957-7a18bb26
  [0] Archivtyp: ZIP
  --> ________vload.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.AH
  --> vmain.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/CVE-2008-5353.PA
  [HINWEIS]   Eine Sicherungskopie wurde unter dem Namen 03f053fc.qua erstellt ( QUARANTÄNE )
  [HINWEIS]   Die Datei wurde gelöscht.
C:\Users\Sony User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\cf0c019-64d6e84d
  [0] Archivtyp: ZIP
  --> sunos/Globales.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/SystemSpy.A.1
  --> sunos/Manuals.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/ClassLoad.AF
  --> sunos/Support.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/ClassLo.AF.1.B
  [HINWEIS]   Eine Sicherungskopie wurde unter dem Namen 65c71c09.qua erstellt ( QUARANTÄNE )
  [HINWEIS]   Die Datei wurde gelöscht.
C:\Users\Sony User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\68a9cc5c-188bb89d
  [0] Archivtyp: ZIP
  --> ________vload.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.AH
  --> vmain.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/CVE-2008-5353.PA
  [HINWEIS]   Eine Sicherungskopie wurde unter dem Namen 203c3119.qua erstellt ( QUARANTÄNE )
  [HINWEIS]   Die Datei wurde gelöscht.
C:\Users\Sony User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\30feb821-7be8da52
  [0] Archivtyp: ZIP
  --> ________vload.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/CVE-2008-5353.KM
  --> vmain.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/CVE-2008-5353.ND
  [HINWEIS]   Eine Sicherungskopie wurde unter dem Namen 5f220364.qua erstellt ( QUARANTÄNE )
  [HINWEIS]   Die Datei wurde gelöscht.
C:\Users\Sony User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\170f8765-23c4db87
  [0] Archivtyp: ZIP
  --> vmain.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.AL.3
  [HINWEIS]   Eine Sicherungskopie wurde unter dem Namen 13e02f37.qua erstellt ( QUARANTÄNE )
  [HINWEIS]   Die Datei wurde gelöscht.
C:\Users\Sony User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\706b3426-4717d0eb
  [0] Archivtyp: ZIP
  --> bpac/a$1.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/Java.EG
  --> bpac/a.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/OpenConnect.CF
  --> bpac/b.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/CVE-2010-0840.L
  --> bpac/KAVS.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/CVE-2010-0840.BB
  [HINWEIS]   Eine Sicherungskopie wurde unter dem Namen 6ff26f7e.qua erstellt ( QUARANTÄNE )
  [HINWEIS]   Die Datei wurde gelöscht.
C:\Users\Sony User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\1eff1eb1-611bcd93
  [0] Archivtyp: ZIP
  --> vmain.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/CVE-2009-3867.GC
  [HINWEIS]   Eine Sicherungskopie wurde unter dem Namen 42d840fc.qua erstellt ( QUARANTÄNE )
  [HINWEIS]   Die Datei wurde gelöscht.
C:\Users\Sony User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\31bba1f4-4fcf4f20
  [0] Archivtyp: ZIP
  --> vmain.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/CVE-2009-3867.GC
  [HINWEIS]   Eine Sicherungskopie wurde unter dem Namen 5bb47baa.qua erstellt ( QUARANTÄNE )
  [HINWEIS]   Die Datei wurde gelöscht.
C:\Users\Sony User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\42441975-3ff5bb5f
  [0] Archivtyp: ZIP
  --> vmain.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/CVE-2009-3867.EH
  [HINWEIS]   Eine Sicherungskopie wurde unter dem Namen 379a5784.qua erstellt ( QUARANTÄNE )
  [HINWEIS]   Die Datei wurde gelöscht.
C:\Users\Sony User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\d552d7a-448cf279
  [0] Archivtyp: ZIP
  --> vmain.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.AL.3
  [HINWEIS]   Eine Sicherungskopie wurde unter dem Namen 46246e12.qua erstellt ( QUARANTÄNE )
  [HINWEIS]   Die Datei wurde gelöscht.
C:\Users\Sony User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\4eb49b7b-6939d3d5
  [0] Archivtyp: ZIP
  --> sunny/MyFiles.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Dldr.Age.3159
  [HINWEIS]   Eine Sicherungskopie wurde unter dem Namen 484b5e05.qua erstellt ( QUARANTÄNE )
  [HINWEIS]   Die Datei wurde gelöscht.
Beginne mit der Suche in 'D:\'
Der zu durchsuchende Pfad D:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.
Beginne mit der Suche in 'E:\'
Der zu durchsuchende Pfad E:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.
Beginne mit der Suche in 'F:\'
Der zu durchsuchende Pfad F:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.


Ende des Suchlaufs: Montag, 26. Dezember 2011  00:27
Benötigte Zeit: 48:45 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

  22731 Verzeichnisse wurden überprüft
 423969 Dateien wurden geprüft
     23 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
     13 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
     13 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 423946 Dateien ohne Befall
   2734 Archive wurden durchsucht
      2 Warnungen
     13 Hinweise
  27201 Objekte wurden beim Rootkitscan durchsucht
      0 Versteckte Objekte wurden gefunden
         
nach dem zweiten und dritten mal scannen wurde nichts mehr gefunden.

Maleware
Code:
ATTFilter
09:49:20	Sony User	MESSAGE	Protection started successfully
09:49:25	Sony User	MESSAGE	IP Protection started successfully
09:57:41	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 49288, Process: svchost.exe)
09:57:41	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 49289, Process: svchost.exe)
09:57:41	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 49290, Process: svchost.exe)
09:57:41	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 49291, Process: svchost.exe)
09:57:41	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 49292, Process: svchost.exe)
10:05:55	Sony User	MESSAGE	Protection started successfully
10:05:59	Sony User	MESSAGE	IP Protection started successfully
10:14:17	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 49349, Process: svchost.exe)
10:14:17	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 49350, Process: svchost.exe)
10:14:17	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 49351, Process: svchost.exe)
10:14:17	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 49352, Process: svchost.exe)
10:14:17	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 49353, Process: svchost.exe)
10:24:19	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 49365, Process: svchost.exe)
10:24:19	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 49366, Process: svchost.exe)
10:24:19	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 49367, Process: svchost.exe)
10:24:19	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 49368, Process: svchost.exe)
10:24:19	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 49369, Process: svchost.exe)
10:34:20	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 49474, Process: svchost.exe)
10:34:20	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 49475, Process: svchost.exe)
10:34:20	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 49476, Process: svchost.exe)
10:34:20	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 49477, Process: svchost.exe)
10:34:20	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 49478, Process: svchost.exe)
10:44:20	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 49796, Process: svchost.exe)
10:44:21	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 49797, Process: svchost.exe)
10:44:21	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 49798, Process: svchost.exe)
10:44:21	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 49799, Process: svchost.exe)
10:44:21	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 49800, Process: svchost.exe)
10:53:01	Sony User	MESSAGE	Scheduled update executed successfully
10:54:25	Sony User	MESSAGE	IP Protection stopped
10:54:27	Sony User	MESSAGE	Database updated successfully
10:54:28	Sony User	MESSAGE	IP Protection started successfully
11:04:19	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 49840, Process: svchost.exe)
11:04:19	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 49841, Process: svchost.exe)
11:04:19	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 49842, Process: svchost.exe)
11:04:19	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 49843, Process: svchost.exe)
11:14:20	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 49869, Process: svchost.exe)
11:14:20	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 49870, Process: svchost.exe)
11:14:20	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 49871, Process: svchost.exe)
11:14:20	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 49872, Process: svchost.exe)
11:24:23	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 49880, Process: svchost.exe)
11:24:23	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 49881, Process: svchost.exe)
11:24:23	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 49882, Process: svchost.exe)
11:24:23	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 49883, Process: svchost.exe)
11:34:17	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 49902, Process: svchost.exe)
11:34:17	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 49903, Process: svchost.exe)
11:34:17	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 49904, Process: svchost.exe)
11:34:17	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 49905, Process: svchost.exe)
11:44:17	Sony User	IP-BLOCK	82.98.97.200 (Type: outgoing, Port: 49915, Process: svchost.exe)
11:54:18	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 49943, Process: svchost.exe)
11:54:18	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 49944, Process: svchost.exe)
11:54:18	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 49945, Process: svchost.exe)
11:54:18	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 49946, Process: svchost.exe)
12:04:21	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 49962, Process: svchost.exe)
12:04:21	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 49963, Process: svchost.exe)
12:04:21	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 49964, Process: svchost.exe)
12:04:21	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 49965, Process: svchost.exe)
12:14:21	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 50337, Process: svchost.exe)
12:14:21	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 50338, Process: svchost.exe)
12:14:21	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 50339, Process: svchost.exe)
12:14:21	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 50340, Process: svchost.exe)
12:24:22	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 50683, Process: svchost.exe)
12:24:22	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 50684, Process: svchost.exe)
12:24:22	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 50685, Process: svchost.exe)
12:24:22	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 50686, Process: svchost.exe)
12:34:23	Sony User	IP-BLOCK	82.98.97.200 (Type: outgoing, Port: 51033, Process: svchost.exe)
12:44:23	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51041, Process: svchost.exe)
12:44:23	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51042, Process: svchost.exe)
12:44:23	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51043, Process: svchost.exe)
12:44:23	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51044, Process: svchost.exe)
12:54:19	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51045, Process: svchost.exe)
12:54:19	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51046, Process: svchost.exe)
12:54:19	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51047, Process: svchost.exe)
12:54:19	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51048, Process: svchost.exe)
13:04:20	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51076, Process: svchost.exe)
13:04:20	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51077, Process: svchost.exe)
13:04:20	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51078, Process: svchost.exe)
13:04:20	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51079, Process: svchost.exe)
13:14:22	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51087, Process: svchost.exe)
13:14:22	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51088, Process: svchost.exe)
13:14:22	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51089, Process: svchost.exe)
13:14:22	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51090, Process: svchost.exe)
13:24:24	Sony User	IP-BLOCK	82.98.97.200 (Type: outgoing, Port: 51168, Process: svchost.exe)
13:34:25	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51184, Process: svchost.exe)
13:34:25	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51185, Process: svchost.exe)
13:34:25	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51186, Process: svchost.exe)
13:34:25	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51187, Process: svchost.exe)
13:44:25	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51196, Process: svchost.exe)
13:44:25	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51197, Process: svchost.exe)
13:44:25	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51198, Process: svchost.exe)
13:44:25	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51199, Process: svchost.exe)
13:54:19	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51200, Process: svchost.exe)
13:54:19	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51201, Process: svchost.exe)
13:54:19	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51202, Process: svchost.exe)
13:54:20	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51203, Process: svchost.exe)
14:11:44	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51220, Process: svchost.exe)
14:11:44	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51221, Process: svchost.exe)
14:11:44	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51222, Process: svchost.exe)
14:11:44	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51223, Process: svchost.exe)
14:21:53	Sony User	IP-BLOCK	82.98.97.200 (Type: outgoing, Port: 51620, Process: svchost.exe)
14:31:53	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51628, Process: svchost.exe)
14:31:53	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51629, Process: svchost.exe)
14:31:53	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51630, Process: svchost.exe)
14:31:53	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51631, Process: svchost.exe)
14:41:53	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51632, Process: svchost.exe)
14:41:53	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51633, Process: svchost.exe)
14:41:54	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51634, Process: svchost.exe)
14:41:54	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51635, Process: svchost.exe)
14:51:54	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51643, Process: svchost.exe)
14:51:54	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51644, Process: svchost.exe)
14:51:54	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51645, Process: svchost.exe)
14:51:54	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51646, Process: svchost.exe)
15:01:54	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51661, Process: svchost.exe)
15:01:54	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51662, Process: svchost.exe)
15:01:55	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51663, Process: svchost.exe)
15:01:55	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51664, Process: svchost.exe)
15:11:55	Sony User	IP-BLOCK	82.98.97.200 (Type: outgoing, Port: 51668, Process: svchost.exe)
15:21:50	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 52165, Process: svchost.exe)
15:21:51	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 52166, Process: svchost.exe)
15:21:51	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 52167, Process: svchost.exe)
15:21:51	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 52168, Process: svchost.exe)
15:31:51	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 52176, Process: svchost.exe)
15:31:51	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 52177, Process: svchost.exe)
15:31:51	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 52178, Process: svchost.exe)
15:31:51	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 52179, Process: svchost.exe)
15:41:51	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 52300, Process: svchost.exe)
15:41:51	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 52301, Process: svchost.exe)
15:41:51	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 52302, Process: svchost.exe)
15:41:51	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 52303, Process: svchost.exe)
15:51:52	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 52311, Process: svchost.exe)
15:51:52	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 52312, Process: svchost.exe)
15:51:52	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 52313, Process: svchost.exe)
15:51:52	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 52314, Process: svchost.exe)
16:01:52	Sony User	IP-BLOCK	82.98.97.200 (Type: outgoing, Port: 52324, Process: svchost.exe)
18:35:34	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 52331, Process: svchost.exe)
18:40:30	Sony User	MESSAGE	Protection started successfully
18:40:34	Sony User	MESSAGE	IP Protection started successfully
18:48:51	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 49337, Process: svchost.exe)
18:48:51	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 49338, Process: svchost.exe)
18:48:51	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 49339, Process: svchost.exe)
18:48:51	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 49340, Process: svchost.exe)
18:48:51	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 49341, Process: svchost.exe)
18:58:56	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 49478, Process: svchost.exe)
18:58:56	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 49479, Process: svchost.exe)
18:58:56	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 49480, Process: svchost.exe)
18:58:56	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 49481, Process: svchost.exe)
18:58:56	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 49482, Process: svchost.exe)
19:08:49	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 50112, Process: svchost.exe)
19:08:49	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 50113, Process: svchost.exe)
19:08:49	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 50114, Process: svchost.exe)
19:08:49	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 50115, Process: svchost.exe)
19:08:49	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 50116, Process: svchost.exe)
19:18:50	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 50228, Process: svchost.exe)
19:18:50	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 50229, Process: svchost.exe)
19:18:50	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 50230, Process: svchost.exe)
19:18:50	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 50231, Process: svchost.exe)
19:18:50	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 50232, Process: svchost.exe)
19:28:53	Sony User	IP-BLOCK	82.98.97.200 (Type: outgoing, Port: 50967, Process: svchost.exe)
19:38:52	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51099, Process: svchost.exe)
19:38:52	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51100, Process: svchost.exe)
19:38:52	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51101, Process: svchost.exe)
19:38:52	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51102, Process: svchost.exe)
19:48:56	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51110, Process: svchost.exe)
19:48:56	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51111, Process: svchost.exe)
19:48:56	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51112, Process: svchost.exe)
19:48:56	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51113, Process: svchost.exe)
19:58:52	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51186, Process: svchost.exe)
19:58:52	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51187, Process: svchost.exe)
19:58:52	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51188, Process: svchost.exe)
19:58:52	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51189, Process: svchost.exe)
20:08:52	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51245, Process: svchost.exe)
20:08:52	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51246, Process: svchost.exe)
20:08:52	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51247, Process: svchost.exe)
20:08:52	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51248, Process: svchost.exe)
20:18:52	Sony User	IP-BLOCK	82.98.97.200 (Type: outgoing, Port: 51438, Process: svchost.exe)
20:28:52	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51659, Process: svchost.exe)
20:28:52	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51660, Process: svchost.exe)
20:28:52	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51661, Process: svchost.exe)
20:28:52	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51662, Process: svchost.exe)
20:38:55	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51681, Process: svchost.exe)
20:38:55	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51682, Process: svchost.exe)
20:38:55	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51683, Process: svchost.exe)
20:38:55	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51684, Process: svchost.exe)
20:48:51	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51693, Process: svchost.exe)
20:48:52	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51694, Process: svchost.exe)
20:48:52	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51695, Process: svchost.exe)
20:48:52	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51696, Process: svchost.exe)
20:58:56	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 51797, Process: svchost.exe)
20:58:56	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 51798, Process: svchost.exe)
20:58:56	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 51799, Process: svchost.exe)
20:58:56	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 51800, Process: svchost.exe)
21:08:53	Sony User	IP-BLOCK	82.98.97.200 (Type: outgoing, Port: 52182, Process: svchost.exe)
21:18:57	Sony User	IP-BLOCK	82.98.97.203 (Type: outgoing, Port: 52499, Process: svchost.exe)
21:18:57	Sony User	IP-BLOCK	82.98.97.206 (Type: outgoing, Port: 52500, Process: svchost.exe)
21:18:57	Sony User	IP-BLOCK	82.98.97.183 (Type: outgoing, Port: 52501, Process: svchost.exe)
21:18:57	Sony User	IP-BLOCK	82.98.97.185 (Type: outgoing, Port: 52502, Process: svchost.exe)
         
OTL

Code:
ATTFilter
OTL logfile created on: 27.12.2011 21:16:46 - Run 3
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Sony User\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,97 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 45,85% Memory free
7,93 Gb Paging File | 5,52 Gb Available in Paging File | 69,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456,28 Gb Total Space | 328,10 Gb Free Space | 71,91% Space Free | Partition Type: NTFS
 
Computer Name: SONYUSER-VAIO | User Name: Sony User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Sony User\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Users\SONYUS~1\AppData\Local\Temp\mexe.com (MicroWorld Technologies Inc.)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (VSNService) -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (RtkAudioService) -- C:\Programme\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV - (Vcsw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (IntcHdmiAddService) Intel(R) -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (risdptsk) -- C:\Windows\SysNative\drivers\risdsn64.sys (REDC)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimssn64.sys (REDC)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5v64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Sony User\Desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E9 42 7F 95 76 C4 CC 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.04.06 10:35:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.04.06 10:35:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.25 21:56:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.12.25 22:48:51 | 000,000,000 | ---D | M]
 
[2010.05.03 18:23:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sony User\AppData\Roaming\mozilla\Extensions
[2011.12.27 10:01:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sony User\AppData\Roaming\mozilla\Firefox\Profiles\qzmkl14c.default\extensions
[2011.04.08 05:59:26 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Sony User\AppData\Roaming\mozilla\Firefox\Profiles\qzmkl14c.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.08.18 21:28:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Sony User\AppData\Roaming\mozilla\Firefox\Profiles\qzmkl14c.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.21 20:21:07 | 000,000,873 | ---- | M] () -- C:\Users\Sony User\AppData\Roaming\Mozilla\Firefox\Profiles\qzmkl14c.default\searchplugins\conduit.xml
[2010.12.21 14:59:20 | 000,000,950 | ---- | M] () -- C:\Users\Sony User\AppData\Roaming\Mozilla\Firefox\Profiles\qzmkl14c.default\searchplugins\icqplugin-2.xml
[2011.04.08 06:02:37 | 000,000,950 | ---- | M] () -- C:\Users\Sony User\AppData\Roaming\Mozilla\Firefox\Profiles\qzmkl14c.default\searchplugins\icqplugin-3.xml
[2011.04.08 05:59:26 | 000,000,168 | ---- | M] () -- C:\Users\Sony User\AppData\Roaming\Mozilla\Firefox\Profiles\qzmkl14c.default\searchplugins\icqplugin.gif
[2011.04.08 05:59:26 | 000,000,618 | ---- | M] () -- C:\Users\Sony User\AppData\Roaming\Mozilla\Firefox\Profiles\qzmkl14c.default\searchplugins\icqplugin.src
[2010.05.12 16:40:48 | 000,001,042 | ---- | M] () -- C:\Users\Sony User\AppData\Roaming\Mozilla\Firefox\Profiles\qzmkl14c.default\searchplugins\icqplugin.xml
[2011.12.25 22:12:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.06.27 03:20:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.03 19:42:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.07 01:27:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.12 23:01:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.21 08:10:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.12.25 22:12:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2011.04.06 10:35:59 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011.04.06 10:35:59 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
File not found (No name found) -- C:\USERS\SONY USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZMKL14C.DEFAULT\EXTENSIONS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
File not found (No name found) -- C:\USERS\SONY USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZMKL14C.DEFAULT\EXTENSIONS\ENGINE@CONDUIT.COM
[2011.11.10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.04.09 11:40:26 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.04.09 11:40:27 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.04.09 11:40:27 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.04.09 11:40:27 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.04.09 11:40:27 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2011.12.26 11:41:02 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Sony User\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Sony User\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3DBEED24-4889-479C-82EC-D972CD7A8EFF}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{59F4ACDD-B2C9-4F4E-969D-FD30745D2CD0}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.27 19:30:50 | 000,000,000 | ---D | C] -- C:\Windows\VDLL.DLL
[2011.12.27 19:30:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\runouce.exe
[2011.12.27 19:30:50 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe
[2011.12.27 19:30:50 | 000,000,000 | ---D | C] -- C:\Windows\RUNDL132.EXE
[2011.12.27 19:30:50 | 000,000,000 | ---D | C] -- C:\Windows\logo1_.exe
[2011.12.27 19:30:50 | 000,000,000 | ---D | C] -- C:\Windows\logo_1.exe
[2011.12.27 19:22:32 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr80.dll
[2011.12.27 19:22:31 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll
[2011.12.27 19:22:30 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe
[2011.12.27 19:22:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MicroWorld
[2011.12.27 19:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\MicroWorld
[2011.12.27 15:15:35 | 000,000,000 | ---D | C] -- C:\Users\Sony User\Desktop\Virus
[2011.12.27 15:10:58 | 000,000,000 | ---D | C] -- C:\Users\Sony User\AppData\Roaming\Roxio Log Files
[2011.12.27 15:08:56 | 000,000,000 | ---D | C] -- C:\Users\Sony User\AppData\Local\SvchostViewer
[2011.12.27 13:21:37 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2011.12.27 10:06:29 | 001,918,464 | ---- | C] (AVAST Software) -- C:\Users\Sony User\Desktop\aswMBR.exe
[2011.12.27 09:58:06 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.12.27 09:56:29 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Sony User\Desktop\OTL.exe
[2011.12.26 22:41:07 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.12.26 11:56:11 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.12.26 11:34:31 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.12.26 03:06:34 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.26 03:06:33 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.26 03:06:32 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.26 03:06:32 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.26 03:06:31 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.26 03:06:31 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.26 03:06:28 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.12.26 03:06:28 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.12.26 03:06:28 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.12.26 03:06:27 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.12.26 03:06:27 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.12.25 22:20:28 | 000,000,000 | ---D | C] -- C:\Users\Sony User\AppData\Local\{3C11D02F-DA75-4D54-B37B-8BBA3405470A}
[2011.12.25 22:20:16 | 000,000,000 | ---D | C] -- C:\Users\Sony User\AppData\Local\{07CBAF22-9E3F-4F65-8175-5AA39A15B517}
[2011.12.25 22:18:12 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.12.25 22:17:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011.12.25 22:17:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011.12.25 22:13:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.12.25 22:12:54 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.12.25 22:12:54 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.12.25 22:12:54 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.12.25 22:10:14 | 000,000,000 | ---D | C] -- C:\Users\Sony User\AppData\Roaming\Avira
[2011.12.25 22:07:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.12.25 22:07:10 | 000,130,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.12.25 22:07:10 | 000,097,312 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.12.25 22:07:10 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2011.12.25 22:07:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.12.25 22:07:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011.12.25 22:04:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2011.12.25 21:48:07 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2011.12.25 21:48:07 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2011.12.25 21:48:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2011.12.25 21:48:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011.12.25 21:48:07 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011.12.25 21:48:07 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2011.12.25 21:48:07 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2011.12.25 21:48:07 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2011.12.25 21:48:07 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2011.12.25 21:47:57 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011.12.25 21:47:57 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011.12.25 21:47:52 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011.12.25 21:47:23 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011.12.25 21:47:23 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011.12.25 21:47:23 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2011.12.25 21:47:23 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2011.12.25 21:47:23 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011.12.25 21:47:23 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011.12.25 21:47:22 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2011.12.25 21:47:22 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2011.12.25 21:47:21 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2011.12.25 21:47:21 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2011.12.25 21:47:19 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011.12.25 21:47:19 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011.12.25 21:47:19 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011.12.25 21:47:19 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011.12.25 21:47:19 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011.12.25 21:47:19 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.12.25 21:47:18 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011.12.25 21:47:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011.12.25 21:47:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011.12.25 21:47:17 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011.12.25 21:47:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011.12.25 21:47:17 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011.12.25 21:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.12.25 21:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.12.25 21:47:16 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011.12.25 21:47:16 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011.12.25 21:47:16 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011.12.25 21:47:16 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011.12.25 21:47:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011.12.25 21:47:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011.12.25 21:47:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011.12.25 21:47:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011.12.25 21:47:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.12.25 21:47:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.12.25 21:47:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011.12.25 21:47:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011.12.25 21:47:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011.12.25 21:47:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011.12.25 21:47:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011.12.25 21:47:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011.12.25 21:47:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011.12.25 21:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011.12.25 21:47:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011.12.25 21:47:13 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2011.12.25 21:47:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2011.12.25 21:47:10 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011.12.25 21:47:10 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011.12.25 21:47:09 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.12.25 21:47:09 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.12.25 21:46:55 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.12.25 21:46:55 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.12.25 21:46:54 | 003,902,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.12.25 21:36:20 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.27 21:19:38 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.12.27 19:30:50 | 000,000,054 | ---- | M] () -- C:\Windows\Lic.xxx
[2011.12.27 19:22:31 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr80.dll
[2011.12.27 19:22:30 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll
[2011.12.27 19:22:29 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe
[2011.12.27 19:21:44 | 068,866,904 | ---- | M] () -- C:\Users\Sony User\Desktop\mwav.exe
[2011.12.27 18:45:35 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.27 18:45:35 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.27 18:37:32 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2011.12.27 18:37:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.27 18:37:06 | 3195,293,696 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.27 15:12:03 | 000,000,181 | ---- | M] () -- C:\Windows\WININIT.INI
[2011.12.27 10:06:29 | 001,918,464 | ---- | M] (AVAST Software) -- C:\Users\Sony User\Desktop\aswMBR.exe
[2011.12.27 09:56:29 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Sony User\Desktop\OTL.exe
[2011.12.26 11:41:02 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.12.26 09:23:34 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.12.26 09:23:34 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.12.26 09:23:34 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.12.26 09:23:34 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.12.26 09:23:34 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.12.26 09:16:06 | 000,446,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.12.25 21:36:20 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.12.15 15:00:00 | 000,027,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2011.12.15 14:59:59 | 000,130,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.12.15 14:59:59 | 000,097,312 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
 
========== Files Created - No Company Name ==========
 
[2011.12.27 19:22:47 | 000,000,054 | ---- | C] () -- C:\Windows\Lic.xxx
[2011.12.27 19:20:18 | 068,866,904 | ---- | C] () -- C:\Users\Sony User\Desktop\mwav.exe
[2011.12.27 15:12:03 | 000,000,181 | ---- | C] () -- C:\Windows\WININIT.INI
[2011.12.25 22:19:24 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2010.07.25 08:39:33 | 000,008,192 | ---- | C] () -- C:\Users\Sony User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.05 19:37:57 | 000,008,718 | ---- | C] () -- C:\Users\Sony User\AppData\Roaming\wklnhst.dat
[2009.12.20 18:02:09 | 000,027,639 | ---- | C] () -- C:\Users\Sony User\AppData\Roaming\UserTile.png
[2009.09.06 09:32:41 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2009.09.06 09:07:13 | 000,002,835 | ---- | C] () -- C:\Windows\SysWow64\McOEMAppRules.dat
[2009.08.17 21:11:49 | 000,982,220 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009.08.17 21:11:46 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009.08.17 21:11:46 | 000,092,216 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009.08.17 21:11:44 | 000,439,300 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009.08.17 13:27:21 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

< End of report >
         

 

Themen zu Malewarebytes Antimalware stoppt "svchost.exe" ip :82.98.97.183 bis 82.98.97.205
.dll, autorun, avast, avg, bho, c:\windows\system32\services.exe, converter, desktop, dllhost.exe, error, eudora, firefox, home, internet, langs, logfile, mbamservice.exe, mp3, nodrives, nt.dll, ntdll.dll, plug-in, programm, prozesse, realtek, registry, rundll, sched.exe, senden, services.exe, software, studio, svchost.exe, verweise, warnung, windows, wuauclt.exe




Ähnliche Themen: Malewarebytes Antimalware stoppt "svchost.exe" ip :82.98.97.183 bis 82.98.97.205


  1. in chrome + explorer "kann Seite nicht anzeigen"/stoppt
    Plagegeister aller Art und deren Bekämpfung - 31.08.2015 (11)
  2. Trojaner "c:\windows\system32\svchost.exe "Avast - Infektion geblockt"
    Log-Analyse und Auswertung - 07.06.2015 (16)
  3. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  4. "monstermarketplace.com" Infektion und ihre Folgen; "Anti-Virus-Blocker"," unsichtbare Toolbars" + "Browser-Hijacker" von selbst installiert
    Log-Analyse und Auswertung - 16.11.2013 (21)
  5. Malewarebytes fand infizierte Datei "PUP.Optional.DownloadSponsor.A"
    Log-Analyse und Auswertung - 22.10.2013 (8)
  6. GMER-Scan stoppt mit "Kein Datenträger"
    Plagegeister aller Art und deren Bekämpfung - 15.07.2013 (31)
  7. habe Malewarebytes,TDSS Killer,OTL und gmer vom Laptop Entfernt und danach ein avira fund ""EXP/JS.Expack.EB" gemacht
    Mülltonne - 05.02.2013 (1)
  8. Gerade GVU Trojaner mit Webcam "gehabt", ist es wirklich dank Malewarebytes weg? Wo ist die "Lücke"?
    Plagegeister aller Art und deren Bekämpfung - 10.08.2012 (23)
  9. Erster Quickscan mit Malewarebytes.53 erkannte Objekte wie "c:/WINDOWS/websvr/htdocs/system/FOLD.."
    Log-Analyse und Auswertung - 22.10.2011 (3)
  10. Laptop stoppt das Hochfahren bei der Anzeige "Loading personal settings"
    Plagegeister aller Art und deren Bekämpfung - 20.09.2011 (14)
  11. "Security Suite" wird von Malewarebytes nicht erkannt.
    Plagegeister aller Art und deren Bekämpfung - 05.09.2010 (20)
  12. Habe Laptop meines Freundes mit dem "Antimalware Doctor" infiziert!
    Plagegeister aller Art und deren Bekämpfung - 08.06.2010 (1)
  13. Virus "Daurso.A" in Datei "svchost.exe"
    Plagegeister aller Art und deren Bekämpfung - 01.06.2010 (15)
  14. dhm.scr geladen, dann ausgeführt ("Testen"), Norton SONAR stoppt und löscht, was nun?
    Mülltonne - 24.05.2010 (2)
  15. AVG findet "Trojan horse Generic15.EAM", Antimalware "Trojan.Agent" + "Rootkit.Agent"
    Plagegeister aller Art und deren Bekämpfung - 03.11.2009 (13)
  16. PC "stoppt" in regelmäßigen Abständen
    Log-Analyse und Auswertung - 17.01.2009 (4)
  17. "Adware.Virtumonde"/"Downloader.MisleadApp"/"TR/VB.agt.4"/"NewDotNet.A.1350"/"Fakerec
    Plagegeister aller Art und deren Bekämpfung - 22.08.2008 (6)

Zum Thema Malewarebytes Antimalware stoppt "svchost.exe" ip :82.98.97.183 bis 82.98.97.205 - Hallo, Antimalware stoppt immer den zugriff auf "svchost.exe" Dieses geschiet ca alle 10 Minuten. Antivir Code: Alles auswählen Aufklappen ATTFilter Avira Free Antivirus Erstellungsdatum der Reportdatei: Sonntag, 25. Dezember 2011 - Malewarebytes Antimalware stoppt "svchost.exe" ip :82.98.97.183 bis 82.98.97.205...
Archiv
Du betrachtest: Malewarebytes Antimalware stoppt "svchost.exe" ip :82.98.97.183 bis 82.98.97.205 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.