Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 06.02.2012, 23:28   #1
Mira C
 
Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert - Standard

Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert



Hallo ihr lieben,
ich habe folgendes Problem: Als ich vorhin im Internet war öffnete sich auf einmal die oben besagte Fehlermeldung samt der Aufforderung 50 € zu zahlen. Das Bild nahm den ganzen Bildschirm ein und der Laptop hat auf nichts mehr reagiert (nicht auf Mausklicke,nicht auf escape, der Taskmanager lies sich nicht mehr öffnen) Ich habe den Laptop dann über langes "Aus-Knopf-drücken" runtergefahren.
Vor ein Paar Monaten hatte ich schon einmal ein ähnliches Problem. Damals hat mir Google (Vom PC meiner Mitbewohnerin) ganz gut geholfen, weil ich eine Anleitung gefunden habe, wie ich im abgesicherten Modus nach dem Problem suche und das dann lösche. Dann lief alles wieder.
Diesmal bin ich aus Google aber leider nicht schlau geworden...
Ich habe dann meinen Laptop noch mal hochgefahren, dabei meinen "Internet-schalter" an der Seite des Laptops auf "off" gelegt, und habe Avira einmal scannen lassen. Avira hat auch was gefunden: EXP/CVE-2011-3544 das habe ich dann gelöscht.
Da mir das aber überhauptnihcts sagt, und ich keine Ahnung habe, ob das jetzt damit behoben ist oder nicht traue ich mich noch nicht so richtig das Internet wieder an zu machen und den Laptop richtig zu benutzen.
Deshalb habe ich mir (wieder vom Laptop meiner Mitbewohnerin) eure ganzen tollen Programme runtergeladen, sie mit meinem Stick auf meinen Laptop gepackt, und habe sie da mal laufen lassen.
Folgendes hat er dann ausgespuckt:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19170 BrowserJavaVersion: 1.6.0_17
Run by Mira at 22:09:13 on 2012-02-06
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.2046.1139 [GMT 1:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\system32\lxbkcoms.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Mira\AppData\Local\Mozilla\Firefox\firefox.exe
C:\Program Files\ImagonShared\DierckeBrowserInterface.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\conime.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://www.club-vaio.com
uInternet Settings,ProxyOverride = *.local
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\progra~1\google~1\BAE.dll
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\4.0.0357.1\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0357.1\npwinext.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Firefox helper] c:\users\mira\appdata\local\mozilla\firefox\firefox.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
mRun: [<NO NAME>]
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\mira\appdata\roaming\micros~1\windows\startm~1\programs\startup\ccc.lnk - c:\program files\ati technologies\ati.ace\core-static\CCC.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\dgo-in~1.lnk - c:\program files\imagonshared\DierckeBrowserInterface.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: An OneNote s&enden - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
TCP: Interfaces\{1DA162A9-CE9B-4C64-94AB-2A788B2C4B85} : DhcpNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: VESWinlogon - VESWinlogon.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\mira\appdata\roaming\mozilla\firefox\profiles\8g1enzv1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\msn toolbar\platform\4.0.0357.1\npwinext.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\mira\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2011-10-20 36000]
R2 AntiVirSchedulerService;Avira Planer;c:\program files\avira\antivir desktop\sched.exe [2011-10-20 86224]
R2 AntiVirService;Avira Echtzeit Scanner;c:\program files\avira\antivir desktop\avguard.exe [2011-10-20 110032]
R2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;c:\program files\symantec\liveupdate\AluSchedulerSvc.exe [2008-1-2 554352]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-10-20 74640]
R2 FontCache;Windows-Dienst für Schriftartencache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-8-24 21504]
R2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe -service --> c:\windows\system32\lxbkcoms.exe -service [?]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 TeamViewer5;TeamViewer 5;c:\program files\teamviewer\version5\TeamViewer_Service.exe [2010-11-1 2011944]
R2 uCamMonitor;CamMonitor;c:\program files\arcsoft\magic-i visual effects\uCamMonitor.exe [2008-1-2 125440]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2008-1-2 292128]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2008-1-2 17920]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-11-27 73472]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-11-27 43904]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2007-11-27 9344]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-11-27 818688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-4-30 135664]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2007-11-26 28464]
S3 DTV_Capture_2X0;Digital TV Receiver;c:\windows\system32\drivers\DTV_Capture_2X0.sys [2011-10-2 18432]
S3 DTV_Loader_2X1;Digital TV Loader;c:\windows\system32\drivers\DTV_Loader_2X1.sys [2011-10-2 19328]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-11-27 30192]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-4-30 135664]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\sony\vaio media integrated server\UCLS.exe [2008-1-2 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\sony\vaio media integrated server\platform\SV_Httpd.exe [2008-1-2 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\sony\vaio media integrated server\platform\UPnPFramework.exe [2008-1-2 1089536]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2008-1-2 79136]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\drivers\WSDPrint.sys [2008-8-24 16896]
.
=============== Created Last 30 ================
.
2012-02-06 12:50:01 6557240 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{6210ee99-0851-4b54-8119-b28ebc47769c}\mpengine.dll
2012-02-02 21:57:36 -------- d-----w- c:\program files\iPod
2012-02-02 21:57:35 -------- d-----w- c:\program files\iTunes
2012-01-17 22:22:22 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-17 22:22:22 278528 ----a-w- c:\windows\system32\schannel.dll
2012-01-17 22:22:21 377344 ----a-w- c:\windows\system32\winhttp.dll
2012-01-17 22:22:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-17 22:22:20 9728 ----a-w- c:\windows\system32\lsass.exe
2012-01-17 22:22:20 72704 ----a-w- c:\windows\system32\secur32.dll
2012-01-11 19:54:34 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-01-11 19:54:34 189952 ----a-w- c:\windows\system32\winmm.dll
2012-01-11 19:54:33 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 19:54:32 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-01-11 19:54:31 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-01-11 19:54:30 66560 ----a-w- c:\windows\system32\packager.dll
2012-01-11 19:54:28 497152 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 19:54:28 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 19:39:30 479232 ----a-w- c:\program files\mozilla firefox\msvcm80.dll
2012-01-11 19:39:30 45016 ----a-w- c:\program files\mozilla firefox\mozutils.dll
2012-01-11 19:39:29 626688 ----a-w- c:\program files\mozilla firefox\msvcr80.dll
2012-01-11 19:39:29 548864 ----a-w- c:\program files\mozilla firefox\msvcp80.dll
.
==================== Find3M ====================
.
2012-01-26 23:21:24 237072 ------w- c:\windows\system32\MpSigStub.exe
2011-11-25 12:45:26 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 13:37:27 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-11-15 19:03:47 136 ----a-w- c:\users\mira\appdata\roaming\srvblck2.tmp
2008-12-27 22:54:46 6320872 ----a-w- c:\program files\npsibelius.dll
.
============= FINISH: 22:11:20,34 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 28.06.2008 20:06:02
System Uptime: 06.02.2012 18:02:41 (4 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T8100 @ 2.10GHz | N/A | 2101/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 140 GiB total, 21,379 GiB free.
D: is Removable
E: is Removable
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
.
32 Bit HP CIO Components Installer
Abenteuer auf dem Reiterhof
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Flash Player ActiveX
Adobe Photoshop Elements 6.0
Adobe Reader 8.1.4 - Deutsch
Adobe Shockwave Player
Advent 1.6.0.2
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Magic-i Visual Effects
ATI Catalyst Install Manager
Atlantis - Sky Patrol (remove only)
Audacity 1.2.6
Audacity 1.3.13 (Unicode)
Auslogics Disk Defrag
AutoUpdate
Avira Free Antivirus
B010
Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter
Big Fish Games Center
Big Fish Games Sudoku (remove only)
Bonjour
Branding
Browser Address Error Redirector
BufferChm
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities Digital Photo Professional 3.4
Canon Utilities EOS Utility
Canon Utilities MyCamera
Canon Utilities Original Data Security Tools
Canon Utilities PhotoStitch
Canon Utilities Picture Style Editor
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities WFT-E1/E2/E3 Utility
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization Czech
Catalyst Control Center Localization Danish
Catalyst Control Center Localization Dutch
Catalyst Control Center Localization Finnish
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Greek
Catalyst Control Center Localization Hungarian
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Norwegian
Catalyst Control Center Localization Polish
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Russian
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Swedish
Catalyst Control Center Localization Thai
Catalyst Control Center Localization Turkish
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Click to Disc
Click to Disc Editor
D3DX10
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations
DeviceDiscovery
Die Sims 2
Diercke Globus Online
DivX Codec
DivX Converter
DivX Player
DivX Web Player
Dropbox
DVB-T USB 2.0
EOS USB WIA Driver
Facebook Video Calling 1.1.1.1
GearDrvs
GlasgowComaScale Trainer - Version 1.1
Google Desktop
Google Earth
Google Talk (remove only)
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
HDAUDIO SoftV92 Data Fax Modem with SmartCP
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Imaging Device Functions 14.0
HP Photosmart B010 All-In-One Driver Software 14.0 Rel. 7
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPPhotoGadget
HPProductAssistant
HPSSupply
Instant Mode
iTunes
iTunes Lyrics Importer
Java(TM) 6 Update 17
Java(TM) 6 Update 2
Junk Mail filter update
LAME v3.98.3 for Audacity
Lexmark X1100 Series
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Mahjong Towers Eternity EU (remove only)
Messenger Plus! Live
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft Application Error Reporting
Microsoft Default Manager
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010
Microsoft Office Excel MUI (German) 2010
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (German) 2010
Microsoft Office Outlook MUI (German) 2010
Microsoft Office PowerPoint MUI (German) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (German) 2010
Microsoft Office Publisher MUI (German) 2010
Microsoft Office Shared MUI (German) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (German) 2010
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Moorhuhn Kart 3
Mozilla Firefox 10.0 (x86 de)
MSN Toolbar
MSN Toolbar Platform
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Club VAIO
Mystery Case Files - Prime Suspects (remove only)
MyTube Recorder
Norton 360
Norton Security Scan
Norton Security Scan (Symantec Corporation)
OpenMG Limited Patch 4.7-07-15-19-01
OpenMG Secure Module 4.7.00
PaperPort Image Printer
Picasa 2
PS_AIO_07_B010_SW_Min
QuickTime
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
Realtek High Definition Audio Driver
Roxio Activation Module
Roxio Easy Media Creator Home
Safari
Scan
ScanSoft PaperPort 11
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553353) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Segoe UI
Setting Utility Series
Shop for HP Supplies
Sibelius Scorch Plugin
Skins
Skype™ 4.0
SmartWebPrinting
SolutionCenter
SonicStage Mastering Studio
SonicStage Mastering Studio Audio Filter
SonicStage Mastering Studio Plugins
Sony Video Shared Library
Spelling Dictionaries Support For Adobe Reader 8
Status
Synaptics Pointing Device Driver
Systemsteuerung "MobileMe"
TeamViewer 5
Toolbox
TrayApp
TweetDeck
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
VAIO Camera Capture Utility
VAIO Content Folder Setting
VAIO Content Metadata Intelligent Analyzing Manager
VAIO Content Metadata Manager Setting
VAIO Content Metadata XML Interface Library
VAIO Control Center
VAIO Data Restore Tool
VAIO DVD Menu Data Basic
VAIO Entertainment Platform
VAIO Event Service
VAIO Launcher
Vaio Marketing Tools
VAIO Media
VAIO Media 6.0
VAIO Media AC3 Decoder 1.0
VAIO Media Content Collection 6.0
VAIO Media Integrated Server 6.1
VAIO Media Redistribution 6.0
VAIO Media Registration Tool
VAIO Media Registration Tool 6.0
VAIO Movie Story
VAIO Movie Story Template Data
VAIO MusicBox
VAIO MusicBox Sample Music
VAIO Original Function Setting
VAIO Power Management
VAIO Update 3
VAIO Wallpaper Contents
Virtual Villagers (remove only)
VLC media player 0.9.8a
WebReg
WIDCOMM Bluetooth Software 6.1.0.2200
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinDVD for VAIO
Wireless Switch Setting Utility
XMedia Recode 3.0.4.9
.
==== End Of File ===========================

GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-02-06 22:56:07
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MK1637GSX rev.DL030G
Running: rn7wzg67.exe; Driver: C:\Users\Mira\AppData\Local\Temp\kxldypow.sys


---- System - GMER 1.0.15 ----

SSDT 88EF29EE ZwCreateSection
SSDT 88EF29F8 ZwRequestWaitReplyPort
SSDT 88EF29F3 ZwSetContextThread
SSDT 88EF29FD ZwSetSecurityObject
SSDT 88EF2A02 ZwSystemDebugControl
SSDT 88EF298F ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 215 820BD998 4 Bytes [EE, 29, EF, 88]
.text ntkrnlpa.exe!KeSetEvent + 539 820BDCBC 4 Bytes [F8, 29, EF, 88]
.text ntkrnlpa.exe!KeSetEvent + 56D 820BDCF0 4 Bytes [F3, 29, EF, 88]
.text ntkrnlpa.exe!KeSetEvent + 5D1 820BDD54 4 Bytes [FD, 29, EF, 88]
.text ntkrnlpa.exe!KeSetEvent + 619 820BDD9C 4 Bytes [02, 2A, EF, 88]
.text ...
? C:\Users\Mira\AppData\Local\Temp\mbr.sys Das System kann die angegebene Datei nicht finden. !

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001bfb57dbfa
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e3da0a054
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e3da0a054@001e4557b8ec 0xA9 0x5D 0x83 0x5F ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001bfb57dbfa (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001e3da0a054 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001e3da0a054@001e4557b8ec 0xA9 0x5D 0x83 0x5F ...
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex@LogName C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy83.gthr

---- EOF - GMER 1.0.15 ----


Mir sagt das alles jetzt garnichts... und das wäre total lieb, wenn ihr da mal drüber schauen könntet, ob das jetzt wohl in Ordnung ist, oder nicht.

Solange ich nicht mit dem Internet verbunden bin läuft soweit alles, ich traue mich halt nur nicht die Verbindung wieder einzuschalten, weil ich Angst habe, dass vll. irgentwelche Daten verloren gehen oder so.

Also, schon einmal Danke im Vorraus für eure Zeit
Mira

Alt 07.02.2012, 08:24   #2
kira
/// Helfer-Team
 
Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert - Standard

Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert



Hallo und Herzlich Willkommen!

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:
Zitat:
  • "Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
    - da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
    - also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
  • Charakteristische Merkmale/Profilinformationen:
    - aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
  • Die Systemprüfung und Bereinigung:
    - kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
  • Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
  • Innerhalb der Betreuungszeit:
    - ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
  • Die Reihenfolge:
    - genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
  • GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
  • Ansonsten unsere Forumsregeln:
    - Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?
  • Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen
► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Du hast deinen Rechner mit zwei Anti-Viren-Programmen generell `geschwächt`:
Zitat:
Avira + Norton
Wichtig:
Nur eine Firewall sowie ein Antiviren Programm verwenden, welche sich immer auf dem aktuellsten Stand befinden sollten!
Mehr AV Programme bedeutet nicht mehr Sicherheit!Die Scanner behindern sich gegenseitig (bei beiden den On-Access Scan aktiviert bzw laufen ständig im Hintergrund) und ein Systemcrash kann die Folge sein oder im schlechtesten fall, kannst Du über eine komplette Neuinstallation freuen! Deinstalliere also eines der AV-Programme und lass nur noch eins auf deinem PC laufen.
Zitat:
►Bevor du ein anderes Antivirenprogramm installierst solltest du auf jeden Fall das vorherige vollständig deinstallieren!
Je nachdem, wie Du Dich entscheidest:

► Removal Tool für Avira:-> http://www.avira.com/de/support-for-...etail/kbid/135
► für Norton:-> Das Norton-Entfernungsprogramm verwendet?:-> http://service1.symantec.com/support...50412095959924

2.
Messenger Plus! Live:
Zur Kategorie des Unsicheren gehört! Hast Du während der Installation der von Programm "zusätzlich" angebotenen Software abgewählt (etwa wie Sponsorprogramm etc)? Nämlich da neben der eigentlichen Software auch Adware -Programm wird (mit)installiert
Wenn du unbedingt möchtest (nicht empfohlen, da es absolut nicht nötig ist und dein MSN davon nicht betroffen), kannst du nochmal installieren, aber alles genau durchlesen, und Partnerprogrammen, Sponsoren etc möglichst abwählen![/b][/size][/quote]
Immer die benutzerdefinierte Installation wählen, nicht die Standardinstallation, weil dann oft Sachen mitinstalliert werden, die man nicht braucht oder nicht möchte.
es ist besser ein Spy- und Adware freies Messenger Tool einzusetzen - wie Trillian,kann man in der Basisversion von Trillian die Instant Messenger ICQ, AIM, Yahoo! Messenger, Windows Live Messenger (MSN) und IRC vereinen) oder Miranda ),kannst du nochmal installieren,aber alles genau durchlesen, und Partnerprogrammen,Sponsoren etc musst du abwählen!

3.
Systemscan mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop.
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.


  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

4.
Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool CCleaner herunter
Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ Sprache → Deutsch auswählen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:
Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]
gruß
kira
__________________

__________________

Alt 07.02.2012, 19:53   #3
Mira C
 
Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert - Standard

Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert



Hallo Kira,
danke für die schnelle Antwort.

Zu 1. Ich habe jetzt Norton gelöscht,das hat auch alles funktioniert.

Zu 2. Ich verstehe aber leider nicht so richtig, wie du das mit dem Messenger Plus meinst. Soll ich da irgentetwas löschen? Und wenn ja, wo finde ich das?

Zu 3. und 4. Die Dateien waren zu groß für den Post, ich hoffe das klappt jetzt gleich, dass in den Anhang zu packen

Ich hoffe das hilft
Mira
__________________

Alt 08.02.2012, 06:52   #4
kira
/// Helfer-Team
 
Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert - Standard

Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert



Zitat:
Zitat von Mira C Beitrag anzeigen

Zu 2. Ich verstehe aber leider nicht so richtig, wie du das mit dem Messenger Plus meinst. Soll ich da irgentetwas löschen? Und wenn ja, wo finde ich das?
Zitat:
Hinweis: Während der Installation haben Sie die Möglichkeit, zusätzliche Software mitzuinstallieren. Wir empfehlen jedoch, diese Option abzuwählen.
ob Du das abgewählt hast? am besten deinstallieren, wenn willst erneut installieren...mitlesen und angebotene Toolbar abklicken (Häckhen raus)

1.
Zitat:
Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
ATTFilter
:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/"
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=IEFM1&q="
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\Firefox [2011.10.02 14:55:48 | 000,000,000 | ---D | M]
[2010.09.07 11:23:00 | 000,000,000 | ---D | M] (FaceMod Dislike Button) -- C:\Users\Mira\AppData\Roaming\mozilla\Firefox\Profiles\8g1enzv1.default\extensions\{64e8cc5b-20db-4212-8320-178fc5ae71f7}
[2010.01.17 22:36:13 | 000,002,163 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8g1enzv1.default\searchplugins\bing.xml
[2011.11.01 19:09:41 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.11.01 19:09:41 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O4 - HKLM..\Run: []  File not found
O4 - HKCU..\Run: [Firefox helper] C:\Users\Mira\AppData\Local\Mozilla\Firefox\firefox.exe ()
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a6ec6999-aab4-11de-9f08-001a80cba950}\Shell - "" = AutoRun
O33 - MountPoints2\{a6ec6999-aab4-11de-9f08-001a80cba950}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
[2012.02.07 18:45:58 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.06 23:06:10 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.06 21:25:11 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-207717692-835911922-92235203-1000UA.job
[2012.02.06 21:25:04 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-207717692-835911922-92235203-1000Core.job
[2011.11.15 20:03:59 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\5040
[2010.08.17 13:04:24 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\LimeWire

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A616C522-F715-47B8-9902-7D09843CEF69}" =-
"{E53A8D84-BEF1-4102-B5ED-418A0728B632}" =-

:Commands
[purity]
[emptytemp]
         
  • und füge es hier ein:
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Klick auf .
  • OTL verlangt einen Neustart. Bitte zulassen.
  • Nach dem Neustart findest Du ein Textdokument.
    Kopiere den Inhalt hier in Deinen Thread.

2.
ALTE VERSION!!!:
Code:
ATTFilter
Logfile of HijackThis 2.0.2 
         
Die neue Version gibt es hier:
also lösche/deinstalliere HijackThis "2.0.2." und lade Dir erneut von hier TrendMicro™ HijackThis™/Version 2.0.4 herunter

3.
Norton Security Scan
Zwar handelt es sich nicht um eine vollwertige Antiviren-Lösung ("Es treten keine Konflikte mit anderer installierter Sicherheitssoftware auf."), aber Jeder laufende Anwendung belastet das System und kostet Performance bzw kann zu einer erheblichen Systembelastung führen. Außerdem ich halte diese "Zusatzschutz" für den Browser für vollkommen überflüssig

4.
Code:
ATTFilter
LimeWire
         
die Nutzung der von Filesharing (Filesharing (deutsch "Dateifreigabe" oder "gemeinsamer Dateizugriff", wörtlich "Dateien teilen") )- Plattformen ...
Zitat:
Internet-Tauschbörsen gehören leider zu den unseriösesten Anbietern, und dort werden sehr viele Schädlinge verbreitet, hierbei sollte deshalb, wenn überhaupt, nur ganz besonders vorsichtig umgegangen werden ! Laut Studien sind bei den Tauschbörsen bei 45% der zum Download angebotenen Dateien, Viren oder Würmer und sonstige Schädlinge enthalten!
Hinzu kommt noch, dass die meisten Downloads von diesen Tauschbörsen eh illegal sind, und damit die Nutzer verleitet werden, „Straftaten“ zu begehen!
Selbst wenn du glaubst, dass Du ein „sicheres“ P2P Programm verwendest, nicht mal das Programm selbst sicher, da Du wirst Daten von "uncertified Quellen" teilen, und diese werden häufig angesteckt...
Ausserdem nicht nur trojanische Pferde oder andere Virentypen eine direkt Verbindung brauchen, sondern der Verwendung von µtorrent & Co, "telefonieren auch nach Hause", wenn auch noch keine Beweise vorliegen (zumindest teilweise nicht) und solchen Clients erlaubt, würde ich nicht empfehlen!
Solange du solche Programme auf dein PC hast, wirst Du Dich laufend mit etwas Problematik konfrontieren müssen!

5.
Deine Javaversion ist nicht aktuell!
Da aufgrund alter Sicherheitslücken ist Java sehr anfällig, deinstalliere zunächst alle vorhandenen Java-Versionen:
→ Systemsteuerung → Software → deinstallieren...
→ Rechner neu aufstarten
→ Downloade nun die Offline-Version von Java Version 6 Update 30 von Oracle herunter
Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)!

6.
Adobe Reader aktualisieren :
- Bei Installation aufpassen/mitlesen!: Wenn irgendeine Software, Toolbar etc angeboten wird, bitte abwählen! - (z.B "McAfee Security Scan Plus")
Adobe Reader
Oder: Adobe starten-> gehe auf "Hilfe"-> "Nach Update suchen..."

7.
reinige dein System mit CCleaner:
  • "Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

8.
  • lade Dir SUPERAntiSpyware FREE Edition herunter.
  • installiere das Programm und update online.
  • starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
  • setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
  • anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
  • auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
  • um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
  • drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

9.
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

10.
-> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch
Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<<

11.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Geändert von kira (08.02.2012 um 07:19 Uhr)

Alt 08.02.2012, 16:17   #5
Mira C
 
Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert - Standard

Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert



Hallo Kira,
Das klingt ziemlich zeitaufwendig... Ich schreibe am Freitag eine wichtige Klausur und da ich meinen Laptop nicht unbedingt sofort brauche, werde ich erst nach der Klausur Zeit dafür finden. Dann schreibe ich aber wieder, was dabei rausgekommen ist.
Also, ich hoffe ich bekomme dann ab Freitag wieder deine Hilfe
Liebe Grüße
Mira


Alt 08.02.2012, 18:27   #6
kira
/// Helfer-Team
 
Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert - Standard

Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert



Zitat:
Zitat von Mira C Beitrag anzeigen
... Ich schreibe am Freitag eine wichtige Klausur
Also, ich hoffe ich bekomme dann ab Freitag wieder deine Hilfe
Ich drücke Dir die Daumen!..und natürlich bin ich weiterhin da für dich
__________________
--> Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert

Alt 11.02.2012, 10:01   #7
Mira C
 
Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert - Standard

Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert



Hallo Kira,
So, ich glaube ich habe das jetzt alles gemacht und das hat auch soweit alles funktioniert.

Bis auf die Tatsache, dass ich eigentlich dachte ich hätte limewire längst deinstalliert und gelöscht. Ich habe das auch nirgens in meinem Camputer gefunden... Also, ich habe noch einen Ordner, der so heißt, aber das sollte doch eigentlich egal sein, oder? Also, da konnte ich jedenfalls nichts löschen, weil ich das nicht gefunden habe.

Bei dem Anitspyware programm bin ich mir auch nicht 100% sicher, ob ich das alles richtig gemacht habe, weil das Programm ein bisschen anders aufgebaut war und ich die angewiesenen Knöpfe nicht gefunden habe...

Naja, hier sind die Logfiles, die so ausgespuckt wurden:
OTL:
Code:
ATTFilter
All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
Prefs.js: "Bing" removed from browser.search.defaultenginename
Prefs.js: "hxxp://www.bing.com/search?FORM=IEFM1&q=" removed from browser.search.defaulturl
Prefs.js: "hxxp://www.facebook.com/" removed from browser.startup.homepage
Prefs.js: "hxxp://www.bing.com/search?FORM=IEFM1&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll not found.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\Firefox not found.
C:\Users\Mira\AppData\Roaming\mozilla\Firefox\Profiles\8g1enzv1.default\extensions\{64e8cc5b-20db-4212-8320-178fc5ae71f7}\defaults\preferences folder moved successfully.
C:\Users\Mira\AppData\Roaming\mozilla\Firefox\Profiles\8g1enzv1.default\extensions\{64e8cc5b-20db-4212-8320-178fc5ae71f7}\defaults folder moved successfully.
C:\Users\Mira\AppData\Roaming\mozilla\Firefox\Profiles\8g1enzv1.default\extensions\{64e8cc5b-20db-4212-8320-178fc5ae71f7}\content folder moved successfully.
C:\Users\Mira\AppData\Roaming\mozilla\Firefox\Profiles\8g1enzv1.default\extensions\{64e8cc5b-20db-4212-8320-178fc5ae71f7} folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8g1enzv1.default\searchplugins\bing.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\bing.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Firefox helper deleted successfully.
C:\Users\Mira\AppData\Local\Mozilla\Firefox\firefox.exe moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a6ec6999-aab4-11de-9f08-001a80cba950}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a6ec6999-aab4-11de-9f08-001a80cba950}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a6ec6999-aab4-11de-9f08-001a80cba950}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a6ec6999-aab4-11de-9f08-001a80cba950}\ not found.
File H:\LaunchU3.exe -a not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-207717692-835911922-92235203-1000UA.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-207717692-835911922-92235203-1000Core.job moved successfully.
C:\Users\Mira\AppData\Roaming\5040\components folder moved successfully.
C:\Users\Mira\AppData\Roaming\5040 folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\xml\data folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\xml folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\promotion folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\mozilla-profile\updates\0 folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\mozilla-profile\updates folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\mozilla-profile\extensions folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\mozilla-profile\Cache folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\mozilla-profile folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\certificate folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser\xulrunner\res\html folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser\xulrunner\res\fonts folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser\xulrunner\res\entityTables folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser\xulrunner\res\dtd folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser\xulrunner\res folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser\xulrunner\plugins folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser\xulrunner\modules folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser\xulrunner\greprefs folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser\xulrunner\dictionaries folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\US\chrome folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\US folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\chrome folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser\xulrunner\defaults\pref folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser\xulrunner\defaults\autoconfig folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser\xulrunner\defaults folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser\xulrunner\components folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser\xulrunner\chrome folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser\xulrunner folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\browser folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire\.AppSpecialShare folder moved successfully.
C:\Users\Mira\AppData\Roaming\LimeWire folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A616C522-F715-47B8-9902-7D09843CEF69} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A616C522-F715-47B8-9902-7D09843CEF69}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E53A8D84-BEF1-4102-B5ED-418A0728B632} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E53A8D84-BEF1-4102-B5ED-418A0728B632}\ not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 42450 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56702 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Mira
->Temp folder emptied: 557382305 bytes
->Temporary Internet Files folder emptied: 101421073 bytes
->Java cache emptied: 1528532 bytes
->FireFox cache emptied: 52424691 bytes
->Apple Safari cache emptied: 20319232 bytes
->Flash cache emptied: 177282 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1921927101 bytes
RecycleBin emptied: 7037720 bytes
 
Total Files Cleaned = 2.539,00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 02102012_203458

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
         
Anitspyware:
Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 02/10/2012 at 11:12 PM

Application Version : 5.0.1144

Core Rules Database Version : 8228
Trace Rules Database Version: 6040

Scan type       : Complete Scan
Total Scan Time : 01:28:51

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned      : 839
Memory threats detected   : 0
Registry items scanned    : 36236
Registry threats detected : 0
File items scanned        : 50718
File threats detected     : 3

Adware.Zwangi
	C:\BIG FISH GAMES\UNINSTALL.EXE

Trojan.Agent/Gen-SoftonicDownloader
	C:\USERS\MIRA\DOWNLOADS\SOFTONICDOWNLOADER_FUER_DER-EINRICHTUNGSPLANER.EXE

Trojan.Agent/Gen-Ransom
	C:\_OTL\MOVEDFILES\02102012_203458\C_USERS\MIRA\APPDATA\LOCAL\MOZILLA\FIREFOX\FIREFOX.EXE
         
Da er mir eben gesagt hat, der Post sei zu lang, kommen die OTL Ergebnisse aus dem 2ten scan jetzt in den Anhang.
...die OTL.txt datei ist zu groß für den Anhang... ich versuch das jetzt in einer zweiten Antwort noch mal alleine.


Eigentlich läuft er jetzt auch wieder ganz normal. Dieser Post kommt jetzt von meinem Laptop, heißt, das Internet ist an, und es öffnen sich keine komischen Fenster, die das nicht sollten.
Ich würde also sagen, alles wieder gut.

Was meinst du?
Angehängte Dateien
Dateityp: txt Extras2.Txt (68,8 KB, 170x aufgerufen)

Alt 11.02.2012, 10:03   #8
Mira C
 
Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert - Standard

Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert



Code:
ATTFilter
OTL logfile created on: 11.02.2012 09:34:11 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Mira\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 58,73% Memory free
4,23 Gb Paging File | 3,01 Gb Available in Paging File | 71,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,63 Gb Total Space | 26,04 Gb Free Space | 18,65% Space Free | Partition Type: NTFS
 
Computer Name: MIRA-PC | User Name: Mira | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.07 18:30:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Mira\Desktop\OTL.exe
PRC - [2012.02.06 13:53:30 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.01.20 19:16:56 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011.10.11 14:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SASCore.exe
PRC - [2010.10.19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2010.09.21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.09.21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2010.05.14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010.02.03 15:37:57 | 000,154,112 | ---- | M] () -- C:\Programme\ImagonShared\DierckeBrowserInterface.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.02.19 08:12:18 | 000,537,256 | ---- | M] ( ) -- C:\Windows\System32\lxbkcoms.exe
PRC - [2008.01.19 08:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2008.01.19 08:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.19 08:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.10.31 13:13:44 | 000,921,600 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Power Management\SPMgr.exe
PRC - [2007.10.31 09:40:08 | 000,125,440 | ---- | M] (ArcSoft, Inc.) -- C:\Programme\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
PRC - [2007.09.28 21:11:44 | 000,292,128 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2007.09.11 08:45:04 | 000,124,832 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007.08.28 16:27:12 | 000,131,072 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2007.08.28 16:27:10 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2007.08.14 20:05:18 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe
PRC - [2007.08.14 20:05:18 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2007.06.28 08:52:48 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2007.06.15 12:45:20 | 000,469,112 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2007.05.31 09:32:14 | 000,551,032 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.02.11 09:18:44 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012.02.11 09:18:44 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012.02.10 21:38:36 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012.02.10 21:38:36 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2012.02.06 13:53:29 | 001,911,768 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.01.11 21:20:52 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\fecd1103dd16dc1192402770caf56575\System.Web.ni.dll
MOD - [2012.01.11 21:20:43 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\311bc26c3ed83409589eb6bae0eeb86e\System.Runtime.Remoting.ni.dll
MOD - [2011.11.25 13:45:26 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011.10.20 17:34:44 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll
MOD - [2011.10.20 17:32:51 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2011.10.20 16:50:25 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011.10.20 16:49:58 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2011.10.20 16:49:47 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2011.10.20 16:48:01 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011.10.20 16:47:43 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.02.03 15:37:57 | 000,154,112 | ---- | M] () -- C:\Programme\ImagonShared\DierckeBrowserInterface.exe
MOD - [2009.03.30 05:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.01.02 12:51:17 | 001,675,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2783.40072__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008.01.02 12:51:17 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2783.40300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2008.01.02 12:51:17 | 000,237,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2783.40029__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008.01.02 12:51:17 | 000,184,320 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2783.40085__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008.01.02 12:51:17 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2783.40293__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008.01.02 12:51:17 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2783.40250__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008.01.02 12:51:17 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2783.40064__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008.01.02 12:51:17 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2783.40085__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll
MOD - [2008.01.02 12:51:17 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2783.40186__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008.01.02 12:51:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2783.40049__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008.01.02 12:51:16 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2783.40327__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008.01.02 12:50:55 | 000,331,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2783.40258__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:55 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2783.40334__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:55 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2783.40265__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008.01.02 12:50:55 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2783.40043__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:55 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2783.40257__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008.01.02 12:50:54 | 000,897,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2783.40294__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:54 | 000,790,528 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2783.40195__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:54 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2783.40098__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:54 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2783.40187__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:54 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2783.40050__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:54 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2783.40278__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008.01.02 12:50:54 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2783.40237__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:54 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2783.40105__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2008.01.02 12:50:54 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2783.40092__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:54 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2783.40217__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:54 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2783.40194__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008.01.02 12:50:54 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2783.40186__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008.01.02 12:50:54 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2783.40104__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2008.01.02 12:50:54 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2783.40194__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008.01.02 12:50:54 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2783.40216__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2008.01.02 12:50:54 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2783.40237__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008.01.02 12:50:53 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2729.30178__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008.01.02 12:50:53 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2729.30199__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008.01.02 12:50:53 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2729.30264__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2729.30174__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008.01.02 12:50:53 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2729.30313__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008.01.02 12:50:53 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2729.30184__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008.01.02 12:50:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2729.30259__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008.01.02 12:50:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2729.30211__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2729.30199__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2729.30185__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2729.30202__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2729.30197__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2729.30207__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2729.30242__90ba9c70f846762e\DEM.OS.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2729.30256__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2729.30203__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2729.30216__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2729.30241__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2729.30224__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2729.30212__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2729.30222__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008.01.02 12:50:52 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2729.30231__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2729.30219__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2729.30226__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2729.30231__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2729.30227__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2729.30225__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2729.30230__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2729.30213__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2729.30219__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2729.30259__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2729.30228__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2729.30212__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2729.30216__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2729.30208__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008.01.02 12:50:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2729.30201__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008.01.02 12:50:51 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2729.30176__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008.01.02 12:50:51 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008.01.02 12:50:46 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2783.40305_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2008.01.02 12:50:45 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2783.40037__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008.01.02 12:50:45 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2783.40058__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008.01.02 12:50:45 | 000,446,464 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2783.40305__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2008.01.02 12:50:45 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2783.40314__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008.01.02 12:50:45 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2783.40021__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008.01.02 12:50:45 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2783.40312__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008.01.02 12:50:45 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2729.30193__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008.01.02 12:50:45 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2729.30209__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008.01.02 12:50:45 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2729.30205__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008.01.02 12:50:45 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2783.40357__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008.01.02 12:50:45 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2729.30188__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008.01.02 12:50:45 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2729.30258__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008.01.02 12:50:45 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2729.30211__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008.01.02 12:50:45 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2729.30214__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008.01.02 12:50:45 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2729.30243__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008.01.02 12:50:45 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2783.40019__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2008.01.02 12:50:44 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2783.40022__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008.01.02 12:50:44 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2783.40021__90ba9c70f846762e\APM.Server.dll
MOD - [2008.01.02 12:50:44 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2783.40020__90ba9c70f846762e\AEM.Server.dll
MOD - [2008.01.02 12:50:44 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2783.40313__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008.01.02 12:50:44 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2007.10.19 01:22:14 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2007.01.19 17:23:44 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2010.10.19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2008.09.14 21:55:07 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.02.19 08:12:18 | 000,537,256 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxbkcoms.exe -- (lxbk_device)
SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.10.31 09:40:08 | 000,125,440 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Programme\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007.09.28 21:11:44 | 000,292,128 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2007.09.20 18:52:32 | 000,079,136 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2007.09.11 08:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007.08.28 16:27:12 | 000,131,072 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2007.08.28 16:27:10 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2007.08.14 20:05:18 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007.06.28 08:53:04 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2007.06.28 08:52:48 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2007.06.20 15:35:06 | 002,523,136 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2007.06.20 15:34:52 | 000,499,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2007.06.20 15:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP) VAIO Media Content Collection (UPnP)
SRV - [2007.06.20 15:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2007.06.20 15:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP) VAIO Media Content Collection (HTTP)
SRV - [2007.06.20 15:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2007.01.10 16:51:06 | 000,745,472 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006.12.14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006.12.14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006.12.14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.12.09 19:31:51 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.01.19 07:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007.11.16 01:29:22 | 000,818,688 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007.10.29 19:30:30 | 000,017,920 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2007.10.19 01:22:07 | 002,930,176 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007.10.17 01:01:59 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2007.10.17 01:01:59 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2007.10.16 04:57:24 | 000,743,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007.09.19 13:38:18 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007.09.19 04:29:09 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007.09.05 01:02:46 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.09.05 01:02:11 | 000,084,480 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007.08.29 02:58:45 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2007.05.26 09:03:06 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2006.11.02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2005.06.29 10:21:24 | 000,019,328 | ---- | M] (WideView Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DTV_Loader_2X1.sys -- (DTV_Loader_2X1)
DRV - [2005.06.22 12:55:30 | 000,018,432 | ---- | M] (Computer & Entertainment, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DTV_Capture_2X0.sys -- (DTV_Capture_2X0)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 13 B4 03 F0 85 64 CB 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4
FF - prefs.js..extensions.enabledItems: {64e8cc5b-20db-4212-8320-178fc5ae71f7}:1.5
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=4.0: C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Mira\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.10.02 14:54:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\Firefox [2011.10.02 14:55:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011.10.20 16:30:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Mira\AppData\Roaming\5040
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.06 13:53:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.10 21:13:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.10.02 14:54:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Mira\AppData\Roaming\5040
 
[2009.05.29 02:25:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mira\AppData\Roaming\mozilla\Extensions
[2009.05.29 02:25:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mira\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2012.02.10 20:35:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mira\AppData\Roaming\mozilla\Firefox\Profiles\8g1enzv1.default\extensions
[2010.09.12 09:54:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mira\AppData\Roaming\mozilla\Firefox\Profiles\8g1enzv1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.01.03 15:10:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Mira\AppData\Roaming\mozilla\Firefox\Profiles\8g1enzv1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.02.10 21:10:08 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.02.10 21:10:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\MIRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8G1ENZV1.DEFAULT\EXTENSIONS\ICH@MALTEGOETZ.DE.XPI
[2012.02.06 13:53:30 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.10 21:09:47 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.11.01 19:09:41 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.11.01 19:09:41 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.01 19:09:41 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.01 19:09:41 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google BAE\BAE.dll (Your Company Name)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Programme\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1DA162A9-CE9B-4C64-94AB-2A788B2C4B85}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50873441-281D-4665-A974-5576DD868D02}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) -C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Mira\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Mira\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.10 21:37:37 | 000,000,000 | ---D | C] -- C:\Users\Mira\AppData\Roaming\SUPERAntiSpyware.com
[2012.02.10 21:35:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.02.10 21:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.02.10 21:35:19 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.02.10 21:10:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.02.10 21:10:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.02.10 21:10:05 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012.02.10 21:10:05 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.02.10 21:10:05 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.02.10 21:10:05 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.02.10 20:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012.02.10 20:57:09 | 000,000,000 | ---D | C] -- C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012.02.10 20:34:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.02.07 19:01:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.02.07 19:01:22 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.02.07 18:49:11 | 003,587,688 | ---- | C] (Piriform Ltd) -- C:\Users\Mira\Desktop\ccsetup315.exe
[2012.02.07 18:49:06 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Mira\Desktop\OTL.exe
[2012.02.06 22:08:45 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Mira\Desktop\dds.com
[2012.02.02 22:59:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.02.02 22:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.02.02 22:57:35 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.01.17 22:16:58 | 000,000,000 | ---D | C] -- C:\Users\Mira\Documents\proxtube_gesperrte_youtube_videos_schauen-1.3.4-fx
[2011.05.31 08:14:39 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbkserv.dll
[2011.05.31 08:14:39 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxbkusb1.dll
[2011.05.31 08:14:39 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbkpmui.dll
[2011.05.31 08:14:39 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbklmpm.dll
[2011.05.31 08:14:39 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbkinpa.dll
[2011.05.31 08:14:39 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbkiesc.dll
[2011.05.31 08:14:39 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXBKhcp.dll
[2011.05.31 08:14:39 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbkprox.dll
[2011.05.31 08:14:39 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbkpplc.dll
[2011.05.31 08:14:38 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbkhbn3.dll
[2011.05.31 08:14:38 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbkcomc.dll
[2011.05.31 08:14:38 | 000,537,256 | ---- | C] ( ) -- C:\Windows\System32\lxbkcoms.exe
[2011.05.31 08:14:38 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbkcomm.dll
[2011.05.31 08:14:38 | 000,385,704 | ---- | C] ( ) -- C:\Windows\System32\lxbkih.exe
[2011.05.31 08:14:37 | 000,381,608 | ---- | C] ( ) -- C:\Windows\System32\lxbkcfg.exe
[1 C:\Users\Mira\AppData\Roaming\*.tmp files -> C:\Users\Mira\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.11 09:15:10 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.11 09:15:10 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.11 09:15:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.11 09:14:56 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.11 00:00:20 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.02.10 21:35:37 | 000,001,800 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.02.10 21:29:23 | 000,140,824 | ---- | M] () -- C:\Users\Mira\Documents\cc_20120210_212853.reg
[2012.02.10 21:09:46 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012.02.10 21:09:46 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.02.10 21:09:46 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.02.10 21:09:46 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.02.10 20:57:09 | 000,001,946 | ---- | M] () -- C:\Users\Mira\Desktop\HiJackThis.lnk
[2012.02.07 19:01:23 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.02.07 18:43:22 | 000,637,080 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.07 18:43:22 | 000,603,042 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.07 18:43:22 | 000,129,814 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.07 18:43:22 | 000,106,858 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.07 18:31:08 | 003,587,688 | ---- | M] (Piriform Ltd) -- C:\Users\Mira\Desktop\ccsetup315.exe
[2012.02.07 18:30:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Mira\Desktop\OTL.exe
[2012.02.07 18:29:56 | 000,928,216 | ---- | M] () -- C:\Users\Mira\Desktop\Norton_Removal_Tool.exe
[2012.02.06 22:18:24 | 000,302,592 | ---- | M] () -- C:\Users\Mira\Desktop\rn7wzg67.exe
[2012.02.06 22:07:34 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Mira\Desktop\dds.com
[2012.02.06 22:05:48 | 000,000,000 | ---- | M] () -- C:\Users\Mira\defogger_reenable
[2012.02.06 22:00:24 | 000,050,477 | ---- | M] () -- C:\Users\Mira\Desktop\Defogger.exe
[2012.02.06 15:01:46 | 000,075,214 | ---- | M] () -- C:\Users\Mira\Desktop\vondirueberdichneben.pdf
[2012.02.02 22:59:07 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.01.29 05:10:42 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[1 C:\Users\Mira\AppData\Roaming\*.tmp files -> C:\Users\Mira\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.02.10 21:35:37 | 000,001,800 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.02.10 21:28:59 | 000,140,824 | ---- | C] () -- C:\Users\Mira\Documents\cc_20120210_212853.reg
[2012.02.10 20:57:09 | 000,001,946 | ---- | C] () -- C:\Users\Mira\Desktop\HiJackThis.lnk
[2012.02.07 19:01:23 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.02.07 18:49:01 | 000,928,216 | ---- | C] () -- C:\Users\Mira\Desktop\Norton_Removal_Tool.exe
[2012.02.06 22:19:25 | 000,302,592 | ---- | C] () -- C:\Users\Mira\Desktop\rn7wzg67.exe
[2012.02.06 22:05:48 | 000,000,000 | ---- | C] () -- C:\Users\Mira\defogger_reenable
[2012.02.06 22:04:59 | 000,050,477 | ---- | C] () -- C:\Users\Mira\Desktop\Defogger.exe
[2012.02.06 18:02:56 | 2145,837,056 | -HS- | C] () -- C:\hiberfil.sys
[2012.02.06 15:01:45 | 000,075,214 | ---- | C] () -- C:\Users\Mira\Desktop\vondirueberdichneben.pdf
[2012.02.02 22:59:07 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.11.15 20:03:48 | 000,000,090 | ---- | C] () -- C:\Users\Mira\AppData\Roaming\blckdom.res
[2011.11.09 22:55:01 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011.10.02 14:41:22 | 000,192,754 | ---- | C] () -- C:\Windows\hpoins51.dat
[2011.09.08 22:40:01 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.09.08 21:58:03 | 000,031,864 | ---- | C] () -- C:\Windows\maxlink.ini
[2011.05.31 08:24:08 | 000,000,249 | ---- | C] () -- C:\Windows\Lexstat.ini
[2011.05.31 08:14:40 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXBKinst.dll
[2011.05.31 08:14:39 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxbkutil.dll
[2011.05.23 14:53:29 | 000,946,550 | ---- | C] () -- C:\Windows\Diercke Globus Online Uninstaller.exe
[2010.05.28 05:42:01 | 000,000,572 | ---- | C] () -- C:\Windows\hpomdl51.dat
[2010.05.07 05:55:41 | 000,000,000 | ---- | C] () -- C:\Windows\WinInit.ini
[2009.08.18 23:15:30 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.08.18 23:15:29 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.04.04 20:30:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.02.26 01:41:54 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.12.27 23:54:54 | 006,320,872 | ---- | C] () -- C:\Program Files\npsibelius.dll
[2008.09.14 21:50:01 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008.08.22 08:33:31 | 000,091,497 | ---- | C] () -- C:\Windows\hpiins01.dat.temp
[2008.08.22 08:33:31 | 000,000,000 | ---- | C] () -- C:\Windows\hpimdl01.dat.temp
[2008.08.22 08:27:54 | 000,091,497 | ---- | C] () -- C:\Windows\hpiins01.dat
[2008.08.22 08:27:54 | 000,000,000 | ---- | C] () -- C:\Windows\hpimdl01.dat
[2008.07.23 17:50:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.07.23 17:46:38 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008.06.29 15:14:30 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.06.28 22:04:59 | 000,089,088 | ---- | C] () -- C:\Users\Mira\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.06.28 22:04:59 | 000,001,356 | ---- | C] () -- C:\Users\Mira\AppData\Local\d3d9caps.dat
[2008.01.02 13:01:58 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2008.01.02 12:41:00 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2008.01.02 12:39:57 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll
[2007.11.27 00:10:31 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007.11.27 00:10:31 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.11.27 00:10:31 | 000,144,773 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007.11.26 16:32:07 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007.11.26 15:25:25 | 000,000,032 | ---- | C] () -- C:\Windows\System32\elcric.dat
[2007.11.26 06:44:22 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007.10.30 10:44:52 | 000,393,216 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007.04.16 03:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin
[2007.02.07 16:57:50 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2007.01.22 07:49:34 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxbkcoin.dll
[2006.11.02 16:33:31 | 000,637,080 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 16:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 16:33:31 | 000,129,814 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 16:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,395,344 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,603,042 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,106,858 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.10.05 11:19:32 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbkvs.dll
[2005.09.13 15:27:10 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxbkcnv5.dll
[2005.09.13 15:27:10 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxbkcnv4.dll
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== LOP Check ==========
 
[2011.06.20 12:33:40 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Audacity
[2010.07.28 11:10:34 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Auslogics
[2009.08.18 19:04:58 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Canon
[2011.05.23 15:31:06 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Diercke Globus Online
[2009.09.26 16:54:12 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Dropbox
[2008.07.16 19:18:18 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Engelmann Media
[2009.05.18 02:45:46 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\InterVideo
[2011.11.15 20:03:39 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\kock
[2010.09.21 21:49:10 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\TeamViewer
[2010.08.15 21:05:25 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2011.09.09 00:15:05 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Windows Live Writer
[2010.12.08 14:29:13 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\XMedia Recode
[2011.11.15 20:03:41 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\xmldm
[2012.02.11 00:00:20 | 000,032,558 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
so, da ist die OTL datei

Alt 12.02.2012, 11:52   #9
kira
/// Helfer-Team
 
Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert - Standard

Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert



1.
Zitat:
Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
ATTFilter
:OTL
[2011.11.15 20:03:39 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\kock
[2011.11.15 20:03:41 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\xmldm

:Commands
[purity]
[emptytemp]
         
  • und füge es hier ein:
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Klick auf .
  • OTL verlangt einen Neustart. Bitte zulassen.
  • Nach dem Neustart findest Du ein Textdokument.
    Kopiere den Inhalt hier in Deinen Thread.

Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

2.
läuft unter XP, Vista mit (32Bit) und Windows 7 (32Bit)
Achtung!:
WENN GMER NICHT AUSGEFÜHRT WERDEN KANN ODER PROBMLEME VERURSACHT, fahre mit dem nächsten Punkt fort!- Es ist NICHT sinnvoll einen zweiten Versuch zu starten!
Um einen tieferen Einblick in dein System, um eine mögliche Infektion mit einem Rootkit/Info v.wikipedia.org) aufzuspüren, werden wir ein Tool - Gmer - einsetzen :
  • - also lade Dir Gmer herunter und entpacke es auf deinen Desktop
    - starte gmer.exe
    - [b]schließe alle Programme, ausserdem Antiviren und andere Schutzprogramme usw müssen deaktiviert sein, keine Verbindung zum Internet, WLAN auch trennen)
    - bitte nichts am Pc machen während der Scan läuft!
    - klicke auf "Scan", um das Tool zu starten
    - wenn der Scan fertig ist klicke auf "Copy" (das Log wird automatisch in die Zwischenablage kopiert) und mit STRG + V musst Du gleich da einfügen
    - mit "Ok" wird GMER beendet.
    - das Log aus der Zwischenablage hier in Deinem Thread vollständig hineinkopieren

** keine Verbindung zu einem Netzwerk und Internet - WLAN nicht vergessen
Wenn der Scan beendet ist, bitte alle Programme und Tools wieder aktivieren!
Anleitung:-> GMER - Rootkit Scanner

3.
Kontrolle mit MBR -t, ob Master Boot Record in Ordnung ist (MBR-Rootkit)

Mit dem folgenden Tool prüfen wir, ob sich etwas Schädliches im Master Boot Record eingenistet hat.
  • Downloade die MBR.exe von Gmer und
    kopiere die Datei mbr.exe in den Ordner C:\Windows\system32.
    Falls Du den Ordner nicht sehen kannst, diese Einstellungen in den Ordneroptionen vornehmen.
  • Start => ausführen => cmd (da reinschreiben) => OK
    es öffnet sich eine Eingabeaufforderung.

    Vista- und Windows 7-User: Start => Alle Programme => Zubehör => Rechtsklick auf Eingabeaufforderung und wähle Als Administrator ausführen.
  • Nach dem Prompt (>_) folgenden

    aus der Codebox manuell eingeben oder alternativ den mit STRG + C ins Clipboard kopieren und einfügen.
    Einfügen in der Eingabeaufforderung: in der Titelleiste einen Rechtsklick machen => Bearbeiten => einfügen.

    Code:
    ATTFilter
    mbr.exe -t > C:\mbr.log & C:\mbr.log
             
    (Enter drücken)
  • Nach kurzer Zeit wird sich Dein Editor öffnen und die Datei C:\mbr.log beinhalten.
    Bitte kopiere den Inhalt hier in Deinen Thread.

4.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 15.02.2012, 15:38   #10
Mira C
 
Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert - Standard

Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert



Sooo...
OTL sagt:
Code:
ATTFilter
All processes killed
========== OTL ==========
C:\Users\Mira\AppData\Roaming\kock folder moved successfully.
C:\Users\Mira\AppData\Roaming\xmldm folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Mira
->Temp folder emptied: 1714118 bytes
->Temporary Internet Files folder emptied: 2776366 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 758616989 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 1567 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 75163 bytes
RecycleBin emptied: 948332 bytes
 
Total Files Cleaned = 729,00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 02152012_152654

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
         
Der Rest kommt gleich

Alt 15.02.2012, 15:44   #11
Mira C
 
Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert - Standard

Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert



Das GMER Programm fing erst an zu laufen, hat sich dann aber mit einer Fehlermeldung aufgehängt...

Alt 15.02.2012, 15:52   #12
Mira C
 
Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert - Standard

Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert



Die mbr.log Datei war leer. Also, es hat sich ein Fenster geöffnet, aber da wa r kein Text drin.

Alt 15.02.2012, 16:06   #13
Mira C
 
Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert - Standard

Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert



Und OTL beim Scan sagt:

Code:
ATTFilter
OTL logfile created on: 15.02.2012 15:59:59 - Run 3
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Mira\Desktop\pc kaputt
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 55,65% Memory free
4,23 Gb Paging File | 2,94 Gb Available in Paging File | 69,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,63 Gb Total Space | 25,84 Gb Free Space | 18,50% Space Free | Partition Type: NTFS
 
Computer Name: MIRA-PC | User Name: Mira | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.11 15:57:02 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.02.07 18:30:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Mira\Desktop\pc kaputt\OTL.exe
PRC - [2012.01.20 19:16:56 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011.10.11 14:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SASCore.exe
PRC - [2010.10.19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2010.09.21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.09.21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2010.05.14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010.02.03 15:37:57 | 000,154,112 | ---- | M] () -- C:\Programme\ImagonShared\DierckeBrowserInterface.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.09.14 21:55:07 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2008.02.19 08:12:18 | 000,537,256 | ---- | M] ( ) -- C:\Windows\System32\lxbkcoms.exe
PRC - [2008.01.19 08:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2008.01.19 08:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.19 08:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.10.31 13:13:44 | 000,921,600 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Power Management\SPMgr.exe
PRC - [2007.10.31 09:40:08 | 000,125,440 | ---- | M] (ArcSoft, Inc.) -- C:\Programme\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
PRC - [2007.09.28 21:11:44 | 000,292,128 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2007.09.11 08:45:04 | 000,124,832 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007.08.28 16:27:12 | 000,131,072 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2007.08.28 16:27:10 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2007.08.14 20:05:18 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe
PRC - [2007.08.14 20:05:18 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2007.06.28 08:52:48 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2007.06.15 12:45:20 | 000,469,112 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2007.05.31 09:32:14 | 000,551,032 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006.10.22 23:24:02 | 000,620,152 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.02.15 15:31:15 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012.02.15 15:31:15 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012.02.11 15:57:02 | 001,911,768 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.02.10 21:38:36 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012.02.10 21:38:36 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2012.01.11 21:20:52 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\fecd1103dd16dc1192402770caf56575\System.Web.ni.dll
MOD - [2012.01.11 21:20:43 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\311bc26c3ed83409589eb6bae0eeb86e\System.Runtime.Remoting.ni.dll
MOD - [2011.10.20 17:34:44 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll
MOD - [2011.10.20 17:32:51 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2011.10.20 16:50:25 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011.10.20 16:49:58 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2011.10.20 16:49:47 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2011.10.20 16:48:01 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011.10.20 16:47:43 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.02.03 15:37:57 | 000,154,112 | ---- | M] () -- C:\Programme\ImagonShared\DierckeBrowserInterface.exe
MOD - [2009.03.30 05:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.01.02 12:51:17 | 001,675,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2783.40072__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008.01.02 12:51:17 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2783.40300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2008.01.02 12:51:17 | 000,237,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2783.40029__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008.01.02 12:51:17 | 000,184,320 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2783.40085__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008.01.02 12:51:17 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2783.40293__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008.01.02 12:51:17 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2783.40250__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008.01.02 12:51:17 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2783.40064__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008.01.02 12:51:17 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2783.40085__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll
MOD - [2008.01.02 12:51:17 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2783.40186__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008.01.02 12:51:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2783.40049__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008.01.02 12:51:16 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2783.40327__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008.01.02 12:50:55 | 000,331,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2783.40258__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:55 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2783.40334__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:55 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2783.40265__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008.01.02 12:50:55 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2783.40043__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:55 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2783.40257__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008.01.02 12:50:54 | 000,897,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2783.40294__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:54 | 000,790,528 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2783.40195__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:54 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2783.40098__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:54 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2783.40187__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:54 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2783.40050__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:54 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2783.40278__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008.01.02 12:50:54 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2783.40237__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:54 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2783.40105__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2008.01.02 12:50:54 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2783.40092__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:54 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2783.40217__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2008.01.02 12:50:54 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2783.40194__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008.01.02 12:50:54 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2783.40186__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008.01.02 12:50:54 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2783.40104__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2008.01.02 12:50:54 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2783.40194__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008.01.02 12:50:54 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2783.40216__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2008.01.02 12:50:54 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2783.40237__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008.01.02 12:50:53 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2729.30178__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008.01.02 12:50:53 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2729.30199__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008.01.02 12:50:53 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2729.30264__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2729.30174__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008.01.02 12:50:53 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2729.30313__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008.01.02 12:50:53 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2729.30184__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008.01.02 12:50:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2729.30259__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008.01.02 12:50:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2729.30211__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2729.30199__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2729.30185__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2729.30202__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2729.30197__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2729.30207__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2729.30242__90ba9c70f846762e\DEM.OS.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2729.30256__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2729.30203__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2729.30216__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2729.30241__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2729.30224__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2729.30212__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2729.30222__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008.01.02 12:50:53 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008.01.02 12:50:52 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2729.30231__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2729.30219__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2729.30226__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2729.30231__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2729.30227__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2729.30225__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2729.30230__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2729.30213__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2729.30219__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2729.30259__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2729.30228__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2729.30212__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2729.30216__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008.01.02 12:50:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2729.30208__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008.01.02 12:50:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2729.30201__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008.01.02 12:50:51 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2729.30176__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008.01.02 12:50:51 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008.01.02 12:50:46 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2783.40305_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2008.01.02 12:50:45 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2783.40037__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008.01.02 12:50:45 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2783.40058__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008.01.02 12:50:45 | 000,446,464 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2783.40305__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2008.01.02 12:50:45 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2783.40314__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008.01.02 12:50:45 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2783.40021__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008.01.02 12:50:45 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2783.40312__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008.01.02 12:50:45 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2729.30193__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008.01.02 12:50:45 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2729.30209__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008.01.02 12:50:45 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2729.30205__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008.01.02 12:50:45 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2783.40357__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008.01.02 12:50:45 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2729.30188__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008.01.02 12:50:45 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2729.30258__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008.01.02 12:50:45 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2729.30211__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008.01.02 12:50:45 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2729.30214__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008.01.02 12:50:45 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2729.30243__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008.01.02 12:50:45 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2783.40019__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2008.01.02 12:50:44 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2783.40022__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008.01.02 12:50:44 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2783.40021__90ba9c70f846762e\APM.Server.dll
MOD - [2008.01.02 12:50:44 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2783.40020__90ba9c70f846762e\AEM.Server.dll
MOD - [2008.01.02 12:50:44 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2783.40313__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008.01.02 12:50:44 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2007.10.19 01:22:14 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2007.01.19 17:23:44 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2010.10.19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2008.09.14 21:55:07 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.02.19 08:12:18 | 000,537,256 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxbkcoms.exe -- (lxbk_device)
SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.10.31 09:40:08 | 000,125,440 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Programme\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007.09.28 21:11:44 | 000,292,128 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2007.09.20 18:52:32 | 000,079,136 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2007.09.11 08:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007.08.28 16:27:12 | 000,131,072 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2007.08.28 16:27:10 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2007.08.14 20:05:18 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007.06.28 08:53:04 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2007.06.28 08:52:48 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2007.06.20 15:35:06 | 002,523,136 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2007.06.20 15:34:52 | 000,499,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2007.06.20 15:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP) VAIO Media Content Collection (UPnP)
SRV - [2007.06.20 15:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2007.06.20 15:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP) VAIO Media Content Collection (HTTP)
SRV - [2007.06.20 15:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2007.01.10 16:51:06 | 000,745,472 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006.12.14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006.12.14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006.12.14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2012.02.15 15:23:38 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.01.19 07:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007.11.16 01:29:22 | 000,818,688 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007.10.29 19:30:30 | 000,017,920 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2007.10.19 01:22:07 | 002,930,176 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007.10.17 01:01:59 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2007.10.17 01:01:59 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2007.10.16 04:57:24 | 000,743,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007.09.19 13:38:18 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007.09.19 04:29:09 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007.09.05 01:02:46 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.09.05 01:02:11 | 000,084,480 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007.08.29 02:58:45 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2007.05.26 09:03:06 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2006.11.02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2005.06.29 10:21:24 | 000,019,328 | ---- | M] (WideView Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DTV_Loader_2X1.sys -- (DTV_Loader_2X1)
DRV - [2005.06.22 12:55:30 | 000,018,432 | ---- | M] (Computer & Entertainment, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DTV_Capture_2X0.sys -- (DTV_Capture_2X0)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 13 B4 03 F0 85 64 CB 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4
FF - prefs.js..extensions.enabledItems: {64e8cc5b-20db-4212-8320-178fc5ae71f7}:1.5
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=4.0: C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Mira\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.10.02 14:54:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\Firefox [2011.10.02 14:55:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011.10.20 16:30:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Mira\AppData\Roaming\5040
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.11 15:57:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.12 12:57:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.10.02 14:54:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Mira\AppData\Roaming\5040
 
[2009.05.29 02:25:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mira\AppData\Roaming\mozilla\Extensions
[2009.05.29 02:25:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mira\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2012.02.10 20:35:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mira\AppData\Roaming\mozilla\Firefox\Profiles\8g1enzv1.default\extensions
[2010.09.12 09:54:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mira\AppData\Roaming\mozilla\Firefox\Profiles\8g1enzv1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.01.03 15:10:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Mira\AppData\Roaming\mozilla\Firefox\Profiles\8g1enzv1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.02.11 15:57:06 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\MIRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8G1ENZV1.DEFAULT\EXTENSIONS\ICH@MALTEGOETZ.DE.XPI
[2012.02.11 15:57:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.10 21:09:47 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.11.01 19:09:41 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.11.01 19:09:41 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.01 19:09:41 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.01 19:09:41 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google BAE\BAE.dll (Your Company Name)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Programme\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1DA162A9-CE9B-4C64-94AB-2A788B2C4B85}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50873441-281D-4665-A974-5576DD868D02}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) -C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Mira\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Mira\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.12 13:02:16 | 000,000,000 | ---D | C] -- C:\Users\Mira\Documents\Updater5
[2012.02.11 10:42:25 | 000,000,000 | ---D | C] -- C:\Users\Mira\Desktop\pc kaputt
[2012.02.10 21:37:37 | 000,000,000 | ---D | C] -- C:\Users\Mira\AppData\Roaming\SUPERAntiSpyware.com
[2012.02.10 21:35:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.02.10 21:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.02.10 21:35:19 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.02.10 21:10:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.02.10 21:10:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.02.10 21:10:05 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012.02.10 21:10:05 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.02.10 21:10:05 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.02.10 21:10:05 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.02.10 20:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012.02.10 20:57:09 | 000,000,000 | ---D | C] -- C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012.02.10 20:34:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.02.07 19:01:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.02.07 19:01:22 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.02.02 22:59:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.02.02 22:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.02.02 22:57:35 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.01.17 22:16:58 | 000,000,000 | ---D | C] -- C:\Users\Mira\Documents\proxtube_gesperrte_youtube_videos_schauen-1.3.4-fx
[2011.05.31 08:14:39 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbkserv.dll
[2011.05.31 08:14:39 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxbkusb1.dll
[2011.05.31 08:14:39 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbkpmui.dll
[2011.05.31 08:14:39 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbklmpm.dll
[2011.05.31 08:14:39 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbkinpa.dll
[2011.05.31 08:14:39 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbkiesc.dll
[2011.05.31 08:14:39 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXBKhcp.dll
[2011.05.31 08:14:39 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbkprox.dll
[2011.05.31 08:14:39 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbkpplc.dll
[2011.05.31 08:14:38 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbkhbn3.dll
[2011.05.31 08:14:38 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbkcomc.dll
[2011.05.31 08:14:38 | 000,537,256 | ---- | C] ( ) -- C:\Windows\System32\lxbkcoms.exe
[2011.05.31 08:14:38 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbkcomm.dll
[2011.05.31 08:14:38 | 000,385,704 | ---- | C] ( ) -- C:\Windows\System32\lxbkih.exe
[2011.05.31 08:14:37 | 000,381,608 | ---- | C] ( ) -- C:\Windows\System32\lxbkcfg.exe
[1 C:\Users\Mira\AppData\Roaming\*.tmp files -> C:\Users\Mira\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.15 15:29:03 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.15 15:29:03 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.15 15:28:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.15 15:28:49 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.15 15:27:58 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.02.15 15:23:38 | 000,137,416 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.02.13 14:19:58 | 000,397,392 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.02.12 12:57:05 | 000,001,964 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
[2012.02.12 12:57:05 | 000,001,912 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 8 Standard.lnk
[2012.02.12 12:57:05 | 000,001,808 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
[2012.02.10 21:29:23 | 000,140,824 | ---- | M] () -- C:\Users\Mira\Documents\cc_20120210_212853.reg
[2012.02.10 21:09:46 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012.02.10 21:09:46 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.02.10 21:09:46 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.02.10 21:09:46 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.02.07 18:43:22 | 000,637,080 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.07 18:43:22 | 000,603,042 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.07 18:43:22 | 000,129,814 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.07 18:43:22 | 000,106,858 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.06 22:05:48 | 000,000,000 | ---- | M] () -- C:\Users\Mira\defogger_reenable
[2012.02.06 15:01:46 | 000,075,214 | ---- | M] () -- C:\Users\Mira\Desktop\vondirueberdichneben.pdf
[2012.02.02 22:59:07 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.01.29 05:10:42 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[1 C:\Users\Mira\AppData\Roaming\*.tmp files -> C:\Users\Mira\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.02.12 12:57:05 | 000,001,964 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
[2012.02.12 12:57:05 | 000,001,912 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat 8 Standard.lnk
[2012.02.12 12:57:05 | 000,001,826 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 8 Standard.lnk
[2012.02.12 12:57:05 | 000,001,812 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 8.lnk
[2012.02.12 12:57:05 | 000,001,808 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
[2012.02.10 21:28:59 | 000,140,824 | ---- | C] () -- C:\Users\Mira\Documents\cc_20120210_212853.reg
[2012.02.06 22:05:48 | 000,000,000 | ---- | C] () -- C:\Users\Mira\defogger_reenable
[2012.02.06 18:02:56 | 2145,837,056 | -HS- | C] () -- C:\hiberfil.sys
[2012.02.06 15:01:45 | 000,075,214 | ---- | C] () -- C:\Users\Mira\Desktop\vondirueberdichneben.pdf
[2012.02.02 22:59:07 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.11.15 20:03:48 | 000,000,090 | ---- | C] () -- C:\Users\Mira\AppData\Roaming\blckdom.res
[2011.11.09 22:55:01 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011.10.02 14:41:22 | 000,192,754 | ---- | C] () -- C:\Windows\hpoins51.dat
[2011.09.08 22:40:01 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.09.08 21:58:03 | 000,031,864 | ---- | C] () -- C:\Windows\maxlink.ini
[2011.05.31 08:24:08 | 000,000,249 | ---- | C] () -- C:\Windows\Lexstat.ini
[2011.05.31 08:14:40 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXBKinst.dll
[2011.05.31 08:14:39 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxbkutil.dll
[2011.05.23 14:53:29 | 000,946,550 | ---- | C] () -- C:\Windows\Diercke Globus Online Uninstaller.exe
[2010.05.28 05:42:01 | 000,000,572 | ---- | C] () -- C:\Windows\hpomdl51.dat
[2010.05.07 05:55:41 | 000,000,000 | ---- | C] () -- C:\Windows\WinInit.ini
[2009.08.18 23:15:30 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.08.18 23:15:29 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.04.04 20:30:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.02.26 01:41:54 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.12.27 23:54:54 | 006,320,872 | ---- | C] () -- C:\Program Files\npsibelius.dll
[2008.09.14 21:50:01 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008.08.22 08:33:31 | 000,091,497 | ---- | C] () -- C:\Windows\hpiins01.dat.temp
[2008.08.22 08:33:31 | 000,000,000 | ---- | C] () -- C:\Windows\hpimdl01.dat.temp
[2008.08.22 08:27:54 | 000,091,497 | ---- | C] () -- C:\Windows\hpiins01.dat
[2008.08.22 08:27:54 | 000,000,000 | ---- | C] () -- C:\Windows\hpimdl01.dat
[2008.07.23 17:50:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.07.23 17:46:38 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008.06.29 15:14:30 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.06.28 22:04:59 | 000,089,088 | ---- | C] () -- C:\Users\Mira\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.06.28 22:04:59 | 000,001,356 | ---- | C] () -- C:\Users\Mira\AppData\Local\d3d9caps.dat
[2008.01.02 13:01:58 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2008.01.02 12:41:00 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2008.01.02 12:39:57 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll
[2007.11.27 00:10:31 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007.11.27 00:10:31 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.11.27 00:10:31 | 000,144,773 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007.11.26 16:32:07 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007.11.26 15:25:25 | 000,000,032 | ---- | C] () -- C:\Windows\System32\elcric.dat
[2007.11.26 06:44:22 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007.10.30 10:44:52 | 000,393,216 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007.04.16 03:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin
[2007.02.07 16:57:50 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2007.01.22 07:49:34 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxbkcoin.dll
[2006.11.02 16:33:31 | 000,637,080 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 16:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 16:33:31 | 000,129,814 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 16:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,397,392 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,603,042 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,106,858 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.10.05 11:19:32 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbkvs.dll
[2005.09.13 15:27:10 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxbkcnv5.dll
[2005.09.13 15:27:10 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxbkcnv4.dll
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== LOP Check ==========
 
[2011.06.20 12:33:40 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Audacity
[2010.07.28 11:10:34 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Auslogics
[2009.08.18 19:04:58 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Canon
[2011.05.23 15:31:06 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Diercke Globus Online
[2009.09.26 16:54:12 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Dropbox
[2008.07.16 19:18:18 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Engelmann Media
[2009.05.18 02:45:46 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\InterVideo
[2010.09.21 21:49:10 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\TeamViewer
[2010.08.15 21:05:25 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2011.09.09 00:15:05 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Windows Live Writer
[2010.12.08 14:29:13 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\XMedia Recode
[2012.02.15 15:27:59 | 000,032,558 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         

Alt 15.02.2012, 16:07   #14
Mira C
 
Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert - Standard

Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert



und

Code:
ATTFilter
OTL Extras logfile created on: 15.02.2012 15:59:59 - Run 3
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Mira\Desktop\pc kaputt
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 55,65% Memory free
4,23 Gb Paging File | 2,94 Gb Available in Paging File | 69,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,63 Gb Total Space | 25,84 Gb Free Space | 18,50% Space Free | Partition Type: NTFS
 
Computer Name: MIRA-PC | User Name: Mira | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1280C1DC-CB21-4D28-B340-224BD4E3A5EB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{7982CD13-25FA-4EE9-A665-A10A740D305E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{7EFDD1B3-04AA-4952-9F1E-8FED7F94A69F}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{FB97528F-128F-42E8-9B5F-EDA1339742E7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07A93539-FDC7-4B3A-9E02-6203DDC0E9E8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0D50FA62-BDE2-4478-A0BA-A21986A92F66}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | 
"{17682DAB-5845-458E-B4DB-0EFE4F5CE6B5}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{2EB5E738-72EC-4FAB-A7B9-C877C9656385}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
"{30A4826B-4A93-4A53-9837-D17E97F77639}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
"{30C3BBCF-04EA-4330-828C-D05AEB0741EC}" = dir=in | app=c:\users\mira\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"{4389A64C-7156-406B-90C4-2DAD22CBA136}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | 
"{4640D4F9-8DD4-42B0-9EC0-8EE59B454C5E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{480ACAFF-85B3-46B4-A189-C7AD2AB9C000}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{550FFC9C-E6EF-400A-A4B7-C762B9C14982}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | 
"{5AE85AA7-9756-42B7-8E48-FDAD6799E628}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | 
"{5FA689DB-D7DF-4C30-8933-5E9D18242BF0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{6F5B0187-7DE5-44E8-A009-80472D8FA521}" = protocol=17 | dir=in | app=c:\windows\system32\lxbkcoms.exe | 
"{72DB3E5F-D3F1-4F04-8C37-D76993AEFAD7}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbkpswx.exe | 
"{75C6030F-42F5-4A43-AAA4-3572A5FBFC62}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | 
"{79565B14-811E-43C2-9D4E-4B4B99B4AF56}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbkpswx.exe | 
"{90F91756-C519-454F-8CED-402203ED248E}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{959E8DD7-B225-42A9-BCCF-4BB8F2520E02}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe | 
"{98273960-0E53-496B-A8BC-957DB0DBB4CA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{9ADB3281-FAD8-448D-B185-F4792BF929EC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{9B605F5C-06A8-4BA4-B5CC-B3DDC8C889DA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | 
"{9D6C3CE8-7B1A-44FE-A8BF-6FF066C581D6}" = protocol=6 | dir=in | app=c:\windows\system32\lxbkcoms.exe | 
"{B07CDFC3-9A52-4324-9BD0-E8FA74A181F2}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe | 
"{BB961A4B-1000-4BFB-9354-1F114CF8525D}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | 
"{BBBFF608-7A5F-4A1B-97FE-9489851F0CEB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | 
"{C26D56E5-9643-4F7A-A34C-F17439A94F13}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{C6C3381A-CCED-46BC-90EC-7DF310AA791F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | 
"{CC078356-8E1F-48AA-8CE2-F6B606A26007}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | 
"{CC82A6B2-E090-4A0C-B6F7-57AF97AEE948}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | 
"{D271BE8F-59B4-48D0-8164-3781007356AA}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{E674E10B-7B31-4096-8214-DB337418AFD3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{E69DD7E5-FB5A-4664-86CF-848AC170AED7}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{FC72240B-435E-4989-8058-6654E259EC01}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00E3E16A-EF37-6F18-2501-821AAB6903AB}" = ccc-core-static
"{012048E1-BFFF-682E-8FA2-8325B2B16784}" = TweetDeck
"{017FDD1B-A971-4084-B652-584181002812}" = VAIO Content Metadata Intelligent Analyzing Manager
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11
"{0299E902-A8ED-7748-4A47-8080C42436F2}" = Catalyst Control Center Core Implementation
"{0360D8F0-626A-4E87-8A16-938BD0BEBCC5}" = 32 Bit HP CIO Components Installer
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.2200
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D8189EB-8824-AA13-6A45-8201E3353AC8}" = CCC Help German
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{14F47992-EF70-16D9-1DD6-8A240073CD82}" = ATI Catalyst Install Manager
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{165E861A-D87F-5BED-190E-8EBC4ECCE65E}" = Catalyst Control Center Graphics Light
"{17F8195F-91B9-35A7-E4B9-6E54C0B7B9B3}" = CCC Help Korean
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1EDDE5D9-7455-3159-41BE-1BC8C76B8950}" = CCC Help Spanish
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{248BF282-92C4-4C53-09F4-454E81503277}" = Catalyst Control Center Localization Italian
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{28549656-3CB3-44B6-9FAB-925A18DAC796}" = VAIO Movie Story
"{28B52CF6-FC4D-38E7-2438-62EB527780FD}" = Catalyst Control Center Graphics Full Existing
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29ADBAC3-97C3-1963-0F76-1687F73154D7}" = Catalyst Control Center Localization French
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2E0993DB-99D1-3D3D-FDD8-757F7C44BB7F}" = CCC Help French
"{2E2F4CB9-70B3-B6BA-1241-BC53FE5BE5DA}" = Catalyst Control Center Localization Thai
"{31E6A959-22FA-51B9-4E5A-1E2D2C0C8F1E}" = CCC Help Hungarian
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{356181AD-C50C-394F-20D8-C6CB0A961589}" = Catalyst Control Center Localization Portuguese
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{4203C377-8F5B-4B3C-9096-6FC7C2CB9BC5}" = VAIO Content Metadata XML Interface Library
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46376BAF-996E-410E-82B2-5D9E61820E6D}" = Moorhuhn Kart 3
"{46B9C26B-4370-C68D-1743-4F13AC12B4CD}" = CCC Help Turkish
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 3
"{495B3F8D-06AA-216A-6159-C9EABA6B7D8E}" = CCC Help Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A074D34-1F3D-B98F-CFF9-B2794DA33871}" = Catalyst Control Center Localization Danish
"{4A790D47-EBBF-659B-96BD-46AF5D69730B}" = Catalyst Control Center Localization Chinese Traditional
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{4FE475AA-C4CC-115A-1422-5DFB86FC806D}" = Catalyst Control Center Localization Hungarian
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{505522F8-9BAF-4CB4-8767-EE074BB0ECE1}" = PS_AIO_07_B010_SW_Min
"{5463642B-44B3-34D3-E64E-0ACAA949BB5A}" = CCC Help Finnish
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{56345504-DE57-4528-A18B-A567D1E52928}" = ArcSoft Magic-i Visual Effects
"{568457D9-A55B-D9BC-13EC-14C84E69BD86}" = Catalyst Control Center Graphics Full New
"{56A6F256-5323-4617-3AE8-45B28B559E37}" = CCC Help English
"{57A3A36F-626E-8848-D9E0-41FCDC92FECA}" = CCC Help Portuguese
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{582D2A53-F426-4C5E-A2E6-43C1AB36B907}" = Safari
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{58E65E96-6649-4CBE-9382-35326D694E6F}" = MSN Toolbar Platform
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{6788581C-ECDA-326B-EE71-F9BE4635355F}" = Catalyst Control Center Localization Korean
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{69351E9E-23ED-41D5-B146-EDBF83C63B66}" = VAIO Content Metadata Manager Setting
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6CE464DB-CD52-F4F9-FB58-BC934702A499}" = CCC Help Japanese
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{6DA9102E-199F-43A0-A36B-6EF48081A658}" = Systemsteuerung "MobileMe"
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7193B0D6-65E4-6FB1-EB23-E9CE6D611BDC}" = CCC Help Czech
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.1
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7CB64BD2-0FB7-E037-6924-EA2B8BE44E7E}" = CCC Help Greek
"{7F6C2F96-3302-784E-BF0D-65D794E39BC2}" = Catalyst Control Center Localization Norwegian
"{802889F8-6AF5-45A5-9764-CA5B999E50FC}" = VAIO Power Management
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81830FEF-866C-4DC0-9435-B6287B1EDD8A}" = HP Photosmart B010 All-In-One Driver Software 14.0 Rel. 7
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EA9BEB-AFF7-06C6-60DF-608807EA7DF2}" = Catalyst Control Center Localization German
"{8550D6A8-0DBC-AC89-F12B-71167346845E}" = Catalyst Control Center Localization Dutch
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A2224A1-7C5F-170C-74B6-6EEF9F92FCC3}" = CCC Help Norwegian
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BF46E02-3A99-4469-AE99-EAAE51FE8F9F}" = B010
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = 
"{96E425D4-2DB1-6B29-0944-7DC78E9EEF81}" = Catalyst Control Center Localization Finnish
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E332EEA-DCFC-424B-E499-0D35FFAD4D76}" = Catalyst Control Center Localization Greek
"{9F165569-C622-3F85-0F90-23CF9B0B7E50}" = Catalyst Control Center Localization Turkish
"{9FA8B5F5-4BDC-4CF4-9202-AA97FF79AE98}" = VAIO Media
"{A38F2A2D-F9AC-6303-A14D-DD2D77519627}" = Catalyst Control Center Localization Polish
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA346790-8BF2-4826-9E30-18E9BB547663}" = VAIO Content Metadata Manager Setting
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{ABF29EC7-47C1-4C63-8FE7-3824FD66F357}" = VAIO Content Metadata Intelligent Analyzing Manager
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-1033-F400-BA7E-000000000003}" = Adobe Acrobat  8 Standard - English, Français, Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{B07FD2DE-87AB-976B-9E7E-9CD9598D1188}" = CCC Help Italian
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B5E2DF30-1061-4DB4-AF28-08996C8E5680}" = VAIO Content Metadata XML Interface Library
"{B6E9A977-C2C7-4CA0-0001-98605B7C7D3E}" = MyTube Recorder
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B74686F4-939E-9D89-2C09-3B0FCB3C2B37}" = Catalyst Control Center Localization Japanese
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Easy Media Creator Home
"{B982D59B-B732-C911-51F3-CC962F906573}" = ccc-utility
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BFCBC9EC-8ECC-2E8F-85DF-9D02C3B6E8AD}" = CCC Help Thai
"{C1141112-2968-FB36-0DF7-9D61AE6A0DCF}" = CCC Help Chinese Standard
"{C11B0B31-C101-4B56-8BA8-F5113022EF2B}" = VAIO Content Metadata Intelligent Analyzing Manager
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C9B56B00-7A33-378D-E64E-E044BE535A46}" = Catalyst Control Center Localization Chinese Standard
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D79FDDB3-D6DD-63CC-BA61-D5406F392979}" = Catalyst Control Center Localization Russian
"{DA3C6D93-6EB8-BF5C-2C14-2B1A08284DBD}" = Catalyst Control Center Graphics Previews Vista
"{DEFB9CA4-6242-B988-E263-CD102219F54F}" = Skins
"{DF02B276-8216-D2FC-1E3D-E6382F8F6D91}" = Catalyst Control Center Localization Swedish
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E40EE28E-1009-B9B3-1E6B-635E878EAFF4}" = CCC Help Danish
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E626EA97-DC4B-B9C2-5120-F826D00623D5}" = Catalyst Control Center Localization Spanish
"{E66BB7B9-EC7B-45A6-B479-AD43A9B32AA0}" = SonicStage Mastering Studio
"{E6707034-D7A4-49B1-94D0-F5AACE46F06C}" = Instant Mode
"{E89D31F3-7F6C-47A3-8669-0A8DDE27B664}" = VAIO Media Registration Tool
"{E8EF1266-1D1F-C2FB-1E98-2FB9E71B3C7C}" = Catalyst Control Center Graphics Previews Common
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter
"{ED1273B9-C028-C97D-BBF4-B667AD1644AE}" = CCC Help Dutch
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FD0F66-34CF-4555-8B13-BCFC96F3864C}" = Branding
"{F2D89AED-46DA-3DAF-CE35-BEA81D3CCE4B}" = CCC Help Polish
"{F536B64C-FA0C-AAEE-AE89-E15B12E7C659}" = CCC Help Swedish
"{F5397A82-641F-4643-8200-51D7F0016511}" = Click to Disc
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = 
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F76F1E24-BFF9-9754-FDB4-595A7DFF8651}" = CCC Help Russian
"{F8ECA4D4-3CB6-3B1C-A20A-884D5744C0FF}" = Catalyst Control Center Localization Czech
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Abenteuer auf dem Reiterhof" = Abenteuer auf dem Reiterhof
"Adobe Acrobat  8 Standard - English, Français, Deutsch" = Adobe Acrobat  8 Standard - English, Français, Deutsch
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player
"Advent 1.6.0.2" = Advent 1.6.0.2
"Atlantis - Sky Patrol" = Atlantis - Sky Patrol (remove only)
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"Big Fish Games Center" = Big Fish Games Center
"Big Fish Games Sudoku" = Big Fish Games Sudoku (remove only)
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"Diercke Globus Online" = Diercke Globus Online
"DPP" = Canon Utilities Digital Photo Professional 3.4
"dt icon module" = 
"DTV_1.0" = DVB-T USB 2.0 
"EOS USB WIA Driver" = EOS USB WIA Driver
"EOS Utility" = Canon Utilities EOS Utility
"Google Desktop" = Google Desktop
"gtfirstboot Setting Request" = 
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"iLyrics" = iTunes Lyrics Importer
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Lexmark X1100 Series" = Lexmark X1100 Series
"Mahjong Towers Eternity EU" = Mahjong Towers Eternity EU (remove only)
"MarketingTools" = Vaio Marketing Tools
"MFU Module" = 
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 10.0.1 (x86 de)" = Mozilla Firefox 10.0.1 (x86 de)
"MyCamera" = Canon Utilities MyCamera
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-15-19-01
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa2" = Picasa 2
"Picture Style Editor" = Canon Utilities Picture Style Editor
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Shop for HP Supplies" = Shop for HP Supplies
"Sibelius Scorch Plugin" = Sibelius Scorch Plugin
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 5" = TeamViewer 5
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"VAIO Help and Support" = 
"VAIO_My Club VAIO" = My Club VAIO
"VAIO_Photoshop" = 
"VAIO_Standard" = 
"Virtual Villagers" = Virtual Villagers (remove only)
"VLC media player" = VLC media player 0.9.8a
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite" = Windows Live Essentials
"XMedia Recode" = XMedia Recode 3.0.4.9
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"GlasgowComaScale Trainer - Version 1.1" = GlasgowComaScale Trainer - Version 1.1
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 11.02.2012 14:07:27 | Computer Name = Mira-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 455507
 
Error - 11.02.2012 14:07:27 | Computer Name = Mira-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 455507
 
Error - 11.02.2012 21:06:08 | Computer Name = Mira-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 12.02.2012 05:36:20 | Computer Name = Mira-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 12.02.2012 15:53:48 | Computer Name = Mira-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 13.02.2012 09:20:22 | Computer Name = Mira-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 15.02.2012 09:39:31 | Computer Name = Mira-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 15.02.2012 10:15:55 | Computer Name = Mira-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 15.02.2012 10:29:16 | Computer Name = Mira-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 15.02.2012 10:41:55 | Computer Name = Mira-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung x7typ31c.exe, Version 1.0.15.15641, Zeitstempel
 0x4e21f2b1, fehlerhaftes Modul x7typ31c.exe, Version 1.0.15.15641, Zeitstempel 
0x4e21f2b1, Ausnahmecode 0xc0000005, Fehleroffset 0x0000c676,  Prozess-ID 0x1228, 
Anwendungsstartzeit 01ccebef0b2b6b7d.
 
[ System Events ]
Error - 15.02.2012 09:46:16 | Computer Name = Mira-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 15.02.2012 09:50:25 | Computer Name = Mira-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 15.02.2012 10:00:25 | Computer Name = Mira-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 15.02.2012 10:10:25 | Computer Name = Mira-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 15.02.2012 10:15:30 | Computer Name = Mira-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 15.02.2012 um 14:39:59 unerwartet heruntergefahren.
 
Error - 15.02.2012 10:16:46 | Computer Name = Mira-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 15.02.2012 10:17:07 | Computer Name = Mira-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 15.02.2012 10:26:55 | Computer Name = Mira-PC | Source = Service Control Manager | ID = 7034
Description = 
 
Error - 15.02.2012 10:30:08 | Computer Name = Mira-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 15.02.2012 10:30:32 | Computer Name = Mira-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >
         

Klingt das alles gut? oder is noch was kaput?

Alt 16.02.2012, 07:51   #15
kira
/// Helfer-Team
 
Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert - Standard

Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert



sieht auf dem ersten Blick gut aus, aber wir lassen uns nicht so schnell beeindrucken...es folgen noch weitere Prüfungen, ich möchte wie es möglich, um Nummer sicher zu gehen

1.
Windows Defender:
Parallel zu ein AV-Programm nicht Empfehlenswert aktiv laufen lassen, weil dadurch können sich in die Quere kommen. Bitte dich ihn so zu deaktivieren: -> Aktivieren und Deaktivieren von Windows Defender
Windows Defender komplett deaktivieren

Start => Systemsteuerung => Klassische Ansicht => Windows Defender oder
Windows Defender starten (C:\Programme\Windows Defender\MSASCui.exe)

Extras => Optionen => Automatische Überprüfung => Haken bei "Computer automatisch überprüfen" entfernen.
Extras => Optionen => Echtzeitschutz => Haken bei "Echtzeitschutz aktivieren" entfernen.
Extras => Optionen => Administrator => Haken bei "Dieses Programm verwenden" entfernen.

Start => services.msc ins Suchfeld eingeben.
Es öffnet sich das Fenster der Dienste
Doppelklick auf den Dienst "Windows Defender"
Starttyp auf "Manuell" umstellen.
Dienststatus beenden, falls der Dienst noch gestartet ist.
► Nach einem Neustart (falls noch existirt) unter "Start-> ausführen-> "msconfig" (reinschreiben ohne ""-> OK -> Systemstart kontrolliere, ob mitläuft?! - ggf Häckhen rausnehmen
► Unter Dienste:
Start -> Ausführen -> "Services.msc" -> (reinschreiben ohne ""-> OK" - "Eigenschaften"-> "Stop" -> Starttyp "Deaktiviert" auswählen

2.
MBR mit aswMBR von Avast prüfen

Lade aswMBR.exe von Avast herunter und speichere das Tool auf deinem Desktop (nicht woanders hin).
XP Benutzer: Doppelklick auf die aswMBR.exe, um das Tool zu starten.
Vista und Windows 7 Benutzer: Rechtsklick auf die aswMBR.exe und Als Administrator starten wählen.
Es wird sich ein Eingabe-Fenster mit einigen Angaben öffnen.

Klicke Scan, um den Suchlauf zu starten.

Wenn der Scan beendet ist, was mit Scan finished sucessfull! gemeldet wird, klicke Save log, um das Logfile zu speichern.
Poste mir den Inhalt von aswASW.log vom Desktop hier in den Thread.

3.
Zitat:
Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
ATTFilter
:OTL
O4 - HKLM..\Run: []  File not found

:Commands
[purity]
[emptytemp]
         
  • und füge es hier ein:
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Klick auf .
  • OTL verlangt einen Neustart. Bitte zulassen.
  • Nach dem Neustart findest Du ein Textdokument.
    Kopiere den Inhalt hier in Deinen Thread.
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Antwort

Themen zu Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert
achtung!, antivir, avira, bildschirm, blockiert, bonjour, desktop, document, error, excel, exp/cve-2011-3544, firefox, flash player, fontcache, google, home, mozilla, nicht mehr öffnen, outlook 2010, problem, registry, scan, secur, security, software, studio, svchost.exe, symantec, system, taskmanager, updates, usb 2.0, windows, wurde ihr



Ähnliche Themen: Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert


  1. Achtung! Aus Sicherheitsgründen wurde ihr windowssystem blockiert
    Log-Analyse und Auswertung - 16.05.2012 (10)
  2. achtung aus sicherheitsgründen wurde ihr windowssystem blockiert
    Log-Analyse und Auswertung - 12.03.2012 (8)
  3. Achtung Ihr Windowssystem wurde aus Sicherheitsgründen blockiert
    Log-Analyse und Auswertung - 23.02.2012 (25)
  4. Achtung! Aus Sicherheitsgründen wurde Ihr Windowssystem blockiert
    Log-Analyse und Auswertung - 23.02.2012 (20)
  5. Achtung: Aus Sicherheitsgründen wurde ihr Windowssystem blockiert!
    Log-Analyse und Auswertung - 10.02.2012 (30)
  6. Achtung!Aus Sicherheitsgründen wurde ihr Windowssystem blockiert
    Log-Analyse und Auswertung - 01.02.2012 (41)
  7. Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert
    Plagegeister aller Art und deren Bekämpfung - 30.01.2012 (38)
  8. Achtung: Aus Sicherheitsgründen wurde ihr Windowssystem blockiert ...
    Log-Analyse und Auswertung - 29.01.2012 (9)
  9. Achtung aus Sicherheitsgründen wurde ihr Windowssystem blockiert.
    Log-Analyse und Auswertung - 25.01.2012 (1)
  10. Achtung aus sicherheitsgründen wurde ihr windowssystem blockiert!
    Log-Analyse und Auswertung - 21.01.2012 (3)
  11. Achtung, aus Sicherheitsgründen wurde ihr Windowssystem blockiert...
    Plagegeister aller Art und deren Bekämpfung - 11.01.2012 (15)
  12. Achtung! aus Sicherheitsgründen wurde ihr Windowssystem blockiert
    Plagegeister aller Art und deren Bekämpfung - 08.01.2012 (18)
  13. Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert.
    Log-Analyse und Auswertung - 07.01.2012 (19)
  14. Achtung! Aus sicherheitsgründen wurde ihr Windowssystem blockiert
    Plagegeister aller Art und deren Bekämpfung - 19.12.2011 (37)
  15. Achtung! Aus sicherheitsgründen wurde ihr Windowssystem blockiert
    Plagegeister aller Art und deren Bekämpfung - 17.12.2011 (4)
  16. Achtung aus sicherheitsgründen wurde ihr windowssystem blockiert
    Log-Analyse und Auswertung - 16.12.2011 (1)
  17. Achtung aus sicherheitsgründen wurde ihr windowssystem blockiert
    Log-Analyse und Auswertung - 12.12.2011 (8)

Zum Thema Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert - Hallo ihr lieben, ich habe folgendes Problem: Als ich vorhin im Internet war öffnete sich auf einmal die oben besagte Fehlermeldung samt der Aufforderung 50 € zu zahlen. Das Bild - Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert...
Archiv
Du betrachtest: Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.