Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Email-Anhang (ZIP) geöffnet

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 18.04.2013, 07:06   #1
Bike
 
Email-Anhang (ZIP) geöffnet - Standard

Email-Anhang (ZIP) geöffnet



Hallo an alle Frühaufsteher, habe heute einen Email Anhang (ZIP-Datei) geöffnet, die allerdings leer war. Die Email ist eine von den kursierenden "Fake-Mahnungen" wo angeblich Rechnungen zu bezahlen sind.

Ich bin im Forum auf ein ähnliches Thema gestoßen: http://www.trojaner-board.de/133834-...geoeffnet.html

Nur kann ich mich diesem Thema nicht anschließen, deswegen hab ich ein neues Thema eröffnet. Ich habe bisher den OTL durchlaufen lassen und bin jetzt mit den Logfiles überfordert und weiß nicht ob ich mir einen Trojaner o.ä. auf meinen PC gezogen habe.

Hier die Logfiles:
Code:
ATTFilter
OTL Extras logfile created on: 18.04.2013 07:38:58 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Privat\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,22 Gb Available Physical Memory | 60,96% Memory free
3,85 Gb Paging File | 3,16 Gb Available in Paging File | 82,03% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 34,04 Gb Total Space | 19,10 Gb Free Space | 56,12% Space Free | Partition Type: NTFS
Drive D: | 12,03 Gb Total Space | 1,71 Gb Free Space | 14,19% Space Free | Partition Type: NTFS
Drive E: | 40,09 Gb Total Space | 18,93 Gb Free Space | 47,22% Space Free | Partition Type: NTFS
 
Computer Name: HOMEOFFICE | User Name: Privat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-1726515508-3722681915-3753517806-1007\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DoNotAllowExceptions" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"20486:UDP" = 20486:UDP:*:Enabled:Enfocus Port
"24654:UDP" = 24654:UDP:*:Enabled:Enfocus Port
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Yahoo!\Messenger\YPager.exe" = C:\Programme\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger
"C:\Programme\Yahoo!\Messenger\YServer.exe" = C:\Programme\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\GROOVE.EXE" = C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"D:\xampp\mysql\bin\mysqld.exe" = D:\xampp\mysql\bin\mysqld.exe:*:Enabled:mysqld -- ()
"D:\xampp\apache\bin\httpd.exe" = D:\xampp\apache\bin\httpd.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Programme\AnySend\AnySendSvc.exe" = C:\Programme\AnySend\AnySendSvc.exe:*:Enabled:AnySend Service
"C:\Programme\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe" = C:\Programme\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe:LocalSubNet:Enabled:HP Geräteeinrichtung (HP Deskjet 1050 J410 series) -- (Hewlett-Packard Co.)
"D:\skype\Phone\Skype.exe" = D:\skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Dropbox\bin\Dropbox.exe" = C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F8608F-BA6A-4B32-843A-1A568ACD1198}" = VAIO Sea Wallpaper
"{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio DigitalMedia Data
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 2
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 5.0
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 5.0
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}" = Wireless LAN Starter
"{63B8FB69-A1B6-425D-B67D-5257B7A1F663}" = Image Converter 2 Plus
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VOR
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 5.0
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VPS
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C31FFDC-E796-4884-B990-41B9A5B2A647}" = HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.3
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{AB467B85-4F52-48C2-AEED-0673D00417B0}" = SonicStage Mastering Studio Audio Filter
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio DigitalMedia Audio
"{ABBD2A2E-2424-4078-966F-F319A88D5F21}" = VAIO Starfish Wallpaper
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 5.0
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio DigitalMedia Copy
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B26E3B0D-C2FA-4370-B068-7C476766F029}" = Microsoft Works
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.0
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BBFFB027-7D53-4E1B-95BC-35A2216D1D60}" = VAIO Long Battery Life Wallpaper
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BF3B304B-8A18-452D-A19F-6012CA8418D7}" = SonicStage Mastering Studio 2.1
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CA83357B-931E-44DC-AD43-9996FEEB8116}" = Acronis*True*Image
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D9D2055E-944D-4EF2-8E1E-E52D8C27C160}" = Enfocus PitStop Professional
"{DCD786A9-31EF-4D35-B7CC-EFB8F548AEE2}" = O&O SafeErase
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (VAIO_VEDB)
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}" = SonicStage Mastering Studio Plugins
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5E4C38C-73BC-4D44-8BFC-969C2B4DABCA}" = OpenMG Secure Module 4.3.00
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FB714F13-10C9-48DB-91C9-DDBCCCBF9370}" = VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}" = LAN-Express AS IEEE 802.11 Wireless LAN
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_697a06b96d8bcbe2d77b88e7d5448d0" = Adobe Creative Suite 4 Master Collection
"avast" = avast! Free Antivirus
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"desktask" = DeskTask (remove only)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileZilla Client" = FileZilla Client 3.6.0.2
"InstallShield_{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VAIO-Online-Registrierung (Deutsch)
"InstallShield_{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VAIO Product Survey
"InstallShield_{F5E4C38C-73BC-4D44-8BFC-969C2B4DABCA}" = OpenMG Secure Module 4.3.00
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"MouseSuite98" = Sony USB Mouse
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"OpenMG HotFix4.3-05-09-14-01" = OpenMG Limited Patch 4.3-05-10-05-01
"phonostarRadioPlayer_is1" = phonostar-Player Version 2.01.5
"ProInst" = Intel(R) PROSet/Wireless Software
"PROSet" = Intel(R) PRO Network Connections Drivers
"ShockwaveFlash" = Macromedia Flash Player 8
"VLC media player" = VLC media player 2.0.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"xampp" = XAMPP 1.8.1
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1726515508-3722681915-3753517806-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"DSite" = Update for Any Send
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 08.03.2013 08:46:03 | Computer Name = HOMEOFFICE | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Acrobat.exe, Version 9.0.0.332, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 09.03.2013 16:08:13 | Computer Name = HOMEOFFICE | Source = Microsoft Office 12 | ID = 5000
Description = EventType officelifeboathang, P1 outlook.exe, P2 12.0.4518.1014, P3
 ntdll.dll, P4 5.1.2600.2180, P5 NIL, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.
 
Error - 14.03.2013 10:16:29 | Computer Name = HOMEOFFICE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung ps_radio.exe, Version 2.1.5.0, fehlgeschlagenes
 Modul user32.dll, Version 5.1.2600.2622, Fehleradresse 0x0001ee07.
 
Error - 19.03.2013 08:16:37 | Computer Name = HOMEOFFICE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung acrodist.exe, Version 9.0.0.332, fehlgeschlagenes
 Modul acrodistdll.dll, Version 9.0.0.332, Fehleradresse 0x001ed704.
 
Error - 05.04.2013 07:27:05 | Computer Name = HOMEOFFICE | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung PokerStars.exe, Version 6.7.3.7, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 05.04.2013 07:28:50 | Computer Name = HOMEOFFICE | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung PokerStars.exe, Version 6.7.3.7, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 05.04.2013 07:34:00 | Computer Name = HOMEOFFICE | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung PokerStars.exe, Version 6.7.3.7, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 05.04.2013 07:39:39 | Computer Name = HOMEOFFICE | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung PokerStars.exe, Version 6.7.3.7, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
[ System Events ]
Error - 15.04.2013 06:48:46 | Computer Name = HOMEOFFICE | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.36 für die Netzwerkkarte mit der Netzwerkadresse
 00166F655607 wurde durch  den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server 
hat eine DHCPNACK-Meldung gesendet).
 
Error - 15.04.2013 06:49:09 | Computer Name = HOMEOFFICE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AnySend" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%3
 
Error - 16.04.2013 02:53:10 | Computer Name = HOMEOFFICE | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.33 für die Netzwerkkarte mit der Netzwerkadresse
 00166F655607 wurde durch  den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server 
hat eine DHCPNACK-Meldung gesendet).
 
Error - 16.04.2013 02:53:30 | Computer Name = HOMEOFFICE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AnySend" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%3
 
Error - 16.04.2013 04:15:49 | Computer Name = HOMEOFFICE | Source = Windows Update Agent | ID = 16
Description = Verbindung kann nicht hergestellt werden: Die Verbindung mit dem Dienst
 für automatische Updates konnte nicht hergestellt werden, so dass keine Updates
 zum angegebenen Zeitplan übertragen und installiert werden können. Es wird weiterhin
 versucht, eine Verbindung herzustellen.
 
Error - 16.04.2013 07:17:27 | Computer Name = HOMEOFFICE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AnySend" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%3
 
Error - 17.04.2013 02:37:11 | Computer Name = HOMEOFFICE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AnySend" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%3
 
Error - 17.04.2013 07:50:49 | Computer Name = HOMEOFFICE | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.37 für die Netzwerkkarte mit der Netzwerkadresse
 00166F655607 wurde durch  den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server 
hat eine DHCPNACK-Meldung gesendet).
 
Error - 17.04.2013 07:51:11 | Computer Name = HOMEOFFICE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AnySend" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%3
 
Error - 18.04.2013 00:47:54 | Computer Name = HOMEOFFICE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AnySend" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%3
 
 
< End of report >
         

Code:
ATTFilter
OTL logfile created on: 18.04.2013 07:38:58 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Privat\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,22 Gb Available Physical Memory | 60,96% Memory free
3,85 Gb Paging File | 3,16 Gb Available in Paging File | 82,03% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 34,04 Gb Total Space | 19,10 Gb Free Space | 56,12% Space Free | Partition Type: NTFS
Drive D: | 12,03 Gb Total Space | 1,71 Gb Free Space | 14,19% Space Free | Partition Type: NTFS
Drive E: | 40,09 Gb Total Space | 18,93 Gb Free Space | 47,22% Space Free | Partition Type: NTFS
 
Computer Name: HOMEOFFICE | User Name: Privat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Privat\Desktop\OTL.exe (OldTimer Tools)
PRC - D:\Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - D:\avast\AvastUI.exe (AVAST Software)
PRC - D:\avast\AvastSvc.exe (AVAST Software)
PRC - D:\DeskTask\DeskTask.exe (Carthago Software)
PRC - D:\phonostar\phonostar\ps_timer.exe (phonostar)
PRC - D:\acrobat_9pro\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - D:\acronis\TrueImageMonitor.exe (Acronis)
PRC - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\WINDOWS\system32\ico.exe (Primax Electronics Ltd.)
 
 
========== Modules (No Company Name) ==========
 
MOD - D:\avast\defs\13041701\algo.dll ()
MOD - D:\Firefox\mozjs.dll ()
MOD - C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Dropbox\bin\libcef.dll ()
MOD - C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Programme\Sony\VAIO Event Service\VESBasePS.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (AnySendService) -- C:\Programme\AnySend\AnySendSVC.exe File not found
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (avast! Antivirus) -- D:\avast\AvastSvc.exe (AVAST Software)
SRV - (SkypeUpdate) -- D:\skype\Updater\Updater.exe (Skype Technologies)
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (AcrSch2Svc) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (SSScsiSV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VzFw) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (Image Converter video recording monitor for VAIO Entertainment) -- C:\Programme\Sony\Image Converter 2\IcVzMon.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (timounter) -- C:\WINDOWS\system32\drivers\timntr.sys (Acronis)
DRV - (tifsfilter) -- C:\WINDOWS\system32\drivers\tifsfilt.sys (Acronis)
DRV - (snapman) -- C:\WINDOWS\system32\drivers\snapman.sys (Acronis)
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswVmm.sys ()
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys ()
DRV - (aswMonFlt) -- C:\WINDOWS\system32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (tifmsony) -- C:\WINDOWS\system32\drivers\tifmsony.sys (Texas Instruments)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (w29n51) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (LEX_AS_NIC_SERVICE_YNOS) -- C:\WINDOWS\system32\drivers\ExpasAG.sys (Atheros Communications, Inc.)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (QV2KUX) -- C:\WINDOWS\system32\drivers\qv2kux.sys (Microsoft Corporation)
DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation)
DRV - (SNC) -- C:\WINDOWS\system32\drivers\SonyNC.sys (Sony Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com/de/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/
 
IE - HKU\S-1-5-21-1726515508-3722681915-3753517806-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-1726515508-3722681915-3753517806-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1726515508-3722681915-3753517806-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://vcl.vaio.sony.co.jp/eu/PforVAIO.htm
IE - HKU\S-1-5-21-1726515508-3722681915-3753517806-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1483
FF - prefs.js..extensions.enabledAddons: %7Bc45c406e-ab73-11d8-be73-000a95be3b12%7D:1.2.2
FF - prefs.js..extensions.enabledAddons: %7Bef62e1ce-d2a4-4cdd-b7ec-92b120366b66%7D:2.7.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: D:\avast\WebRep\FF [2013.03.07 16:35:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: D:\Firefox\components [2013.04.12 13:02:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: D:\Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}: C:\Programme\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
 
[2013.03.07 14:30:29 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Mozilla\Extensions
[2013.03.25 13:12:03 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Mozilla\Firefox\Profiles\s0i9zslq.default\extensions
[2013.03.25 13:12:03 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Mozilla\Firefox\Profiles\s0i9zslq.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2013.03.12 16:01:53 | 001,268,546 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Mozilla\Firefox\Profiles\s0i9zslq.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
[2013.03.11 19:13:03 | 000,817,280 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Mozilla\Firefox\Profiles\s0i9zslq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.03.09 19:04:59 | 000,002,140 | ---- | M] () -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Mozilla\Firefox\Profiles\s0i9zslq.default\searchplugins\lycos.xml
[2013.03.07 16:35:46 | 000,000,000 | ---D | M] (avast! WebRep) -- D:\AVAST\WEBREP\FF
 
O1 HOSTS File: ([2013.03.14 16:51:28 | 000,001,296 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127_0_0_1 activate-adobe-com
O1 - Hosts: 127_0_0_1 practivate-adobe-com
O1 - Hosts: 127_0_0_1 ereg-adobe-com
O1 - Hosts: 127_0_0_1 activate-wip3-adobe-com
O1 - Hosts: 127_0_0_1 wip3-adobe-com
O1 - Hosts: 127_0_0_1 3dns-3-adobe-com
O1 - Hosts: 127_0_0_1 3dns-2-adobe-com
O1 - Hosts: 127_0_0_1 adobe-dns-adobe-com
O1 - Hosts: 127_0_0_1 adobe-dns-2-adobe-com
O1 - Hosts: 127_0_0_1 adobe-dns-3-adobe-com
O1 - Hosts: 127_0_0_1 ereg-wip3-adobe-com
O1 - Hosts: 127_0_0_1 activate-sea-adobe-com
O1 - Hosts: 127_0_0_1 wwis-dubc1-vip60-adobe-com
O1 - Hosts: 127_0_0_1 activate-sjc0-adobe-com
O1 - Hosts: 127_0_0_1 wwis-dubc1-vip60-adobe-com
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\adobe_cs_suite\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\adobe_cs_suite\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKU\S-1-5-21-1726515508-3722681915-3753517806-1007\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1726515508-3722681915-3753517806-1007\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-1726515508-3722681915-3753517806-1007\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-1726515508-3722681915-3753517806-1007\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] D:\acrobat_9pro\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] D:\acrobat_9pro\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AnySend User Interface] C:\Programme\AnySend\AnySendUI.exe File not found
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast] D:\avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PrepareYourVAIO] C:\Programme\Sony\Prepare your VAIO\PYVAlert.exe (Sony Corporation)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [TrueImageMonitor.exe] D:\acronis\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [VAIO Update 2] C:\Programme\Sony\VAIO Update 2\VAIOUpdt.exe (Sony Corporation)
O4 - HKU\S-1-5-21-1726515508-3722681915-3753517806-1007..\Run: [AdobeBridge]  File not found
O4 - HKU\S-1-5-21-1726515508-3722681915-3753517806-1007..\Run: [PhonostarTimer] D:\phonostar\phonostar\ps_timer.exe (phonostar)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\DeskTask.lnk = D:\DeskTask\DeskTask.exe (Carthago Software)
O4 - Startup: C:\Dokumente und Einstellungen\Privat\Startmenü\Programme\Autostart\Dropbox.lnk = C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1726515508-3722681915-3753517806-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Google-Suche - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: &Ins Deutsche übersetzen - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Ähnliche Seiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Im Cache gespeicherte Seite - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Verweisseiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\NPJPI150_05.dll (Sun Microsystems, Inc.)
O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([] in Lokales Intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([] in Lokales Intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([] in Lokales Intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([] in Lokales Intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([] in Lokales Intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([] in Lokales Intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-1726515508-3722681915-3753517806-1007\..Trusted Domains: sony-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-1726515508-3722681915-3753517806-1007\..Trusted Domains: sonystyle-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-1726515508-3722681915-3753517806-1007\..Trusted Domains: vaio-link.com ([]* in Vertrauenswürdige Sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Java Plug-in 1.5.0_05)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Java Plug-in 1.5.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9B491CF-7EEA-4B30-901D-AF6673D30C4C}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (acaptuser32.dll) - C:\WINDOWS\System32\acaptuser32.dll (Adobe Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\VAIO Sea Wallpaper TrueColor 1280x800.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\VAIO Sea Wallpaper TrueColor 1280x800.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.11.21 12:46:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.18 07:36:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Privat\Desktop\OTL.exe
[2013.04.14 11:28:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Privat\Desktop\gofewo-2-11-4
[2013.04.11 20:41:54 | 000,000,000 | ---D | C] -- C:\Programme\Dropbox
[2013.04.11 20:39:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Dropbox
[2013.04.10 20:19:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Skype
[2013.04.10 20:19:50 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype
[2013.04.10 20:19:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype
[2013.04.08 14:26:37 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Privat\Desktop\Kontoauszug_1006556904_Nr_2013_003_per_2013_03_04-Dateien
[2013.04.08 14:26:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Privat\Desktop\Kontoauszug_1006556904_Nr_2013_004_per_2013_04_04-Dateien
[2013.04.06 20:52:04 | 000,076,640 | ---- | C] (MicroHelp, Inc.) -- C:\WINDOWS\System32\MHGAUG32.OCX
[2013.04.06 20:52:04 | 000,038,824 | ---- | C] (MicroHelp Inc.) -- C:\WINDOWS\System32\Mhrun32.dll
[2013.03.27 08:49:47 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\qv2kux.sys
[2013.03.27 08:49:47 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.18 07:40:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2013.04.18 07:36:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Privat\Desktop\OTL.exe
[2013.04.18 06:51:14 | 000,001,677 | ---- | M] () -- C:\Dokumente und Einstellungen\Privat\Startmenü\Programme\Autostart\Tintenwarnungen überwachen - HP Deskjet 1050 J410 series.lnk
[2013.04.18 06:49:46 | 000,022,745 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013.04.18 06:49:43 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.04.18 06:49:38 | 002,257,992 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.04.18 06:47:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.04.18 06:47:33 | 2145,898,496 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.17 14:09:10 | 000,115,910 | ---- | M] () -- C:\WINDOWS\ATMREG.ATM
[2013.04.14 18:18:16 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.04.14 18:18:15 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.04.14 10:14:22 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.04.11 20:42:29 | 000,001,045 | ---- | M] () -- C:\Dokumente und Einstellungen\Privat\Startmenü\Programme\Autostart\Dropbox.lnk
[2013.04.11 19:51:40 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.04.11 10:16:03 | 001,302,528 | ---- | M] () -- C:\Dokumente und Einstellungen\Privat\Desktop\OLFix Outlook-Reperatur.exe
[2013.04.03 11:24:58 | 000,004,608 | ---- | M] () -- C:\Dokumente und Einstellungen\Privat\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.03 09:45:04 | 000,000,469 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\DeskTask.lnk
[2013.03.31 14:31:22 | 000,417,720 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.03.31 14:31:22 | 000,401,418 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.03.31 14:31:22 | 000,075,126 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.03.31 14:31:22 | 000,061,490 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.04.11 20:42:29 | 000,001,045 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\Startmenü\Programme\Autostart\Dropbox.lnk
[2013.04.11 19:51:40 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.04.11 10:15:56 | 001,302,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\Desktop\OLFix Outlook-Reperatur.exe
[2013.04.03 09:45:04 | 000,000,469 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\DeskTask.lnk
[2013.04.01 17:07:25 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.03.15 11:34:34 | 000,000,057 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ament.ini
[2013.03.07 16:36:07 | 000,164,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.03.07 16:36:07 | 000,049,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013.03.07 12:18:41 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2013.03.07 12:05:34 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2013.03.07 12:00:20 | 000,000,057 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2013.03.07 11:56:45 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2005.11.21 13:09:31 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2005.09.03 01:53:21 | 001,484,288 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004.08.04 14:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004.08.04 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         
Für eine Antwort bin ich sehr dankbar.

Danke...der Biker

Alt 18.04.2013, 10:38   #2
M-K-D-B
/// TB-Ausbilder
 
Email-Anhang (ZIP) geöffnet - Standard

Email-Anhang (ZIP) geöffnet



Servus,



Aus deiner Logdatei:
Zitat:
O1 - Hosts: 127_0_0_1 activate-adobe-com
O1 - Hosts: 127_0_0_1 practivate-adobe-com
O1 - Hosts: 127_0_0_1 ereg-adobe-com
O1 - Hosts: 127_0_0_1 activate-wip3-adobe-com
O1 - Hosts: 127_0_0_1 wip3-adobe-com
O1 - Hosts: 127_0_0_1 3dns-3-adobe-com
O1 - Hosts: 127_0_0_1 3dns-2-adobe-com
O1 - Hosts: 127_0_0_1 adobe-dns-adobe-com
O1 - Hosts: 127_0_0_1 adobe-dns-2-adobe-com
O1 - Hosts: 127_0_0_1 adobe-dns-3-adobe-com
O1 - Hosts: 127_0_0_1 ereg-wip3-adobe-com
O1 - Hosts: 127_0_0_1 activate-sea-adobe-com
O1 - Hosts: 127_0_0_1 wwis-dubc1-vip60-adobe-com
O1 - Hosts: 127_0_0_1 activate-sjc0-adobe-com
O1 - Hosts: 127_0_0_1 wwis-dubc1-vip60-adobe-com
Die von mir gelisteten Einträge deuten stark darauf hin, dass auf diesem Rechner Software benutzt wird, die nicht legal erworben wurde.

Supportstopp
Lesestoff:
Cracks und Keygens
Den Kopierschutz von Software zu umgehen ist nach geltendem Recht illegal. Die Logfiles deuten stark darauf hin, dass du nicht legal erworbene Software einsetzt. Zudem sind Cracks und Patches aus dubioser Quelle sehr oft mit Schädlingen versehen, womit man sich also fast vorsätzlich infiziert.

Wir haben uns hier auf dem Board darauf geeinigt, dass wir an dieser Stelle nicht weiter bereinigen, da wir ein solches Vorgehen nicht unterstützen. Hinzu kommt, dass wir dich in unserer Anleitung und auch in diesem Wichtig-Thema unmissverständlich darauf hingewiesen haben, wie wir damit umgehen werden. Saubere, gute Software hat seinen Preis und die Softwarefirmen leben von diesen Einnahmen.

Unsere Hilfe beschränkt sich daher nur auf das Neuaufsetzen und Absichern deines Systems.
Fragen dazu beantworten wir dir aber weiterhin gerne und zwar in unserem Forum.
Damit ist das Thema beendet.
__________________

__________________

Antwort

Themen zu Email-Anhang (ZIP) geöffnet
adobe, adobe after effects, aswrvrt.sys, bho, converter, cs4/contributeieplugin.dll, einstellungen, email, email anhang, error, excel, flash player, focus, format, google, helper, home, homepage, hängen, intranet, mozilla, ntdll.dll, pixel, realtek, registry, rundll, scan, security, software, stick, tcp, third party, trojaner, udp, wajam, zip anhang



Ähnliche Themen: Email-Anhang (ZIP) geöffnet


  1. Fake-Email mit Zip Anhang geöffnet
    Plagegeister aller Art und deren Bekämpfung - 21.06.2015 (21)
  2. DHL-Trojaner-EMail mit PDF-Anhang geöffnet
    Log-Analyse und Auswertung - 17.05.2015 (7)
  3. Email Anhang zip-Datei mit iPhone geöffnet
    Plagegeister aller Art und deren Bekämpfung - 24.01.2015 (5)
  4. A1 Email RTF Datei Anhang mit Word geöffnet
    Plagegeister aller Art und deren Bekämpfung - 15.06.2014 (7)
  5. eMail Anhang geöffnet - Virus auf dem iPhone?
    Smartphone, Tablet & Handy Security - 20.03.2014 (5)
  6. Windows 8.1: Spam Email mit anhang geöffnet !
    Log-Analyse und Auswertung - 22.01.2014 (5)
  7. TR/Matsnu.A.66 im Email Anhang (geöffnet)
    Log-Analyse und Auswertung - 07.10.2013 (19)
  8. MAC OSX 10.7.5 Trojaner.GenericKD. Email-ZIP-Anhang geöffnet.
    Plagegeister aller Art und deren Bekämpfung - 03.10.2013 (3)
  9. verseuchte email mit zip anhang geöffnet
    Plagegeister aller Art und deren Bekämpfung - 01.09.2013 (29)
  10. Ominöser Email-Anhang geöffnet
    Log-Analyse und Auswertung - 26.08.2013 (9)
  11. Spam-Email-Anhang (Zip) geöffnet
    Plagegeister aller Art und deren Bekämpfung - 25.08.2013 (9)
  12. Vermutlich Anhang von verdächtiger Email geöffnet
    Plagegeister aller Art und deren Bekämpfung - 01.07.2013 (17)
  13. Email-Anhang mit TR/Matsnu.EB.140n geöffnet
    Plagegeister aller Art und deren Bekämpfung - 25.04.2013 (27)
  14. Email Anhang mit TR/Matsnu.EB.132 geöffnet
    Plagegeister aller Art und deren Bekämpfung - 02.04.2013 (16)
  15. Groupon Email-Anhang geöffnet
    Plagegeister aller Art und deren Bekämpfung - 17.03.2013 (7)
  16. Email Anhang geöffnet!
    Log-Analyse und Auswertung - 11.03.2013 (44)
  17. Email-Anhang (.zip Datei) geöffnet; Gefälschte Email über Mahngebühren
    Log-Analyse und Auswertung - 25.02.2013 (19)

Zum Thema Email-Anhang (ZIP) geöffnet - Hallo an alle Frühaufsteher, habe heute einen Email Anhang (ZIP-Datei) geöffnet, die allerdings leer war. Die Email ist eine von den kursierenden "Fake-Mahnungen" wo angeblich Rechnungen zu bezahlen sind. Ich - Email-Anhang (ZIP) geöffnet...
Archiv
Du betrachtest: Email-Anhang (ZIP) geöffnet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.