Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: GUV-Trojaner mit Webcam

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 19.07.2014, 17:25   #1
LincHawk
 
GUV-Trojaner mit Webcam - Standard

GUV-Trojaner mit Webcam



Hallo zusammen,

ich habe meinen Rechner mittels der Systemwiederherstellung nache einer Infektion mit dem GUV-Trojaner unter Windows XP nun endlich wieder starten können. Gerne möchte ich dennoch meinen OTL-Log veröffentlichen und um Bewertung bitten.

Herzlichen Dank für eure Hilfe!

Code:
ATTFilter
OTL logfile created on: 08.11.2013 12:38:07 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\uwe\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1021,48 Mb Total Physical Memory | 524,71 Mb Available Physical Memory | 51,37% Memory free
2,40 Gb Paging File | 1,91 Gb Available in Paging File | 79,77% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 27,95 Gb Total Space | 0,21 Gb Free Space | 0,75% Space Free | Partition Type: NTFS
Drive D: | 27,95 Gb Total Space | 3,06 Gb Free Space | 10,96% Space Free | Partition Type: NTFS
Drive F: | 3,76 Gb Total Space | 0,21 Gb Free Space | 5,48% Space Free | Partition Type: FAT32
 
Computer Name: SONY-VAIO | User Name: uwe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\uwe\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (Musicmatch, Inc.)
PRC - C:\Programme\NewSoft\Presto! PVR\URemote.exe (NewSoft)
PRC - C:\Programme\NewSoft\Presto! PVR\Monitor.exe (NewSoft)
PRC - C:\Programme\Sharp\Sharpdesk\SharpTray.exe (SHARP CORPORATION)
PRC - C:\Programme\Sharp\Sharpdesk\Indexer.exe (SHARP CORPORATION)
PRC - C:\Programme\Sharp\Sharpdesk\IndexTray.exe (SHARP CORPORATION)
PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
PRC - C:\Programme\Sharp\Button Manager I\btnman.exe (SHARP CORPORATION)
PRC - C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE (Logitech Inc.)
PRC - C:\Programme\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
PRC - C:\Programme\Trend Micro\Internet Security\tmproxy.exe (Trend Micro Incorporated.)
PRC - C:\Programme\Trend Micro\Internet Security\Tmntsrv.exe (Trend Micro Incorporated.)
PRC - C:\Programme\Trend Micro\Internet Security\PCCPFW.exe (Trend Micro Incorporated.)
PRC - C:\Programme\Trend Micro\Internet Security\pccguide.exe (Trend Micro Incorporated.)
PRC - C:\Programme\Trend Micro\Internet Security\PCClient.exe (Trend Micro Incorporated.)
PRC - C:\Programme\Trend Micro\Internet Security\TMOAgent.exe (Trend Micro Incorporated.)
PRC - C:\Programme\powerpanel\Program\PcfMgr.exe (Phoenix Technologies Ltd.)
PRC - C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
PRC - C:\Programme\sony\HotKey Utility\HKWnd.exe (Sony Corporation)
PRC - C:\Programme\sony\HotKey Utility\HKServ.exe (Sony Corporation)
PRC - C:\Programme\sony\photo server\appsrv\PhotoAppSrv.exe (Sony Corporation)
PRC - C:\Programme\drag'n drop cd+dvd\BinFiles\DragDrop.exe ()
PRC - C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\WINDOWS\system32\PL15Co2K.exe (Prolific Technology Inc.)
PRC - C:\Programme\SigmaTel\C-Major Audio\stacmon.exe ()
PRC - C:\Programme\sony\vaio media music server\SSSvr.exe (Sony Corporation)
PRC - C:\Programme\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\WINDOWS\system32\ezSP_Px.exe (Easy Systems Japan Ltd.)
PRC - C:\WINDOWS\system32\ico.exe (Primax Electronics Ltd.)
PRC - C:\Programme\Borland\InterBase\bin\ibguard.exe (Inprise Corporation)
PRC - C:\Programme\Borland\InterBase\bin\ibserver.exe (Inprise Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\msjetoledb40.dll ()
MOD - C:\Programme\ICQLite\ICQLiteShell.dll ()
MOD - C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\TrackUtils.dll ()
MOD - C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\CoreDll.dll ()
MOD - C:\Programme\Logitech\SetPoint\gamehook.dll ()
MOD - C:\Programme\Trend Micro\Internet Security\TmpeUrlF.dll ()
MOD - C:\Programme\Trend Micro\Internet Security\TmpeAspm.dll ()
MOD - C:\Programme\Trend Micro\Internet Security\tmdbg.dll ()
MOD - C:\Programme\drag'n drop cd+dvd\BinFiles\DDCDRES.dll ()
MOD - C:\Programme\drag'n drop cd+dvd\BinFiles\DragDrop.exe ()
MOD - C:\Programme\sony\vaio media music server\SSSvrRes.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\SigmaTel\C-Major Audio\stacmon.exe ()
MOD - C:\Programme\powerpanel\Program\bsntsbs.dll ()
MOD - C:\Programme\powerpanel\Program\Bsacpicm.dll ()
MOD - C:\Programme\powerpanel\Program\PMOptionMsg.dll ()
MOD - C:\Programme\drag'n drop cd+dvd\BinFiles\ezID3.dll ()
MOD - C:\Programme\drag'n drop cd+dvd\BinFiles\ezLICEN1.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (VAIOMediaPlatform-PhotoServer-UPnP) -- C:\Programme\Gemeinsame Dateien\sony shared\vaio media platform\UPnPFramework.exe File not found
SRV - (VAIOMediaPlatform-PhotoServer-HTTP) -- C:\Programme\Gemeinsame Dateien\sony shared\vaio media platform\SV_Httpd.exe /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot=Software\Sony Corporation\VAIO Media Platform\2.0 /RegExt=\Applications\PhotoServer\HTTP File not found
SRV - (VAIOMediaPlatform-MusicServer-UPnP) -- C:\Programme\Gemeinsame Dateien\Sony Shared\vaio media platform\UPnPFramework.exe File not found
SRV - (VAIOMediaPlatform-MusicServer-HTTP) -- C:\Programme\Gemeinsame Dateien\Sony Shared\vaio media platform\sv_httpd.exe /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot=Software\Sony Corporation\VAIO Media Platform\2.0 /RegExt=Applications\MusicServer\HTTP File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (getPlusHelper) -- C:\Programme\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (Iprip) -- C:\WINDOWS\system32\iprip.dll (Microsoft Corporation)
SRV - (de_serv) -- C:\Programme\Gemeinsame Dateien\AVM\De_serv.exe (AVM Berlin)
SRV - (Adobe LM Service) -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe ()
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (TSMService) -- C:\Programme\TSMSvc.exe (T-Systems Nova, Berkom)
SRV - (tmproxy) -- C:\Programme\Trend Micro\Internet Security\tmproxy.exe (Trend Micro Incorporated.)
SRV - (Tmntsrv) -- C:\Programme\Trend Micro\Internet Security\Tmntsrv.exe (Trend Micro Incorporated.)
SRV - (PccPfw) -- C:\Programme\Trend Micro\Internet Security\PCCPFW.exe (Trend Micro Incorporated.)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (VAIOMediaPlatform-PhotoServer-AppServer) -- C:\Programme\sony\photo server\appsrv\PhotoAppSrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-MusicServer-AppServer) -- C:\Programme\sony\vaio media music server\SSSvr.exe (Sony Corporation)
SRV - (InterBaseGuardian) -- C:\Programme\Borland\InterBase\bin\ibguard.exe (Inprise Corporation)
SRV - (InterBaseServer) -- C:\Programme\Borland\InterBase\bin\ibserver.exe (Inprise Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (SYMIDSCO) -- C:\WINDOWS\System32\Drivers\SYMIDSCO.SYS File not found
DRV - (RTLWUSB) -- System32\DRIVERS\wg111v2.sys File not found
DRV - (PONDIS5) -- C:\WINDOWS\System32\PONDIS5.SYS File not found
DRV - (PfModNT) -- C:\WINDOWS\System32\PfModNT.sys File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCMCIAFVNETR) -- System32\DRIVERS\fvnetr.sys File not found
DRV - (PCIDump) --  File not found
DRV - (M9207) -- System32\DRIVERS\M9207BDA.sys File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (BOVOLUME) -- C:\PROGRA~1\T-DSLB~1\BOVOLUME.SYS File not found
DRV - (BOProtocol) --  File not found
DRV - (BCM43XX) -- System32\DRIVERS\bcmwl5.sys File not found
DRV - (Atndav6dpetr) --  File not found
DRV - (ATMEL FVNETusb (AR) -- System32\DRIVERS\vnetusbr.sys File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (AR5416) -- C:\WINDOWS\system32\drivers\ar5416.sys (Atheros Communications, Inc.)
DRV - (TDDIWAN) -- C:\WINDOWS\system32\drivers\WTDDI.sys (T-Systems Nova GmbH)
DRV - (CBPSp50) -- C:\WINDOWS\system32\drivers\CBPSp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (tm_cfw) -- C:\WINDOWS\system32\drivers\TM_CFW.sys (Trend Micro Inc.)
DRV - (LHidKe) -- C:\WINDOWS\system32\drivers\LHidKE.Sys (Logitech, Inc.)
DRV - (LMouKE) -- C:\WINDOWS\system32\drivers\LMouKE.Sys (Logitech, Inc.)
DRV - (LUsbKbd) -- C:\WINDOWS\system32\drivers\LUsbKbd.sys (Logitech, Inc.)
DRV - (LHidUsbK) -- C:\WINDOWS\system32\drivers\LHidUsbK.sys (Logitech, Inc.)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV - (Vsapint) -- C:\WINDOWS\system32\drivers\VSAPINT.SYS (Trend Micro Inc.)
DRV - (Tmfilter) -- C:\WINDOWS\system32\drivers\TmXPFlt.sys (Trend Micro Inc.)
DRV - (Tmpreflt) -- C:\WINDOWS\system32\drivers\tmpreflt.sys (Trend Micro Inc.)
DRV - (hardlock) -- C:\WINDOWS\system32\drivers\hardlock.sys (Aladdin Knowledge Systems)
DRV - (Haspnt) -- C:\WINDOWS\system32\drivers\Haspnt.sys (Aladdin Knowledge Systems)
DRV - (vnccom) -- C:\WINDOWS\system32\drivers\vnccom.SYS (RDV Soft)
DRV - (vncdrv) -- C:\WINDOWS\system32\drivers\vncdrv.sys (RDV Soft)
DRV - (BOAdapter) -- C:\WINDOWS\system32\drivers\BOPPPoE.sys (T-Systems Nova GmbH, Berkom Berlin)
DRV - (TNPacket) -- C:\Programme\TNPACKET.SYS (T-Systems Nova GmbH)
DRV - (tmtdi) -- C:\WINDOWS\system32\drivers\tmtdi.sys (Trend Micro Inc.)
DRV - (STAC97) -- C:\WINDOWS\system32\drivers\stac97.sys (SigmaTel, Inc.)
DRV - (PFMPR5) -- C:\WINDOWS\system32\PFMPR5.sys (Perfigo, Inc.)
DRV - (PFNDIS5) -- C:\WINDOWS\system32\PFNDIS5.sys (Perfigo, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSFHWSIS) -- C:\WINDOWS\system32\drivers\HSFHWSIS.sys (Conexant Systems, Inc.)
DRV - (LEX_AS_NIC_SERVICE_YNOS) -- C:\WINDOWS\system32\drivers\ExpasAG.sys (Atheros Communications, Inc.)
DRV - (LMouFlt2) -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys (Logitech, Inc.)
DRV - (LHidUsb) -- C:\WINDOWS\system32\drivers\LHidUsb.sys (Logitech, Inc.)
DRV - (LHidFlt2) -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys (Logitech, Inc.)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (SPI) -- C:\WINDOWS\system32\drivers\SonyPI.sys (Sony Corporation)
DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation)
DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation)
DRV - (SNC) -- C:\WINDOWS\system32\drivers\SonyNC.sys (Sony Corporation)
DRV - (PCANDIS5) -- C:\Programme\PCANDIS5.SYS (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (OlCamudp) -- C:\WINDOWS\system32\drivers\olcamudp.sys (OLYMPUS Optical Co.,Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:NavigationFailure
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:NavigationFailure
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = about:NavigationFailure
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = about:NavigationFailure
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://google.icq.com/search/search_frame.php
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.icq.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:NavigationFailure
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll (ICQ Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {D8B85796-C341-46BF-BE47-CEF43AF5FBE0}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119776&tt=030213_de&babsrc=SP_ss&mntrId=f0490058000000000000080046aa917d
IE - HKCU\..\SearchScopes\{7856B765-852A-4657-B2E1-97A900C63CC3}: "URL" = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\..\SearchScopes\{D8B85796-C341-46BF-BE47-CEF43AF5FBE0}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_deDE452
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Programme\Real\RealOne Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2629: C:\Programme\Real\RealOne Player\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Programme\Real\RealOne Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/Acrobat,version=5.1: C:\Programme\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
 
 
[2013.02.04 17:09:12 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\uwe\Anwendungsdaten\Mozilla\Firefox\Profiles\extensions
[2012.12.13 21:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\uwe\Anwendungsdaten\Mozilla\Firefox\Profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi
[2013.02.04 17:09:59 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
 
O1 HOSTS File: ([2002.08.29 13:00:00 | 000,000,820 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Reg Error: Value error.) - {28783B66-DBC1-4900-8492-C809ABAEE7AA} - C:\WINDOWS\System32\lhgl.dll File not found
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ICQ  Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll (ICQ Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [CamMonitor] C:\Programme\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe File not found
O4 - HKLM..\Run: [ChangeFilterMerit] C:\Programme\NewSoft\Presto! PVR\ChangeFilterMerit.exe ()
O4 - HKLM..\Run: [Drag'n Drop CD+DVD] C:\Programme\drag'n drop cd+dvd\BinFiles\DragDrop.exe ()
O4 - HKLM..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe (Easy Systems Japan Ltd.)
O4 - HKLM..\Run: [HI-SPEED USB DEVICE Coinstaller] C:\WINDOWS\System32\PL15Co2K.exe (Prolific Technology Inc.)
O4 - HKLM..\Run: [HKSERV.EXE] C:\Programme\sony\HotKey Utility\HKServ.exe (Sony Corporation)
O4 - HKLM..\Run: [Indexer] C:\Programme\Sharp\Sharpdesk\Indexer.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [IndexTray] C:\Programme\Sharp\Sharpdesk\IndexTray.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [Lexmark X1100 Series] "C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe" File not found
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [MMTray] C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [pccguide.exe] C:\Programme\Trend Micro\Internet Security\pccguide.exe (Trend Micro Incorporated.)
O4 - HKLM..\Run: [PCClient.exe] C:\Programme\Trend Micro\Internet Security\PCClient.exe (Trend Micro Incorporated.)
O4 - HKLM..\Run: [Presto! PVR Monitor] C:\Programme\NewSoft\Presto! PVR\Monitor.exe (NewSoft)
O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe File not found
O4 - HKLM..\Run: [SharpTray] C:\Programme\Sharp\Sharpdesk\SharpTray.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [SigmaTel StacMon] C:\Programme\SigmaTel\C-Major Audio\stacmon.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TM Outbreak Agent] C:\Programme\Trend Micro\Internet Security\TMOAgent.exe (Trend Micro Incorporated.)
O4 - HKLM..\Run: [TomTomHOME.exe] "C:\Programme\TomTom HOME\TomTomHOME.exe" -s File not found
O4 - HKLM..\Run: [TypeRegChecker] C:\Programme\Sharp\Sharpdesk\TypeRegChecker.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [URemote] C:\Programme\NewSoft\Presto! PVR\URemote.exe (NewSoft)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Button Manager I.lnk = C:\Programme\Sharp\Button Manager I\btnman.exe (SHARP CORPORATION)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\PowerPanel.lnk = C:\Programme\powerpanel\Program\PcfMgr.exe (Phoenix Technologies Ltd.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (ICQ Ltd.)
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (ICQ Ltd.)
O15 - HKCU\..Trusted Domains:   ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: sony-europe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sonystyle-europe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: vaio-link.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range19 ([*] in Local intranet)
O16 - DPF: {01E54593-BE14-4D6B-9310-37C0145EFE42} file:///E:/CDVIEWER11/CdViewer.cab (AMI DicomDir TreeView Control 1.1)
O16 - DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} Reg Error: Value error. (dnlplayer Class)
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0653EB37-7D15-4DF6-A1A4-A6A63512F3BA}: NameServer = 195.185.185.195,192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71E0B8C6-7AFD-4E67-ACCE-A9E1573B95ED}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sds {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Programme\Sharp\Sharpdesk\ExplorerExtensions.dll (SHARP CORPORATION)
O18 - Protocol\Filter\text/html {498A12C9-A9CD-4676-9D2B-0DC9A26CF1BB} - C:\WINDOWS\System32\lhgl.dll File not found
O18 - Protocol\Filter\text/plain {498A12C9-A9CD-4676-9D2B-0DC9A26CF1BB} - C:\WINDOWS\System32\lhgl.dll File not found
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003.08.01 11:20:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.11.08 12:37:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\uwe\Desktop\OTL.exe
[2013.11.08 12:24:53 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2013.11.08 12:24:38 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2013.11.08 12:24:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ Malwarebytes Anti-Malware 
[2013.11.08 12:24:24 | 000,053,208 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2013.11.08 12:24:24 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.11.08 12:24:24 | 000,000,000 | ---D | C] -- C:\Programme\ Malwarebytes Anti-Malware 
[2013.11.08 12:24:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2013.11.08 11:55:08 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011.06.08 13:24:44 | 049,466,264 | ---- | C] (Adobe Systems Incorporated) -- C:\Programme\AdbeRdr1001_de_DE.exe
[2004.07.19 10:04:14 | 000,139,264 | ---- | C] (T-Systems Nova GmbH) -- C:\Programme\DSLTest3.dll
[2004.07.15 09:50:12 | 000,872,448 | ---- | C] (T-Systems Nova GmbH) -- C:\Programme\TDSLTest.exe
[2004.07.14 15:13:40 | 000,090,112 | ---- | C] (T-Systems Nova GmbH) -- C:\Programme\TSMInst.exe
[2004.07.14 15:01:12 | 000,397,312 | ---- | C] (T-Systems Nova, Berkom) -- C:\Programme\SpeedMgr.exe
[2004.07.14 15:00:44 | 000,147,456 | ---- | C] (T-Systems Nova, Berkom) -- C:\Programme\TSMSvc.exe
[2004.07.14 15:00:28 | 000,364,544 | ---- | C] (T-Systems Nova, Berkom) -- C:\Programme\TSM.dll
[2004.03.11 16:44:26 | 000,009,696 | ---- | C] (T-Systems Nova GmbH) -- C:\Programme\TNPACKET.SYS
[2003.09.25 13:40:34 | 000,241,664 | ---- | C] (T-Systems Nova) -- C:\Programme\TSMDBand.dll
[2001.03.15 18:55:26 | 000,040,960 | ---- | C] (T-Systems, T-Nova Deutsche Telekom Innovationsgesellschaft mbH, Berkom Berlin) -- C:\Programme\DSLTest.dll
[2000.10.15 17:38:54 | 000,016,068 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Programme\PCANDIS5.SYS
[2000.10.15 17:22:30 | 000,061,440 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Programme\W32N50.DLL
[2000.10.15 14:44:34 | 000,016,048 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Programme\PCANDIS4.SYS
[40 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014.07.19 17:50:20 | 143,880,056 | ---- | M] () -- C:\Dokumente und Einstellungen\uwe\Desktop\avira_free_antivirus_de_464.exe
[2014.07.19 17:47:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\uwe\Desktop\OTL.exe
[2014.05.12 07:26:02 | 000,053,208 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014.05.12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.11.08 12:44:00 | 000,000,392 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2013.11.08 12:41:22 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.11.08 12:24:54 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2013.11.08 12:24:31 | 000,000,753 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.11.08 12:01:24 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.11.08 12:01:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.11.08 12:01:12 | 000,211,288 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.11.08 11:33:17 | 095,023,320 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0429835.pad
[2013.11.08 11:04:56 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[40 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.11.08 12:30:51 | 143,880,056 | ---- | C] () -- C:\Dokumente und Einstellungen\uwe\Desktop\avira_free_antivirus_de_464.exe
[2013.11.08 12:24:31 | 000,000,753 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.15 22:29:51 | 000,002,747 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0429835.js
[2013.02.15 22:29:25 | 095,023,320 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0429835.pad
[2012.06.21 13:59:07 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.06.12 20:58:04 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004.09.03 12:28:03 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2004.07.19 11:25:16 | 000,006,216 | ---- | C] () -- C:\Programme\TDSLSM.INF
[2003.10.09 23:20:27 | 000,093,184 | ---- | C] () -- C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003.07.08 14:06:40 | 000,005,408 | ---- | C] () -- C:\Programme\ReConfig.dll
[2002.03.13 14:32:08 | 000,000,896 | ---- | C] () -- C:\Programme\TDSLCh16.dll
[2001.01.26 13:43:20 | 000,002,144 | ---- | C] () -- C:\Programme\PCIDUMPR.SYS
 
========== ZeroAccess Check ==========
 
[2004.09.03 11:13:49 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2008.04.14 03:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008.04.14 03:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         

Alt 19.07.2014, 19:52   #2
schrauber
/// the machine
/// TB-Ausbilder
 

GUV-Trojaner mit Webcam - Standard

GUV-Trojaner mit Webcam



Scan bitte wiederholen mit Scan All Users
__________________

__________________

Alt 19.07.2014, 21:11   #3
LincHawk
 
GUV-Trojaner mit Webcam - Standard

GUV-Trojaner mit Webcam



Hallo "schrauber",

vielen Dank für Deine Hilfe.

Hier wie gewünscht die entsprechenden Logfiles:

FRST.txt:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:19-07-2014
Ran by uwe (administrator) on SONY-VAIO on 19-07-2014 16:34:31
Running from C:\Dokumente und Einstellungen\uwe\Desktop\Neuer Ordner (2)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Google Inc.) C:\Programme\Google\Update\GoogleUpdate.exe
(Inprise Corporation) C:\Programme\Borland\InterBase\bin\ibguard.exe
(Sun Microsystems, Inc.) C:\Programme\Java\jre6\bin\jqs.exe
(Microsoft Corporation) C:\WINDOWS\system32\tcpsvcs.exe
(Microsoft Corporation) C:\WINDOWS\system32\snmp.exe
(Sony Corporation) C:\Programme\sony\vaio media music server\SSSvr.exe
(Sony Corporation) C:\Programme\sony\photo server\appsrv\PhotoAppSrv.exe
(Inprise Corporation) C:\Programme\Borland\InterBase\bin\ibserver.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Alps Electric Co., Ltd.) C:\Programme\Apoint\Apoint.exe
() C:\Programme\SigmaTel\C-Major Audio\stacmon.exe
(Primax Electronics Ltd.) C:\WINDOWS\system32\ico.exe
(Sony Corporation) C:\Programme\sony\HotKey Utility\HKServ.exe
(Easy Systems Japan Ltd.) C:\WINDOWS\system32\ezSP_Px.exe
() C:\Programme\drag'n drop cd+dvd\BinFiles\DragDrop.exe
(Sony Corporation) C:\Programme\sony\HotKey Utility\HKWnd.exe
(Logitech Inc.) C:\WINDOWS\LOGI_MWX.EXE
(Musicmatch, Inc.) C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
(Prolific Technology Inc.) C:\WINDOWS\system32\PL15Co2K.exe
(NewSoft) C:\Programme\NewSoft\Presto! PVR\URemote.exe
(NewSoft) C:\Programme\NewSoft\Presto! PVR\Monitor.exe
(Musicmatch Inc.) C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
(Alps Electric Co., Ltd.) C:\Programme\Apoint\ApntEx.exe
(SHARP CORPORATION) C:\Programme\Sharp\Sharpdesk\IndexTray.exe
(SHARP CORPORATION) C:\Programme\Sharp\Sharpdesk\Indexer.exe
(SHARP CORPORATION) C:\Programme\Sharp\Sharpdesk\SharpTray.exe
(SHARP CORPORATION) C:\Programme\Sharp\Sharpdesk\Indexer.exe
(Sun Microsystems, Inc.) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(SHARP CORPORATION) C:\Programme\Sharp\Button Manager I\btnman.exe
(Logitech Inc.) C:\Programme\Logitech\SetPoint\SetPoint.exe
(Phoenix Technologies Ltd.) C:\Programme\powerpanel\Program\PcfMgr.exe
(WinZip Computing, Inc.) C:\Programme\WinZip\WZQKPICK.EXE
(Logitech Inc.) C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
(OldTimer Tools) C:\Dokumente und Einstellungen\uwe\Desktop\Neuer Ordner (2)\OTL.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Policies\Explorer: [NoCDBurning] 0
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Button Manager I.lnk
ShortcutTarget: Button Manager I.lnk -> C:\Programme\Sharp\Button Manager I\btnman.exe (SHARP CORPORATION)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\PowerPanel.lnk
ShortcutTarget: PowerPanel.lnk -> C:\Programme\powerpanel\Program\PcfMgr.exe (Phoenix Technologies Ltd.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WinZip Quick Pick.lnk
ShortcutTarget: WinZip Quick Pick.lnk -> C:\Programme\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.icq.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
URLSearchHook: HKCU - ICQ  Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll No File
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - DefaultScope {D8B85796-C341-46BF-BE47-CEF43AF5FBE0} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_deDE452
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {7856B765-852A-4657-B2E1-97A900C63CC3} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
SearchScopes: HKCU - {D8B85796-C341-46BF-BE47-CEF43AF5FBE0} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_deDE452
BHO: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name -> {28783B66-DBC1-4900-8492-C809ABAEE7AA} -> C:\WINDOWS\System32\lhgl.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - ICQ  Toolbar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll No File
DPF: {01E54593-BE14-4D6B-9310-37C0145EFE42} file:///E:/CDVIEWER11/CdViewer.cab
DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} 
DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} 
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: sds - {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Programme\Sharp\Sharpdesk\ExplorerExtensions.dll (SHARP CORPORATION)
Filter: text/html - {498A12C9-A9CD-4676-9D2B-0DC9A26CF1BB} - C:\WINDOWS\System32\lhgl.dll No File
Filter: text/plain - {498A12C9-A9CD-4676-9D2B-0DC9A26CF1BB} - C:\WINDOWS\System32\lhgl.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0653EB37-7D15-4DF6-A1A4-A6A63512F3BA}: [NameServer]195.185.185.195,192.168.2.1

FireFox:
========
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 - C:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin - C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2571 - C:\Programme\Real\RealOne Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2629 - C:\Programme\Real\RealOne Player\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1739 - C:\Programme\Real\RealOne Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @adobe.com/Acrobat,version=5.1 - C:\Programme\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Movie2kDownloader - C:\Dokumente und Einstellungen\uwe\Anwendungsdaten\Mozilla\Firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012-12-13]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Programme\Java\jre6\lib\deploy\jqs\ff [2011-10-08]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-12-31]

========================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2005-04-03] () [File not signed]
S3 de_serv; C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe [315392 2005-11-21] (AVM Berlin) [File not signed]
S3 getPlusHelper; C:\Programme\NOS\bin\getPlus_Helper.dll [67360 2010-02-19] (NOS Microsystems Ltd.)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2012-09-09] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2012-09-09] (Google Inc.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 InterBaseGuardian; C:\Programme\Borland\InterBase\bin\ibguard.exe [22016 2001-01-05] (Inprise Corporation) [File not signed]
R3 InterBaseServer; C:\Programme\Borland\InterBase\bin\ibserver.exe [1701888 2001-01-05] (Inprise Corporation) [File not signed]
R2 Iprip; C:\WINDOWS\System32\iprip.dll [36864 2008-04-14] (Microsoft Corporation)
R2 JavaQuickStarterService; C:\Programme\Java\jre6\bin\jqs.exe [153376 2011-10-08] (Sun Microsystems, Inc.)
S3 LPDSVC; C:\WINDOWS\System32\tcpsvcs.exe [19456 2002-08-29] (Microsoft Corporation)
S2 NVSvc; C:\WINDOWS\System32\nvsvc32.exe [65536 2003-05-02] (NVIDIA Corporation) [File not signed]
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
S2 PEVSystemStart; C:\ComboFix\SWREG.3XE [518144 2000-08-31] (SteelWerX) [File not signed]
S3 TSMService; C:\Programme\tsmsvc.exe [147456 2004-07-14] (T-Systems Nova, Berkom) [File not signed]
R2 VAIOMediaPlatform-MusicServer-AppServer; C:\Programme\sony\vaio media music server\SSSvr.exe [536648 2003-03-18] (Sony Corporation) [File not signed]
R2 VAIOMediaPlatform-PhotoServer-AppServer; C:\Programme\sony\photo server\appsrv\PhotoAppSrv.exe [860160 2003-06-24] (Sony Corporation) [File not signed]
S2 VAIOMediaPlatform-MusicServer-HTTP; "C:\Programme\Gemeinsame Dateien\Sony Shared\vaio media platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP" [X]
S2 VAIOMediaPlatform-MusicServer-UPnP; C:\Programme\Gemeinsame Dateien\Sony Shared\vaio media platform\UPnPFramework.exe [X]
S2 VAIOMediaPlatform-PhotoServer-HTTP; "C:\Programme\Gemeinsame Dateien\sony shared\vaio media platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP" [X]
S2 VAIOMediaPlatform-PhotoServer-UPnP; C:\Programme\Gemeinsame Dateien\sony shared\vaio media platform\UPnPFramework.exe [X]

==================== Drivers (Whitelisted) ====================

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21035 2007-09-05] (Meetinghouse Data Communications) [File not signed]
R3 ApfiltrService; C:\WINDOWS\System32\DRIVERS\Apfiltr.sys [93700 2003-06-10] (Alps Electric Co., Ltd.) [File not signed]
S3 AR5416; C:\WINDOWS\System32\DRIVERS\ar5416.sys [1002560 2006-06-23] (Atheros Communications, Inc.) [File not signed]
R3 BOAdapter; C:\WINDOWS\System32\DRIVERS\BOPPPoE.sys [39152 2004-06-21] (T-Systems Nova GmbH, Berkom Berlin) [File not signed]
S3 BOProtocol; C:\WINDOWS\System32\DRIVERS [0 2013-11-08] () [File not signed]
S3 CBPSp50; C:\WINDOWS\System32\Drivers\CBPSp50.sys [20096 2005-11-19] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 hardlock; C:\WINDOWS\System32\drivers\hardlock.sys [665600 2004-09-03] (Aladdin Knowledge Systems) [File not signed]
R2 Haspnt; C:\WINDOWS\System32\drivers\Haspnt.sys [47616 2004-09-03] (Aladdin Knowledge Systems) [File not signed]
R3 HSFHWSIS; C:\WINDOWS\System32\DRIVERS\HSFHWSIS.sys [156288 2003-08-01] (Conexant Systems, Inc.)
S3 LEX_AS_NIC_SERVICE_YNOS; C:\WINDOWS\System32\DRIVERS\ExpasAG.sys [323200 2003-07-01] (Atheros Communications, Inc.)
S3 LHidUsb; C:\WINDOWS\System32\Drivers\LHidUsb.Sys [37884 2003-06-30] (Logitech, Inc.)
S3 LHidUsbK; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [36480 2004-12-10] (Logitech, Inc.)
S3 LUsbKbd; C:\WINDOWS\System32\Drivers\LUsbKbd.Sys [15744 2004-12-10] (Logitech, Inc.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [110296 2013-11-08] (Malwarebytes Corporation)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 OlCamudp; C:\WINDOWS\System32\Drivers\olcamudp.sys [10379 2000-02-09] (OLYMPUS Optical Co.,Ltd.) [File not signed]
S3 PCANDIS5; C:\Programme\PCANDIS5.SYS [16068 2000-10-15] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 PFMPR5; C:\WINDOWS\System32\PFMPR5.SYS [16896 2003-09-02] (Perfigo, Inc.) [File not signed]
S3 PFNDIS5; C:\WINDOWS\System32\PFNDIS5.SYS [15872 2003-09-02] (Perfigo, Inc.) [File not signed]
R3 SISNIC; C:\WINDOWS\System32\DRIVERS\sisnic.sys [32256 2002-07-10] (SiS Corporation)
R3 SNC; C:\WINDOWS\System32\Drivers\SonyNC.sys [48896 2000-11-09] (Sony Corporation) [File not signed]
R3 SPI; C:\WINDOWS\System32\DRIVERS\SonyPI.sys [71961 2002-08-20] (Sony Corporation) [File not signed]
R3 STAC97; C:\WINDOWS\System32\drivers\STAC97.sys [244496 2003-10-09] (SigmaTel, Inc.)
R3 TDDIWAN; C:\WINDOWS\System32\DRIVERS\WTDDI.SYS [162688 2006-01-25] (T-Systems Nova GmbH) [File not signed]
S3 TNPacket; C:\Programme\TNPACKET.SYS [9696 2004-03-11] (T-Systems Nova GmbH) [File not signed]
R2 vnccom; C:\WINDOWS\System32\Drivers\vnccom.SYS [6016 2004-06-26] (RDV Soft) [File not signed]
R3 vncdrv; C:\WINDOWS\System32\DRIVERS\vncdrv.sys [4736 2004-06-26] (RDV Soft) [File not signed]
S3 ATMEL FVNETusb (AR)(R); System32\DRIVERS\vnetusbr.sys [X]
S3 Atndav6dpetr; No ImagePath
S3 BCM43XX; System32\DRIVERS\bcmwl5.sys [X]
S3 BOVOLUME; \??\C:\PROGRA~1\T-DSLB~1\BOVOLUME.SYS [X]
S4 IntelIde; No ImagePath
S1 M9207; System32\DRIVERS\M9207BDA.sys [X]
S3 PCMCIAFVNETR; System32\DRIVERS\fvnetr.sys [X]
S2 PfModNT; \??\C:\WINDOWS\System32\PfModNT.sys [X]
S3 PONDIS5; \??\C:\WINDOWS\System32\PONDIS5.SYS [X]
S3 RTLWUSB; System32\DRIVERS\wg111v2.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SYMIDSCO; \SystemRoot\System32\Drivers\SYMIDSCO.SYS [X]
U3 TlntSvr; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-19 16:29 - 2014-07-19 16:34 - 00000000 ____D () C:\FRST
2014-07-19 16:11 - 2014-07-19 16:11 - 00004631 _____ () C:\Dokumente und Einstellungen\uwe\Desktop\JRT.txt
2014-07-19 16:04 - 2014-07-19 16:04 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-19 13:17 - 2014-07-19 13:21 - 00000000 ___SD () C:\ComboFix
2014-07-19 13:17 - 2011-06-26 08:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2014-07-19 13:17 - 2010-11-07 19:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2014-07-19 13:17 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-07-19 13:17 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-07-19 13:17 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-07-19 13:17 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-07-19 13:17 - 2000-08-31 02:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2014-07-19 13:17 - 2000-08-31 02:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2014-07-19 13:17 - 2000-08-31 02:00 - 00068096 _____ () C:\WINDOWS\zip.exe

==================== One Month Modified Files and Folders =======

2014-07-19 16:34 - 2014-07-19 16:29 - 00000000 ____D () C:\FRST
2014-07-19 16:34 - 2013-11-08 14:08 - 00000000 ____D () C:\Dokumente und Einstellungen\uwe\Desktop\Neuer Ordner (2)
2014-07-19 16:34 - 2003-10-11 19:56 - 00000392 _____ () C:\WINDOWS\Tasks\Symantec NetDetect.job
2014-07-19 16:34 - 2003-10-10 00:20 - 00000000 ____D () C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp
2014-07-19 16:25 - 2013-11-08 14:15 - 00000000 ____D () C:\AdwCleaner
2014-07-19 16:24 - 2003-08-01 12:23 - 00032606 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-19 16:11 - 2014-07-19 16:11 - 00004631 _____ () C:\Dokumente und Einstellungen\uwe\Desktop\JRT.txt
2014-07-19 16:06 - 2003-08-01 13:13 - 00000000 ___RD () C:\Programme
2014-07-19 16:05 - 2008-07-19 21:10 - 01648612 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-19 16:04 - 2014-07-19 16:04 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-19 16:03 - 2012-09-09 07:26 - 00001080 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-19 16:03 - 2003-08-01 13:16 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2014-07-19 16:03 - 2003-08-01 13:16 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-07-19 16:03 - 2003-08-01 12:20 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-19 16:03 - 2003-08-01 11:55 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-19 13:21 - 2014-07-19 13:17 - 00000000 ___SD () C:\ComboFix

Files to move or delete:
====================
C:\Dokumente und Einstellungen\stick\Firefox Setup 3.6.13.exe
C:\Dokumente und Einstellungen\stick\PRINTKEY2000.EXE


Some content of TEMP:
====================
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\AutoRun.exe
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\AutoRunGUI.dll
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\eauninstall.exe
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\FileSystemView.dll
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\GoogleToolbarInstaller_en32_signed.exe
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\ICQInstall.exe
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\ICQRT.dll
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\ICQTIK.dll
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\install_flashplayer11x32ax_gtba_aih.exe
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\InstHelp.dll
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\jre-6u37-windows-i586-iftw.exe
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\killti.exe
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\kvn.exe
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\Need For Speed Underground_uninst.exe
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\rtdrvmon.exe
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\setup_wm.exe
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\start.exe
C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:19-07-2014
Ran by uwe at 2014-07-19 16:35:47
Running from C:\Dokumente und Einstellungen\uwe\Desktop\Neuer Ordner (2)
Boot Mode: Normal
==========================================================


==================== Security Center ========================


==================== Installed Programs ======================

Adobe Acrobat 5.0 (HKLM\...\Adobe Acrobat 5.0) (Version: 5.1 - Adobe Systems, Inc.)
Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.63 - NOS Microsystems Ltd.)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.3.300.265 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Photoshop Elements 2.0 (HKLM\...\Adobe Photoshop Elements 2.0) (Version: 2.0 - Adobe Systems, Inc.)
Adobe Premiere 6 LE (HKLM\...\Adobe Premiere 6 LE) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Reader X (10.1.3) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Click to DVD 1.2 (HKLM\...\{7C2F71B2-6C73-11D6-B659-00C04F790F76}) (Version:  - )
C-Major Audio (HKLM\...\{69A0D256-A72C-4C33-9413-E1C0174CA7F4}) (Version:  - )
Delta Chrome Toolbar (HKLM\...\{177586E7-E42E-4F38-83D1-D15B4AF5B714}) (Version: 1.0.0.0 - DeltaInstaller) <==== ATTENTION
DivX Codec (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.0 - DivX, Inc.)
DivX Content Uploader (HKLM\...\{D050D7362D214723AD585B541FFB6C11}) (Version: 1.2.1 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 6.5.1 - DivX, Inc.)
DivX Player (HKLM\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 6.6.0 - )
DivX Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.4.0 - DivX,Inc.)
Drag'n Drop CD+DVD (HKLM\...\{DDC146FA-73E0-4FA1-A353-841EA14BF600}) (Version:  - )
DVgate (HKLM\...\{29F61465-428A-11D4-B646-00C04F790F76}) (Version:  - )
FaxTools (HKLM\...\{F45298E5-0083-426F-A668-1A2C5F04B8A0}) (Version: 5.10 - BVRP Software)
Google Earth Plug-in (HKLM\...\{33286280-8617-11E1-8FF6-B8AC6F97B88E}) (Version: 6.2.2.6613 - Google)
Google Update Helper (Version: 1.3.21.123 - Google Inc.) Hidden
HASP Device Driver (HKLM\...\HASP Device Driver) (Version:  - )
Hi-Speed USB 2.0 Flash Disk Utility (HKLM\...\{B97F3B17-A6DE-404B-8A91-742A7711D454}) (Version:  - )
Hotfix für Windows XP (KB2443685) (HKLM\...\KB2443685) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2570791) (HKLM\...\KB2570791) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2633952) (HKLM\...\KB2633952) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2756822) (HKLM\...\KB2756822) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2779562) (HKLM\...\KB2779562) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB981793) (HKLM\...\KB981793) (Version: 1 - Microsoft Corporation)
HotKey Utility (HKLM\...\{B36C3DFD-BAB0-4513-BD27-FA4906A738FD}) (Version:  - )
ICQ  Toolbar (HKLM\...\ToolbarICQToolbar.ICQToolbarObjectIEToolbar) (Version:  - )
ICQ 5.1 (HKLM\...\ICQLite) (Version:  - )
InstallRTC (Version: 1.0.0 - ICQ Ltd.) Hidden
InterBase (HKLM\...\InterBase) (Version:  - )
InterVideo WinDVD 4 (HKLM\...\{98E8A2EF-4EAE-43B8-A172-74842B764777}) (Version:  - InterVideo Inc.)
ISP Selector (Deutsch) (HKLM\...\InstallShield_{0E3F1A40-3104-4C76-8A2D-2CC2ED414BD1}) (Version: 1.0.2.1 - Sony Corporation)
ISP Selector (Version: 1.0.2.1 - Sony Corporation) Hidden
Java Auto Updater (Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 27 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216027FF}) (Version: 6.0.270 - Oracle)
LAN-Express AS IEEE 802.11 Wireless LAN (HKLM\...\{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}) (Version:  - )
LiveReg (Symantec Corporation) (HKLM\...\LiveReg) (Version: 2.2.5.1678 - Symantec Corporation)
LiveUpdate 1.80 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 1.80.19.0 - Symantec Corporation)
Logitech MouseWare 9.78  (HKLM\...\{5809E7CF-4DCF-11D4-9875-00105ACE7734}) (Version:  - )
Logitech SetPoint (HKLM\...\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}) (Version: 2.30 - Logitech)
Lycos WLAN Sniffer (HKLM\...\{4F7BAAFD-3116-4DA0-BD23-CF2559D971CE}) (Version: 00.05.0006 - Lycos)
MAGIX music maker V2000 (HKLM\...\MAGIX music maker V2000) (Version:  - )
MAGIX Music World (HKLM\...\MAGIX Music World) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MFP-Treiber der Serie SHARP AM-400 (HKLM\...\{664F27E1-80D8-42EE-A488-9F41670D2816}) (Version:  - )
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 German Language Pack (HKLM\...\{E78BFA60-5393-4C38-82AB-E8019E464EB4}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2742597) (HKLM\...\M2742597) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
MoodLogic (HKLM\...\MoodLogic) (Version:  - )
Music Visualizer Library 1.4.00 (HKLM\...\{3B24B725-D81F-442D-8CE5-2AF05A4A4CC9}) (Version:  - )
Musicmatch® Jukebox (HKLM\...\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}) (Version: 9.00.5100 - )
NVIDIA Windows 2000/XP Display Drivers (HKLM\...\NVIDIA) (Version:  - )
OpenMG Limited Patch 3.2-03-02-21-08 (HKLM\...\OpenMG HotFix3.2-03-01-16-01) (Version:  - )
OpenMG Limited Patch 3.2-03-03-18-01 (HKLM\...\OpenMG HotFix3.2-03-01-16-02) (Version:  - )
OpenMG Limited Patch 3.2-03-04-14-02 (HKLM\...\OpenMG HotFix3.2-03-04-14-02) (Version:  - )
OpenMG Secure Module 3.2 (HKLM\...\{62F33B80-6244-4A70-A233-0DA13B640364}) (Version:  - )
PictureGear Studio 1.0 (HKLM\...\{27C5164D-ED0E-4D64-B788-93305BD62101}) (Version:  - )
PowerPanel (HKLM\...\{DCB53CB5-E82D-4F5E-BFE2-CBB200E19BEF}) (Version:  - )
Presto! PVR (HKLM\...\{BC0DCD27-345B-4013-A6E0-67EC92DF32C8}) (Version: 5.00.00 - )
QuickTime (HKLM\...\QuickTime) (Version:  - )
RealPlayer (HKLM\...\RealPlayer 6.0) (Version:  - )
Search Assistant Uninstall (HKLM\...\SearchAssistant Uninstall) (Version:  - )
Sharp Button Manager I (HKLM\...\Sharp Button Manager I) (Version:  - )
Sharpdesk (HKLM\...\InstallShield_{8D581A27-435A-4AAD-9550-433897B50EA0}) (Version: 3.1 - SHARP CORPORATION)
Sharpdesk (Version: 3.1 - SHARP CORPORATION) Hidden
Sicherheitsupdate für Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Step by Step Interactive Training (KB898458) (HKLM\...\KB898458) (Version: 20050502.101010 - Microsoft Corporation)
Sicherheitsupdate für Step by Step Interactive Training (KB923723) (HKLM\...\KB923723) (Version: 20050502.101010 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2497640) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB2530548) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB2544521) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB2559049) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB2586448) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127-v2) (Version: 2 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB982381) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB911564) (HKLM\...\KB911564) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB952069) (HKLM\...\KB952069_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB973540) (HKLM\...\KB973540_WM9L) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB979402) (HKLM\...\KB979402_WM9L) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 9 (KB917734) (HKLM\...\KB917734_WMP9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2079403) (HKLM\...\KB2079403) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2121546) (HKLM\...\KB2121546) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2412687) (HKLM\...\KB2412687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476687) (HKLM\...\KB2476687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2491683) (HKLM\...\KB2491683) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2503658) (HKLM\...\KB2503658) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2503665) (HKLM\...\KB2503665) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506223) (HKLM\...\KB2506223) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508272) (HKLM\...\KB2508272) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2510581) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB2511455) (HKLM\...\KB2511455) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2524375) (HKLM\...\KB2524375) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276) (HKLM\...\KB2536276) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893) (HKLM\...\KB2544893) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2555917) (HKLM\...\KB2555917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2562937) (HKLM\...\KB2562937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567053) (HKLM\...\KB2567053) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567680) (HKLM\...\KB2567680) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570222) (HKLM\...\KB2570222) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2618451) (HKLM\...\KB2618451) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2619339) (HKLM\...\KB2619339) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2624667) (HKLM\...\KB2624667) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2646524) (HKLM\...\KB2646524) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2661637) (HKLM\...\KB2661637) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2685939) (HKLM\...\KB2685939) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2695962) (HKLM\...\KB2695962) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2705219) (HKLM\...\KB2705219) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2707511) (HKLM\...\KB2707511) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2709162) (HKLM\...\KB2709162) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2718523) (HKLM\...\KB2718523) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2723135) (HKLM\...\KB2723135) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2724197) (HKLM\...\KB2724197) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2731847) (HKLM\...\KB2731847) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2753842-v2) (HKLM\...\KB2753842-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2758857) (HKLM\...\KB2758857) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2761226) (HKLM\...\KB2761226) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2779030) (HKLM\...\KB2779030) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB904706) (HKLM\...\KB904706) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB941569) (HKLM\...\KB941569) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958869) (HKLM\...\KB958869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960225) (HKLM\...\KB960225) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970238) (HKLM\...\KB970238) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971468) (HKLM\...\KB971468) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971961) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975561) (HKLM\...\KB975561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975713) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978037) (HKLM\...\KB978037) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979559) (HKLM\...\KB979559) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979683) (HKLM\...\KB979683) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980195) (HKLM\...\KB980195) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980218) (HKLM\...\KB980218) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980232) (HKLM\...\KB980232) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980436) (HKLM\...\KB980436) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981349) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982381) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
SigmaTel MSCN Audio Player (HKLM\...\{C9B59DAD-86AC-456C-80A7-B665E77AA325}) (Version:  - )
SiS 900 PCI Fast Ethernet Adapter Driver (HKLM\...\SiSLan) (Version:  - )
SoftK56 Data Fax (HKLM\...\CNXT_MODEM_PCI_VEN_1039&DEV_7013&SUBSYS_814E104D) (Version:  - )
SonicStage 1.6.00 (HKLM\...\{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}) (Version:  - )
Sony DV Shared Library (HKLM\...\{6990A2BF-D1D2-11D3-81BC-00609789C908}) (Version:  - )
Sony Notebook Setup (HKLM\...\{936FADC9-C609-471A-B6F2-A33E2E660D1A}) (Version:  - )
Sony USB Mouse (HKLM\...\MouseSuite98) (Version:  - )
Sony Utilities DLL (HKLM\...\{EF3D45BB-2260-4008-88EA-492E7744A9DF}) (Version:  - )
T-DSL Business (HKLM\...\{59547BBA-EB10-11D4-9FA8-0060087051D5}) (Version: 1.90.64 - T-Systems Nova)
T-DSL SpeedManager (HKLM\...\TDSLSM) (Version:  - )
Trainingssoftware (HKLM\...\{7C33F907-7A81-48B8-BD2D-D851C5FA9EFC}) (Version: 1.0.0 - IKE Software Solutions)
UltraVNC v1.0.2 (HKLM\...\{A8AD990E-355A-4413-8647-A9B168978423}_is1) (Version: 1.1.0.2 - UltraVNC)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update für Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VAIO BrightColor Wallpaper (HKLM\...\{4D1D6640-CD43-4AD9-A52F-E48265DB28E0}) (Version:  - )
VAIO Clock Screen Saver (HKLM\...\{1D057E97-A116-4BF9-B307-83C3FBD86515}) (Version:  - )
VAIO DeepSea Wallpaper (HKLM\...\{3147661C-2807-49EC-B971-3B0F23D95018}) (Version:  - )
VAIO Edit Components LE (HKLM\...\{761C9026-14F0-4352-8658-934558272404}) (Version:  - )
VAIO Media 2.5 (HKLM\...\{1EB317D8-8945-4FD6-B37F-DF470317C6AB}) (Version:  - )
VAIO Media Redistribution 2.5 (HKLM\...\{7128C69B-8F7E-4336-8698-3FD3CDD955EC}) (Version:  - )
VAIO Media Setup 2.5 (HKLM\...\{CCAC48E4-4B4D-43CB-ABB5-E817E39873B3}) (Version:  - )
VAIO Nature Screen Saver (HKLM\...\{8F4BB224-F0EB-433C-BF93-62AAB092D414}) (Version:  - )
VAIO Online-Registration (Deutsch) (HKLM\...\InstallShield_{668B1BD6-4593-4959-970E-249AFFE6F35C}) (Version: 4.2.3.2 - Sony Corporation)
VOR (Version: 4.2.3.2 - Sony Corporation) Hidden
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 7 (Version: 20070813.185237 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation)
WinRAR Archivierer (HKLM\...\WinRAR archiver) (Version:  - )
WinZip (HKLM\...\WinZip) (Version:  9.0 SR-1 (6224g) - WinZip Computing, Inc. und H.C. Top Systems B.V.)
Yontoo 1.12.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.12.02 - Yontoo LLC) <==== ATTENTION

==================== Restore Points  =========================

19-07-2014 11:18:05 ComboFix created restore point

==================== Hosts content: ==========================

2003-08-01 11:55 - 2002-08-29 14:00 - 00000820 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Symantec NetDetect.job => C:\Programme\Symantec\LiveUpdate\NDETECT.EXE

==================== Loaded Modules (whitelisted) =============

2003-09-23 10:10 - 2003-06-23 12:36 - 00024576 _____ () C:\Programme\sony\vaio media music server\SSSvrRes.dll
2003-08-01 11:55 - 2007-04-02 14:49 - 00355112 _____ () C:\WINDOWS\System32\msjetoledb40.dll
2006-06-12 22:48 - 2005-01-28 14:31 - 00045056 _____ () C:\Programme\Logitech\SetPoint\GameHook.dll
2003-08-01 12:37 - 2003-03-26 18:19 - 00045056 _____ () C:\Programme\SigmaTel\C-Major Audio\stacmon.exe
2003-09-23 10:11 - 2003-06-23 16:33 - 01171456 ____N () C:\Programme\drag'n drop cd+dvd\BinFiles\DragDrop.exe
2003-09-23 10:11 - 2002-02-26 19:54 - 00069632 ____N () C:\Programme\drag'n drop cd+dvd\BinFiles\ezID3.dll
2003-09-23 10:11 - 2001-06-26 01:15 - 00081920 ____N () C:\Programme\drag'n drop cd+dvd\BinFiles\ezLICEN1.dll
2003-09-23 10:11 - 2003-06-23 18:04 - 00540672 ____N () C:\Programme\drag'n drop cd+dvd\BinFiles\DDCDRES.DLL
2004-12-26 17:57 - 2006-01-17 13:26 - 00438272 _____ () C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\CoreDll.dll
2004-12-26 17:57 - 2006-01-17 13:26 - 00122880 _____ () C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\TrackUtils.dll
2002-12-12 00:14 - 2008-04-14 04:22 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2003-08-01 14:49 - 2002-10-22 12:41 - 00032768 ____N () C:\Programme\powerpanel\PROGRAM\PMOptionMsg.dll
2003-08-01 14:49 - 2002-11-15 13:45 - 00114688 ____N () C:\Programme\powerpanel\Program\BSACPICM.DLL
2003-08-01 14:49 - 2002-11-15 13:45 - 00135168 ____N () C:\Programme\powerpanel\Program\BSNTSBS.DLL
2012-04-04 07:53 - 2012-04-04 07:53 - 00301056 _____ () C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
2003-11-26 18:18 - 2003-05-19 22:16 - 00120320 _____ () C:\Programme\WinRAR\rarext.dll
2005-06-27 00:13 - 2006-05-07 18:28 - 00057451 _____ () C:\Programme\ICQLite\ICQLiteShell.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/14/2013 02:45:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung em_exec.exe, Version 9.78.34.0, fehlgeschlagenes Modul comnctr.dll, Version 9.78.34.0, Fehleradresse 0x00004ae5.
Das medienspezifische Ereignis für [em_exec.exe!ws!] wird verarbeitet.

Error: (02/11/2013 03:07:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung em_exec.exe, Version 9.78.34.0, fehlgeschlagenes Modul comnctr.dll, Version 9.78.34.0, Fehleradresse 0x00004ae5.
Das medienspezifische Ereignis für [em_exec.exe!ws!] wird verarbeitet.

Error: (02/10/2013 08:51:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung em_exec.exe, Version 9.78.34.0, fehlgeschlagenes Modul comnctr.dll, Version 9.78.34.0, Fehleradresse 0x00004ae5.
Das medienspezifische Ereignis für [em_exec.exe!ws!] wird verarbeitet.

Error: (02/05/2013 11:14:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung em_exec.exe, Version 9.78.34.0, fehlgeschlagenes Modul comnctr.dll, Version 9.78.34.0, Fehleradresse 0x00004ae5.
Das medienspezifische Ereignis für [em_exec.exe!ws!] wird verarbeitet.

Error: (02/02/2013 03:47:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error: (02/01/2013 00:17:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung em_exec.exe, Version 9.78.34.0, fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x0035ff55.
Das medienspezifische Ereignis für [em_exec.exe!ws!] wird verarbeitet.

Error: (01/31/2013 01:10:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error: (01/31/2013 01:10:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error: (01/23/2013 11:58:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung em_exec.exe, Version 9.78.34.0, fehlgeschlagenes Modul comnctr.dll, Version 9.78.34.0, Fehleradresse 0x00004ae5.
Das medienspezifische Ereignis für [em_exec.exe!ws!] wird verarbeitet.

Error: (01/19/2013 09:31:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung em_exec.exe, Version 9.78.34.0, fehlgeschlagenes Modul comnctr.dll, Version 9.78.34.0, Fehleradresse 0x00004ae5.
Das medienspezifische Ereignis für [em_exec.exe!ws!] wird verarbeitet.


System errors:
=============
Error: (07/19/2014 04:03:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "VAIO Media Music Server (UPnP)" ist vom Dienst "VAIO Media Music Server (HTTP)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2

Error: (07/19/2014 04:03:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VAIO Media Music Server (HTTP)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/19/2014 04:03:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "VAIO Media Photo Server (UPnP)" ist vom Dienst "VAIO Media Photo Server (HTTP)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2

Error: (07/19/2014 04:03:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VAIO Media Photo Server (HTTP)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/19/2014 04:03:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PfModNT" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/19/2014 01:17:36 PM) (Source: Windows Update Agent) (EventID: 16) (User: )
Description: Verbindung nicht möglich: Es konnte keine Verbindung mit dem Dienst "Automatische Updates" hergestellt werden, daher können Updates nicht nach dem angegebenen Zeitplan heruntergeladen und installiert werden. Es wird weiterhin versucht, eine Verbindung herzustellen.

Error: (11/08/2013 02:14:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet: 
%%126

Error: (11/08/2013 02:14:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet: 
%%126

Error: (11/08/2013 02:14:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet: 
%%126

Error: (11/08/2013 02:14:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet: 
%%126


Microsoft Office Sessions:
=========================
Error: (02/14/2013 02:45:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: em_exec.exe9.78.34.0comnctr.dll9.78.34.000004ae5

Error: (02/11/2013 03:07:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: em_exec.exe9.78.34.0comnctr.dll9.78.34.000004ae5

Error: (02/10/2013 08:51:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: em_exec.exe9.78.34.0comnctr.dll9.78.34.000004ae5

Error: (02/05/2013 11:14:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: em_exec.exe9.78.34.0comnctr.dll9.78.34.000004ae5

Error: (02/02/2013 03:47:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (02/01/2013 00:17:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: em_exec.exe9.78.34.0unknown0.0.0.00035ff55

Error: (01/31/2013 01:10:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (01/31/2013 01:10:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (01/23/2013 11:58:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: em_exec.exe9.78.34.0comnctr.dll9.78.34.000004ae5

Error: (01/19/2013 09:31:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: em_exec.exe9.78.34.0comnctr.dll9.78.34.000004ae5


==================== Memory info =========================== 

Percentage of memory in use: 36%
Total physical RAM: 1021.48 MB
Available physical RAM: 644.95 MB
Total Pagefile: 1692.6 MB
Available Pagefile: 1422.38 MB
Total Virtual: 2047.88 MB
Available Virtual: 1919.43 MB

==================== Drives ================================

Drive c: (VAIO) (Fixed) (Total:27.95 GB) (Free:3.34 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (VAIO) (Fixed) (Total:27.95 GB) (Free:3.11 GB) NTFS
Drive f: (INTENSO) (Removable) (Total:3.76 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 56 GB) (Disk ID: B8A1037E)
Partition 1: (Active) - (Size=28 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=28 GB) - (Type=OF Extended)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: 504A2A7C)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)

==================== End Of Log ============================
         
OLT.txt (All users)
Code:
ATTFilter
OTL logfile created on: 19.07.2014 16:26:50 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\uwe\Desktop\Neuer Ordner (2)
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1021,48 Mb Total Physical Memory | 678,00 Mb Available Physical Memory | 66,37% Memory free
1,65 Gb Paging File | 1,43 Gb Available in Paging File | 86,27% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 27,95 Gb Total Space | 3,39 Gb Free Space | 12,12% Space Free | Partition Type: NTFS
Drive D: | 27,95 Gb Total Space | 3,11 Gb Free Space | 11,14% Space Free | Partition Type: NTFS
 
Computer Name: SONY-VAIO | User Name: uwe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\uwe\Desktop\Neuer Ordner (2)\adwcleaner_3.216.exe ()
PRC - C:\Dokumente und Einstellungen\uwe\Desktop\Neuer Ordner (2)\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (Musicmatch, Inc.)
PRC - C:\Programme\NewSoft\Presto! PVR\URemote.exe (NewSoft)
PRC - C:\Programme\NewSoft\Presto! PVR\Monitor.exe (NewSoft)
PRC - C:\Programme\Sharp\Sharpdesk\SharpTray.exe (SHARP CORPORATION)
PRC - C:\Programme\Sharp\Sharpdesk\Indexer.exe (SHARP CORPORATION)
PRC - C:\Programme\Sharp\Sharpdesk\IndexTray.exe (SHARP CORPORATION)
PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
PRC - C:\Programme\Sharp\Button Manager I\btnman.exe (SHARP CORPORATION)
PRC - C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE (Logitech Inc.)
PRC - C:\Programme\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
PRC - C:\Programme\powerpanel\Program\PcfMgr.exe (Phoenix Technologies Ltd.)
PRC - C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
PRC - C:\Programme\sony\HotKey Utility\HKWnd.exe (Sony Corporation)
PRC - C:\Programme\sony\HotKey Utility\HKServ.exe (Sony Corporation)
PRC - C:\Programme\sony\photo server\appsrv\PhotoAppSrv.exe (Sony Corporation)
PRC - C:\Programme\drag'n drop cd+dvd\BinFiles\DragDrop.exe ()
PRC - C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\WINDOWS\system32\PL15Co2K.exe (Prolific Technology Inc.)
PRC - C:\Programme\SigmaTel\C-Major Audio\stacmon.exe ()
PRC - C:\Programme\sony\vaio media music server\SSSvr.exe (Sony Corporation)
PRC - C:\Programme\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\WINDOWS\system32\ezSP_Px.exe (Easy Systems Japan Ltd.)
PRC - C:\WINDOWS\system32\ico.exe (Primax Electronics Ltd.)
PRC - C:\Programme\Borland\InterBase\bin\ibguard.exe (Inprise Corporation)
PRC - C:\Programme\Borland\InterBase\bin\ibserver.exe (Inprise Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Dokumente und Einstellungen\uwe\Desktop\Neuer Ordner (2)\adwcleaner_3.216.exe ()
MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\msjetoledb40.dll ()
MOD - C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\TrackUtils.dll ()
MOD - C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\CoreDll.dll ()
MOD - C:\Programme\Logitech\SetPoint\gamehook.dll ()
MOD - C:\Programme\drag'n drop cd+dvd\BinFiles\DDCDRES.dll ()
MOD - C:\Programme\drag'n drop cd+dvd\BinFiles\DragDrop.exe ()
MOD - C:\Programme\sony\vaio media music server\SSSvrRes.dll ()
MOD - C:\Programme\SigmaTel\C-Major Audio\stacmon.exe ()
MOD - C:\Programme\powerpanel\Program\bsntsbs.dll ()
MOD - C:\Programme\powerpanel\Program\Bsacpicm.dll ()
MOD - C:\Programme\powerpanel\Program\PMOptionMsg.dll ()
MOD - C:\Programme\drag'n drop cd+dvd\BinFiles\ezID3.dll ()
MOD - C:\Programme\drag'n drop cd+dvd\BinFiles\ezLICEN1.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (VAIOMediaPlatform-PhotoServer-UPnP) -- C:\Programme\Gemeinsame Dateien\sony shared\vaio media platform\UPnPFramework.exe File not found
SRV - (VAIOMediaPlatform-PhotoServer-HTTP) -- C:\Programme\Gemeinsame Dateien\sony shared\vaio media platform\SV_Httpd.exe /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot=Software\Sony Corporation\VAIO Media Platform\2.0 /RegExt=\Applications\PhotoServer\HTTP File not found
SRV - (VAIOMediaPlatform-MusicServer-UPnP) -- C:\Programme\Gemeinsame Dateien\Sony Shared\vaio media platform\UPnPFramework.exe File not found
SRV - (VAIOMediaPlatform-MusicServer-HTTP) -- C:\Programme\Gemeinsame Dateien\Sony Shared\vaio media platform\sv_httpd.exe /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot=Software\Sony Corporation\VAIO Media Platform\2.0 /RegExt=Applications\MusicServer\HTTP File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (PEVSystemStart) -- C:\ComboFix\pev.3XE ()
SRV - (getPlusHelper) -- C:\Programme\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (Iprip) -- C:\WINDOWS\system32\iprip.dll (Microsoft Corporation)
SRV - (de_serv) -- C:\Programme\Gemeinsame Dateien\AVM\De_serv.exe (AVM Berlin)
SRV - (Adobe LM Service) -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe ()
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (TSMService) -- C:\Programme\TSMSvc.exe (T-Systems Nova, Berkom)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (VAIOMediaPlatform-PhotoServer-AppServer) -- C:\Programme\sony\photo server\appsrv\PhotoAppSrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-MusicServer-AppServer) -- C:\Programme\sony\vaio media music server\SSSvr.exe (Sony Corporation)
SRV - (InterBaseGuardian) -- C:\Programme\Borland\InterBase\bin\ibguard.exe (Inprise Corporation)
SRV - (InterBaseServer) -- C:\Programme\Borland\InterBase\bin\ibserver.exe (Inprise Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (SYMIDSCO) -- C:\WINDOWS\System32\Drivers\SYMIDSCO.SYS File not found
DRV - (RTLWUSB) -- System32\DRIVERS\wg111v2.sys File not found
DRV - (PONDIS5) -- C:\WINDOWS\System32\PONDIS5.SYS File not found
DRV - (PfModNT) -- C:\WINDOWS\System32\PfModNT.sys File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCMCIAFVNETR) -- System32\DRIVERS\fvnetr.sys File not found
DRV - (PCIDump) --  File not found
DRV - (M9207) -- System32\DRIVERS\M9207BDA.sys File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (BOVOLUME) -- C:\PROGRA~1\T-DSLB~1\BOVOLUME.SYS File not found
DRV - (BOProtocol) --  File not found
DRV - (BCM43XX) -- System32\DRIVERS\bcmwl5.sys File not found
DRV - (Atndav6dpetr) --  File not found
DRV - (ATMEL FVNETusb (AR) -- System32\DRIVERS\vnetusbr.sys File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (AR5416) -- C:\WINDOWS\system32\drivers\ar5416.sys (Atheros Communications, Inc.)
DRV - (TDDIWAN) -- C:\WINDOWS\system32\drivers\WTDDI.sys (T-Systems Nova GmbH)
DRV - (CBPSp50) -- C:\WINDOWS\system32\drivers\CBPSp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (LHidKe) -- C:\WINDOWS\system32\drivers\LHidKE.Sys (Logitech, Inc.)
DRV - (LMouKE) -- C:\WINDOWS\system32\drivers\LMouKE.Sys (Logitech, Inc.)
DRV - (LUsbKbd) -- C:\WINDOWS\system32\drivers\LUsbKbd.sys (Logitech, Inc.)
DRV - (LHidUsbK) -- C:\WINDOWS\system32\drivers\LHidUsbK.sys (Logitech, Inc.)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV - (hardlock) -- C:\WINDOWS\system32\drivers\hardlock.sys (Aladdin Knowledge Systems)
DRV - (Haspnt) -- C:\WINDOWS\system32\drivers\Haspnt.sys (Aladdin Knowledge Systems)
DRV - (vnccom) -- C:\WINDOWS\system32\drivers\vnccom.SYS (RDV Soft)
DRV - (vncdrv) -- C:\WINDOWS\system32\drivers\vncdrv.sys (RDV Soft)
DRV - (BOAdapter) -- C:\WINDOWS\system32\drivers\BOPPPoE.sys (T-Systems Nova GmbH, Berkom Berlin)
DRV - (TNPacket) -- C:\Programme\TNPACKET.SYS (T-Systems Nova GmbH)
DRV - (STAC97) -- C:\WINDOWS\system32\drivers\stac97.sys (SigmaTel, Inc.)
DRV - (PFMPR5) -- C:\WINDOWS\system32\PFMPR5.sys (Perfigo, Inc.)
DRV - (PFNDIS5) -- C:\WINDOWS\system32\PFNDIS5.sys (Perfigo, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSFHWSIS) -- C:\WINDOWS\system32\drivers\HSFHWSIS.sys (Conexant Systems, Inc.)
DRV - (LEX_AS_NIC_SERVICE_YNOS) -- C:\WINDOWS\system32\drivers\ExpasAG.sys (Atheros Communications, Inc.)
DRV - (LMouFlt2) -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys (Logitech, Inc.)
DRV - (LHidUsb) -- C:\WINDOWS\system32\drivers\LHidUsb.sys (Logitech, Inc.)
DRV - (LHidFlt2) -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys (Logitech, Inc.)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (SPI) -- C:\WINDOWS\system32\drivers\SonyPI.sys (Sony Corporation)
DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation)
DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation)
DRV - (SNC) -- C:\WINDOWS\system32\drivers\SonyNC.sys (Sony Corporation)
DRV - (PCANDIS5) -- C:\Programme\PCANDIS5.SYS (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (OlCamudp) -- C:\WINDOWS\system32\drivers\olcamudp.sys (OLYMPUS Optical Co.,Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:NavigationFailure
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:NavigationFailure
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.sony-europe.com/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.sony-europe.com/
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.sony-europe.com/
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.sony-europe.com/
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1661403230-241337288-491878945-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = about:NavigationFailure
IE - HKU\S-1-5-21-1661403230-241337288-491878945-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = about:NavigationFailure
IE - HKU\S-1-5-21-1661403230-241337288-491878945-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-1661403230-241337288-491878945-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.icq.com
IE - HKU\S-1-5-21-1661403230-241337288-491878945-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-1661403230-241337288-491878945-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-1661403230-241337288-491878945-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1661403230-241337288-491878945-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:NavigationFailure
IE - HKU\S-1-5-21-1661403230-241337288-491878945-1005\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
IE - HKU\S-1-5-21-1661403230-241337288-491878945-1005\..\SearchScopes,DefaultScope = {D8B85796-C341-46BF-BE47-CEF43AF5FBE0}
IE - HKU\S-1-5-21-1661403230-241337288-491878945-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search
IE - HKU\S-1-5-21-1661403230-241337288-491878945-1005\..\SearchScopes\{7856B765-852A-4657-B2E1-97A900C63CC3}: "URL" = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-1661403230-241337288-491878945-1005\..\SearchScopes\{D8B85796-C341-46BF-BE47-CEF43AF5FBE0}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_deDE452
IE - HKU\S-1-5-21-1661403230-241337288-491878945-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Programme\Real\RealOne Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2629: C:\Programme\Real\RealOne Player\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Programme\Real\RealOne Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/Acrobat,version=5.1: C:\Programme\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
 
 
[2013.02.04 18:09:12 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\uwe\Anwendungsdaten\Mozilla\Firefox\Profiles\extensions
[2012.12.13 22:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\uwe\Anwendungsdaten\Mozilla\Firefox\Profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi
[2013.02.04 18:09:59 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
 
O1 HOSTS File: ([2002.08.29 14:00:00 | 000,000,820 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Reg Error: Value error.) - {28783B66-DBC1-4900-8492-C809ABAEE7AA} - C:\WINDOWS\System32\lhgl.dll File not found
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1661403230-241337288-491878945-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1661403230-241337288-491878945-1005\..\Toolbar\WebBrowser: (ICQ  Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [CamMonitor] C:\Programme\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe File not found
O4 - HKLM..\Run: [ChangeFilterMerit] C:\Programme\NewSoft\Presto! PVR\ChangeFilterMerit.exe ()
O4 - HKLM..\Run: [Drag'n Drop CD+DVD] C:\Programme\drag'n drop cd+dvd\BinFiles\DragDrop.exe ()
O4 - HKLM..\Run: [HI-SPEED USB DEVICE Coinstaller] C:\WINDOWS\System32\PL15Co2K.exe (Prolific Technology Inc.)
O4 - HKLM..\Run: [HKSERV.EXE] C:\Programme\sony\HotKey Utility\HKServ.exe (Sony Corporation)
O4 - HKLM..\Run: [Indexer] C:\Programme\Sharp\Sharpdesk\Indexer.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [IndexTray] C:\Programme\Sharp\Sharpdesk\IndexTray.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [Lexmark X1100 Series] "C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe" File not found
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [MMTray] C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Presto! PVR Monitor] C:\Programme\NewSoft\Presto! PVR\Monitor.exe (NewSoft)
O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe File not found
O4 - HKLM..\Run: [SharpTray] C:\Programme\Sharp\Sharpdesk\SharpTray.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [SigmaTel StacMon] C:\Programme\SigmaTel\C-Major Audio\stacmon.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TomTomHOME.exe] "C:\Programme\TomTom HOME\TomTomHOME.exe" -s File not found
O4 - HKLM..\Run: [TypeRegChecker] C:\Programme\Sharp\Sharpdesk\TypeRegChecker.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [URemote] C:\Programme\NewSoft\Presto! PVR\URemote.exe (NewSoft)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Button Manager I.lnk = C:\Programme\Sharp\Button Manager I\btnman.exe (SHARP CORPORATION)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\PowerPanel.lnk = C:\Programme\powerpanel\Program\PcfMgr.exe (Phoenix Technologies Ltd.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1661403230-241337288-491878945-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1661403230-241337288-491878945-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (ICQ Ltd.)
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (ICQ Ltd.)
O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([] in Lokales Intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([] in Lokales Intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([] in Lokales Intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([] in Lokales Intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([] in Lokales Intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([] in Lokales Intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-1661403230-241337288-491878945-1005\..Trusted Domains:   ([]msn in My Computer)
O15 - HKU\S-1-5-21-1661403230-241337288-491878945-1005\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKU\S-1-5-21-1661403230-241337288-491878945-1005\..Trusted Domains: sony-europe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1661403230-241337288-491878945-1005\..Trusted Domains: sonystyle-europe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1661403230-241337288-491878945-1005\..Trusted Domains: vaio-link.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1661403230-241337288-491878945-1005\..Trusted Ranges: Range19 ([*] in Local intranet)
O16 - DPF: {01E54593-BE14-4D6B-9310-37C0145EFE42} file:///E:/CDVIEWER11/CdViewer.cab (AMI DicomDir TreeView Control 1.1)
O16 - DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} Reg Error: Value error. (dnlplayer Class)
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0653EB37-7D15-4DF6-A1A4-A6A63512F3BA}: NameServer = 195.185.185.195,192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71E0B8C6-7AFD-4E67-ACCE-A9E1573B95ED}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sds {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Programme\Sharp\Sharpdesk\ExplorerExtensions.dll (SHARP CORPORATION)
O18 - Protocol\Filter\text/html {498A12C9-A9CD-4676-9D2B-0DC9A26CF1BB} - C:\WINDOWS\System32\lhgl.dll File not found
O18 - Protocol\Filter\text/plain {498A12C9-A9CD-4676-9D2B-0DC9A26CF1BB} - C:\WINDOWS\System32\lhgl.dll File not found
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003.08.01 12:20:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014.07.19 16:29:22 | 000,000,000 | ---D | C] -- C:\FRST
[2014.07.19 16:24:56 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2014.07.19 16:04:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014.07.19 13:17:51 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2014.07.19 13:17:51 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2014.07.19 13:17:51 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2014.07.19 13:17:51 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2014.07.19 13:17:46 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011.06.08 14:24:44 | 049,466,264 | ---- | C] (Adobe Systems Incorporated) -- C:\Programme\AdbeRdr1001_de_DE.exe
[2004.07.19 11:04:14 | 000,139,264 | ---- | C] (T-Systems Nova GmbH) -- C:\Programme\DSLTest3.dll
[2004.07.15 10:50:12 | 000,872,448 | ---- | C] (T-Systems Nova GmbH) -- C:\Programme\TDSLTest.exe
[2004.07.14 16:13:40 | 000,090,112 | ---- | C] (T-Systems Nova GmbH) -- C:\Programme\TSMInst.exe
[2004.07.14 16:01:12 | 000,397,312 | ---- | C] (T-Systems Nova, Berkom) -- C:\Programme\SpeedMgr.exe
[2004.07.14 16:00:44 | 000,147,456 | ---- | C] (T-Systems Nova, Berkom) -- C:\Programme\TSMSvc.exe
[2004.07.14 16:00:28 | 000,364,544 | ---- | C] (T-Systems Nova, Berkom) -- C:\Programme\TSM.dll
[2004.03.11 17:44:26 | 000,009,696 | ---- | C] (T-Systems Nova GmbH) -- C:\Programme\TNPACKET.SYS
[2003.09.25 14:40:34 | 000,241,664 | ---- | C] (T-Systems Nova) -- C:\Programme\TSMDBand.dll
[2001.03.15 19:55:26 | 000,040,960 | ---- | C] (T-Systems, T-Nova Deutsche Telekom Innovationsgesellschaft mbH, Berkom Berlin) -- C:\Programme\DSLTest.dll
[2000.10.15 18:38:54 | 000,016,068 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Programme\PCANDIS5.SYS
[2000.10.15 18:22:30 | 000,061,440 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Programme\W32N50.DLL
[2000.10.15 15:44:34 | 000,016,048 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Programme\PCANDIS4.SYS
[40 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014.07.19 16:29:12 | 000,000,392 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2014.07.19 16:03:36 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.07.19 16:03:33 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.07.19 16:03:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[40 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014.07.19 13:17:51 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2014.07.19 13:17:51 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2014.07.19 13:17:51 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2014.07.19 13:17:51 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2014.07.19 13:17:51 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.02.15 23:29:51 | 000,002,747 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0429835.js
[2013.02.15 23:29:25 | 095,023,320 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0429835.pad
[2004.09.03 13:28:03 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2004.07.19 12:25:16 | 000,006,216 | ---- | C] () -- C:\Programme\TDSLSM.INF
[2003.10.10 00:20:27 | 000,093,184 | ---- | C] () -- C:\Dokumente und Einstellungen\uwe\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003.07.08 15:06:40 | 000,005,408 | ---- | C] () -- C:\Programme\ReConfig.dll
[2002.03.13 15:32:08 | 000,000,896 | ---- | C] () -- C:\Programme\TDSLCh16.dll
[2001.01.26 14:43:20 | 000,002,144 | ---- | C] () -- C:\Programme\PCIDUMPR.SYS
 
========== ZeroAccess Check ==========
 
[2004.09.03 12:13:49 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         
__________________

Alt 20.07.2014, 16:38   #4
schrauber
/// the machine
/// TB-Ausbilder
 

GUV-Trojaner mit Webcam - Standard

GUV-Trojaner mit Webcam



Adware & Co. deinstallieren
  • Lade Dir bitte von hier Revo Uninstaller herunter.
  • Installiere und starte das Programm.
  • Suche im Uninstallerfeld nach den Programmen, die unter:

    diesen Zusatz haben:
  • Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:



Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Combofix wird überprüfen, ob die Microsoft Windows Wiederherstellungskonsole installiert ist.
    Ist diese nicht installiert, erlaube Combofix diese herunter zu laden und zu installieren. Folge dazu einfach den Anweisungen und aktzeptiere die Endbenutzer-Lizenz.
    Bei heutiger Malware ist dies sehr empfehlenswert, da diese uns eine Möglichkeit bietet, dein System zu reparieren, falls etwas schief geht.
    Bestätige die Information, dass die Wiederherstellungskonsole installiert wurde mit Ja.
    Hinweis: Ist diese bereits installiert, wird Combofix mit der Malwareentfernung fortfahren.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es eine Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu GUV-Trojaner mit Webcam
adobe, antivirus, avira, bho, browser, einstellungen, error, explorer, firefox, format, home, homepage, logfile, monitor.exe, nvidia, object, olympus, registry, scan, security, server, software, starten, symantec, windows, windows xp, yahoo



Ähnliche Themen: GUV-Trojaner mit Webcam


  1. GVU Trojaner hat Windows 7 gesperrt - Webcam - paysafecard oder ukash - Trojaner-Board
    Plagegeister aller Art und deren Bekämpfung - 26.06.2013 (3)
  2. GVU - Trojaner mit Webcam
    Plagegeister aller Art und deren Bekämpfung - 23.12.2012 (23)
  3. GVU-Trojaner mit Webcam
    Plagegeister aller Art und deren Bekämpfung - 25.11.2012 (3)
  4. GVU Trojaner mit Webcam
    Plagegeister aller Art und deren Bekämpfung - 21.11.2012 (4)
  5. GVU Trojaner mit Webcam
    Log-Analyse und Auswertung - 11.11.2012 (3)
  6. GVU Trojaner mit Webcam
    Log-Analyse und Auswertung - 26.10.2012 (6)
  7. GVU Trojaner mit Webcam
    Plagegeister aller Art und deren Bekämpfung - 18.09.2012 (39)
  8. GVU Trojaner mit Webcam
    Plagegeister aller Art und deren Bekämpfung - 14.09.2012 (1)
  9. GVU-Trojaner mit Webcam
    Log-Analyse und Auswertung - 11.09.2012 (9)
  10. GVU Webcam Trojaner
    Plagegeister aller Art und deren Bekämpfung - 07.09.2012 (7)
  11. GVU-Trojaner mit Webcam
    Log-Analyse und Auswertung - 03.09.2012 (14)
  12. BSI Trojaner mit Webcam
    Log-Analyse und Auswertung - 21.08.2012 (16)
  13. GVU Trojaner + Webcam
    Log-Analyse und Auswertung - 16.08.2012 (8)
  14. GVU Trojaner mit webcam
    Log-Analyse und Auswertung - 13.08.2012 (24)
  15. GVU Trojaner mit Webcam
    Plagegeister aller Art und deren Bekämpfung - 30.07.2012 (11)
  16. GVU Trojaner mit Webcam
    Plagegeister aller Art und deren Bekämpfung - 22.06.2012 (2)
  17. Webcam trojaner?
    Mülltonne - 12.02.2008 (0)

Zum Thema GUV-Trojaner mit Webcam - Hallo zusammen, ich habe meinen Rechner mittels der Systemwiederherstellung nache einer Infektion mit dem GUV-Trojaner unter Windows XP nun endlich wieder starten können. Gerne möchte ich dennoch meinen OTL-Log veröffentlichen - GUV-Trojaner mit Webcam...
Archiv
Du betrachtest: GUV-Trojaner mit Webcam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.