Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: TR/spy.2614272.4 und TR/spy.96256.33 bekomme ich nicht gelöscht

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 13.10.2010, 18:20   #1
Jake555
 
TR/spy.2614272.4 und TR/spy.96256.33 bekomme ich nicht gelöscht - Standard

TR/spy.2614272.4 und TR/spy.96256.33 bekomme ich nicht gelöscht



Hallo Leute,

Google und hier das Forum (SuFu schon benutzt) konnte mir mit den bisherigen Beiträgen nicht helfen. Leider wurde diese Version des TR noch nicht hier gemeldet. Bei google habe ich nur gelese n, dass mehrere Leute dieses Problemchen haben, jedoch bisher keine Lösung dafür haben/bekommen haben. Mich würde es sehr freuen wenn ihr mir irgendswie beim loswerden dieses TR helfen könnte, möchte nicht unbedingt mein system neu aufsetzten.

Deswegen eröffnete ich diesen neuen Thread.

ich habe folgendes Problem:
Avira meldet das mein Rechner mit TR/spy.2614272.4 und TR/spy.96256.33 infiziert ist. Wenn ich auf entfernen drücke und neustarte, werden diese Trojaner weiterhin gemeldet.

Folgende Dateien sind infiziert:
a.) c:\windows\explorer.exe (TR/spy.2614272.4)
b.) c:\windows\System32\wininit.exe (TR/spy.96256.33)

folgendes kommt beim scan mit h**p://www.virustotal.com/ raus:

explorer:
Zitat:
Antivirus Version Last Update Result
AhnLab-V3 2010.10.13.01 2010.10.13 -
AntiVir 7.10.12.208 2010.10.13 TR/Spy.2614272.4
Antiy-AVL 2.0.3.7 2010.10.13 -
Authentium 5.2.0.5 2010.10.13 -
Avast 4.8.1351.0 2010.10.13 -
Avast5 5.0.594.0 2010.10.13 -
AVG 9.0.0.851 2010.10.13 -
BitDefender 7.2 2010.10.13 Gen:Trojan.Heur.TP.Fs0@buUmMmn
CAT-QuickHeal 11.00 2010.10.13 -
ClamAV 0.96.2.0-git 2010.10.13 -
Comodo 6378 2010.10.13 -
DrWeb 5.0.2.03300 2010.10.13 Win32.Dat.10
Emsisoft 5.0.0.50 2010.10.13 Gen.Trojan!IK
eSafe 7.0.17.0 2010.10.12 -
eTrust-Vet 36.1.7908 2010.10.13 -
F-Prot 4.6.2.117 2010.10.12 -
F-Secure 9.0.15370.0 2010.10.13 Gen:Trojan.Heur.TP.Fs0@buUmMmn
Fortinet 4.2.249.0 2010.10.13 -
GData 21 2010.10.13 Gen:Trojan.Heur.TP.Fs0@buUmMmn
Ikarus T3.1.1.90.0 2010.10.13 Gen.Trojan
Jiangmin 13.0.900 2010.10.13 -
K7AntiVirus 9.65.2742 2010.10.13 -
Kaspersky 7.0.0.125 2010.10.13 -
McAfee 5.400.0.1158 2010.10.13 -
McAfee-GW-Edition 2010.1C 2010.10.13 -
Microsoft 1.6201 2010.10.13 -
NOD32 5528 2010.10.13 -
Norman 6.06.07 2010.10.12 -
nProtect 2010-10-13.01 2010.10.13 -
Panda 10.0.2.7 2010.10.13 -
PCTools 7.0.3.5 2010.10.13 -
Prevx 3.0 2010.10.13 -
Rising 22.69.02.04 2010.10.13 -
Sophos 4.58.0 2010.10.13 -
Sunbelt 7050 2010.10.13 Virus.Win32.Bamital.c (v)
SUPERAntiSpyware 4.40.0.1006 2010.10.13 -
Symantec 20101.2.0.161 2010.10.13 Suspicious.Mystic
TheHacker 6.7.0.1.056 2010.10.13 -
TrendMicro 9.120.0.1004 2010.10.13 -
TrendMicro-HouseCall 9.120.0.1004 2010.10.13 -
VBA32 3.12.14.1 2010.10.13 -
ViRobot 2010.9.25.4060 2010.10.13 -
VirusBuster 12.68.1.0 2010.10.13 -
Additional information
Show all
MD5 : b822cd2d611593e44533044037f7b11a
SHA1 : edc79809e28d79978ee347966e69f6fa57dec91b
SHA256: ab5fff37d516824de5fd6f73754cc3678b7abe021609dd9473be55165c8331e0
ssdeep: 49152:swPk1ubtHXPUvYYYYYYYYYYYRYYYYYYYYYYE3iA7/eFUJN9ojoso2xno4iP:rPbbtcvYY
YYYYYYYYYRYYYYYYYYYYE3n
File size : 2614272 bytes
First seen: 2010-10-13 16:59:04
Last seen : 2010-10-13 16:59:04
TrID:
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: (c) Microsoft Corporation. All rights reserved.
product......: Microsoft_ Windows_ Operating System
description..: Windows Explorer
original name: EXPLORER.EXE
internal name: explorer
file version.: 6.1.7600.16450 (win7_gdr.091030-1504)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x2A8CB
timedatestamp....: 0x4AEBA271 (Sat Oct 31 02:35:29 2009)
machinetype......: 0x14c (I386)

[[ 4 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0xAF135, 0xAF200, 6.39, eef7bd58efcf096fcb4b278cb493ea99
.data, 0xB1000, 0x2FCC, 0x2800, 0.95, 1408cc5d5952a7ece5e6486fb4c726d9
.rsrc, 0xB4000, 0x1C2FA7, 0x1C3000, 5.52, cdec03087f3de3f2d044db912b8a2d58
.reloc, 0x277000, 0x9304, 0x9400, 6.75, cd1ed526c834e979920b0c6368cb5b7c

[[ 19 import(s) ]]
ADVAPI32.dll: RegCloseKey, RegCreateKeyW, RegGetValueW, RegOpenKeyExW, GetTraceEnableFlags, GetTraceEnableLevel, GetTraceLoggerHandle, RegisterTraceGuidsW, UnregisterTraceGuids, RegCreateKeyExW, RegQueryValueExW, EventRegister, EventUnregister, EventWrite, EventEnabled, GetLengthSid, GetTokenInformation, OpenProcessToken, RegSetValueExW, TraceMessage, RegOpenKeyW, RegDeleteValueW, RegEnumValueW, RegQueryInfoKeyW, ConvertStringSidToSidW, CloseServiceHandle, OpenServiceW, OpenSCManagerW, RegEnumKeyExW, CreateWellKnownSid, StartServiceW, CryptAcquireContextW, CryptCreateHash, CryptHashData, CryptGetHashParam, CryptDestroyHash, CryptReleaseContext, StartTraceW, EnableTraceEx, StopTraceW, LsaLookupSids, IsValidSid, GetSidSubAuthorityCount, GetSidSubAuthority, LsaOpenPolicy, LsaFreeMemory, LsaClose, OpenThreadToken, ConvertSidToStringSidW, ConvertStringSecurityDescriptorToSecurityDescriptorW, CheckTokenMembership, QueryServiceStatus
KERNEL32.dll: LoadLibraryExA, DelayLoadFailureHook, CreateFileW, GetFileSize, ReadFile, RaiseException, FlushInstructionCache, SetLastError, OpenThread, GetSystemTimeAsFileTime, GetLocaleInfoW, GetTimeFormatW, GetDateFormatW, GetLocalTime, InterlockedCompareExchange, FindFirstFileW, lstrcmpiW, FindNextFileW, FindClose, GetFileAttributesW, GetSystemTime, SystemTimeToFileTime, ExpandEnvironmentStringsW, InterlockedIncrement, InterlockedDecrement, GetLastError, SetInformationJobObject, CreateJobObjectW, GetPriorityClass, SetPriorityClass, SearchPathW, GetSystemDefaultUILanguage, UnmapViewOfFile, MapViewOfFile, GetTimeZoneInformation, GetDynamicTimeZoneInformation, GetBinaryTypeW, QueryPerformanceFrequency, QueueUserWorkItem, GetTickCount64, MulDiv, GetLongPathNameW, GetThreadPriority, MultiByteToWideChar, GlobalGetAtomNameW, GetCurrentThread, SetThreadPriority, LoadLibraryExW, GetProductInfo, TerminateThread, CreateIoCompletionPort, GetQueuedCompletionStatus, DeleteFileW, GetWindowsDirectoryW, GetProcessId, CompareStringW, QueryFullProcessImageNameW, CompareFileTime, CreateFileMappingW, ResetEvent, WideCharToMultiByte, GlobalAlloc, GlobalLock, GlobalUnlock, GlobalFree, DuplicateHandle, GetCurrentDirectoryW, WaitForMultipleObjects, GetComputerNameW, DeactivateActCtx, ActivateActCtx, ReleaseActCtx, CreateActCtxW, FindResourceExW, LoadResource, LockResource, OpenProcess, CloseHandle, LocalFree, LocalAlloc, QueryInformationJobObject, Sleep, ResumeThread, AssignProcessToJobObject, CreateThread, CreateProcessW, WaitForSingleObject, FreeLibrary, GetProcAddress, LoadLibraryW, GetUserDefaultUILanguage, CreateEventW, lstrlenW, HeapFree, HeapAlloc, GetProcessHeap, GetCurrentProcess, HeapSetInformation, GetVersionExW, DeleteCriticalSection, InitializeCriticalSection, HeapDestroy, GetPrivateProfileStringW, GetModuleFileNameW, GetCommandLineW, GetSystemDirectoryW, ExitProcess, RegisterApplicationRestart, SetProcessShutdownParameters, GetStartupInfoW, ReleaseMutex, CreateMutexW, SetErrorMode, SetProcessDEPPolicy, GetUserDefaultLangID, SetEvent, LeaveCriticalSection, EnterCriticalSection, GetTickCount, OpenEventW, SetTermsrvAppInstallMode, GetCurrentProcessId, GetModuleHandleW, GetCurrentThreadId, TerminateProcess, UnhandledExceptionFilter, CompareStringOrdinal, QueryPerformanceCounter, GetModuleHandleA, SetUnhandledExceptionFilter, InterlockedExchange, VirtualAlloc, VirtualFree, LoadLibraryA
GDI32.dll: GetStockObject, SetWindowOrgEx, StretchBlt, GetTextMetricsW, CombineRgn, Polyline, CreatePen, GetTextColor, ExtCreateRegion, GetRegionData, SetLayout, GetLayout, GetTextExtentPoint32W, OffsetRgn, LPtoDP, GetRgnBox, OffsetViewportOrgEx, GdiFlush, ExtTextOutW, SetDIBits, CreateRectRgn, GetClipRgn, IntersectClipRect, GetViewportOrgEx, SetViewportOrgEx, SelectClipRgn, GetBkColor, SetBkMode, CreateBitmap, PatBlt, CreateCompatibleBitmap, OffsetWindowOrgEx, SetBkColor, SetTextColor, GetTextExtentPointW, GetClipBox, CreateDIBSection, GetObjectW, CreateRectRgnIndirect, DeleteObject, CreateCompatibleDC, SelectObject, BitBlt, GetDeviceCaps, CreateFontIndirectW, DeleteDC, GdiAlphaBlend
USER32.dll: PtInRect, GetWindowRect, GetWindow, SendMessageW, EnumChildWindows, GetWindowLongW, CharPrevW, CharNextW, GetSystemMetrics, CreateWindowExW, DialogBoxParamW, GetClassInfoW, GetClassInfoExW, GetMenuItemInfoW, GetMenuItemCount, GetClassNameW, GetKeyboardLayout, ActivateKeyboardLayout, IsChild, InsertMenuW, GetMenuStringW, SetMenuItemInfoW, InsertMenuItemW, IsWinEventHookInstalled, IsProcessDPIAware, GetNextDlgGroupItem, GetNextDlgTabItem, GetDlgCtrlID, MoveWindow, IsRectEmpty, UnionRect, ChildWindowFromPointEx, GetGUIThreadInfo, SetClassLongW, GetClassLongW, WindowFromDC, CharUpperW, UnregisterClassW, FrameRect, GetWindowDC, SendMessageCallbackW, UpdateLayeredWindow, GetUserObjectInformationW, GetThreadDesktop, GetProcessWindowStation, GetIconInfo, ShowWindowAsync, FlashWindowEx, EndTask, SetThreadDesktop, GetMenuState, SetScrollInfo, GetScrollInfo, SetScrollPos, BringWindowToTop, DeregisterShellHookWindow, IsZoomed, CloseDesktop, OpenInputDesktop, RegisterShellHookWindow, InternalGetWindowText, GetWindowInfo, GetLayeredWindowAttributes, SetLayeredWindowAttributes, GetCaretBlinkTime, UnhookWindowsHookEx, CallNextHookEx, SetWindowsHookExW, GetUpdateRect, SystemParametersInfoW, FindWindowW, ReleaseDC, GetDC, DispatchMessageW, TranslateMessage, GetMessageW, DestroyMenu, GetMenuDefaultItem, CreatePopupMenu, PostMessageW, MsgWaitForMultipleObjectsEx, PeekMessageW, SetWindowLongW, ShutdownBlockReasonCreate, LoadStringW, DestroyWindow, PostQuitMessage, SetWindowPos, KillTimer, SetTimer, SetPropW, ShowWindow, MapWindowPoints, RegisterClassW, LoadCursorW, SetActiveWindow, UpdateLayeredWindowIndirect, GetLastInputInfo, SendDlgItemMessageW, EndDialog, GetDesktopWindow, GetShellWindow, DestroyIcon, GetMonitorInfoW, CopyRect, ModifyMenuW, CheckMenuItem, EnableMenuItem, GhostWindowFromHungWindow, DeleteMenu, ReleaseCapture, GetCursorPos, DefWindowProcW, TrackMouseEvent, GetDoubleClickTime, InvalidateRect, LockWorkStation, TileWindows, UpdateWindow, CascadeWindows, GetWindowTextW, TrackPopupMenu, ClientToScreen, WindowFromPoint, AppendMenuW, EndPaint, DrawEdge, FillRect, LockSetForegroundWindow, InflateRect, IsWindowVisible, GetForegroundWindow, GetParent, WaitMessage, RegisterWindowMessageW, TrackPopupMenuEx, GetClientRect, MonitorFromRect, EqualRect, SubtractRect, RedrawWindow, EnumDisplayMonitors, SetWindowTextW, IntersectRect, GetWindowPlacement, SendNotifyMessageW, RemovePropW, SetWindowCompositionAttribute, HungWindowFromGhostWindow, SetFocus, SendMessageTimeoutW, EnumWindows, UnregisterHotKey, RegisterHotKey, MonitorFromWindow, IsWindow, SetCursor, GetAsyncKeyState, SetForegroundWindow, ChildWindowFromPoint, SetCursorPos, GetMessagePos, IsIconic, LoadIconW, DeferWindowPos, OffsetRect, GetWindowThreadProcessId, ScreenToClient, GetAncestor, MonitorFromPoint, SetRectEmpty, ChangeWindowMessageFilterEx, LoadAcceleratorsW, TranslateAcceleratorW, GetKeyState, SetWindowRgn, GetWindowRgnBox, LoadImageW, GetFocus, GetActiveWindow, MessageBeep, BeginPaint, SwitchToThisWindow, GetLastActivePopup, EndDeferWindowPos, BeginDeferWindowPos, SetWindowPlacement, IsHungAppWindow, RegisterClipboardFormatW, SetRect, GetSysColorBrush, GetPropW, AllowSetForegroundWindow, LoadMenuW, GetSubMenu, RemoveMenu, SetMenuDefaultItem, GetCapture, DrawIconEx, GetMessageExtraInfo, SetGestureConfig, AdjustWindowRect, CalculatePopupWindowPosition, DrawTextW, SetCapture, CallWindowProcW, CheckDlgButton, IsDlgButtonChecked, IsWindowEnabled, GetDlgItemInt, SetDlgItemInt, GetDlgItem, EnableWindow, SetWinEventHook, MsgWaitForMultipleObjects, RegisterClassExW, CopyIcon, AdjustWindowRectEx, GetSysColor, DrawFocusRect, NotifyWinEvent, ExitWindowsEx, GetSystemMenu
msvcrt.dll: _controlfp, _terminate@@YAXXZ, _onexit, _lock, __dllonexit, _unlock, _except_handler4_common, __set_app_type, __p__fmode, memcpy, memmove, _CIsin, _ftol2, _CIcos, _wtoi, wcsncmp, _wcsnicmp, _wcsicmp, bsearch, __p__commode, __setusermatherr, _amsg_exit, _initterm, _wcmdln, exit, _XcptFilter, _exit, _cexit, __wgetmainargs, _ftol2_sse, malloc, _CIsqrt, ceil, realloc, wcschr, iswalpha, wcsstr, free, _vsnwprintf, memset
ntdll.dll: WinSqmSetString, NtQueryInformationProcess, NtSetInformationProcess, WinSqmIsOptedIn, NtOpenThreadToken, NtOpenProcessToken, NtClose, WinSqmAddToStreamEx, NtSetSystemInformation, WinSqmAddToStream, WinSqmEventEnabled, WinSqmSetDWORD, EtwEventWrite, EtwEventEnabled, NtQueryInformationToken, RtlGetProductInfo
SHLWAPI.dll: SHStrDupA, StrCmpW, -, -, PathCommonPrefixW, PathRemoveExtensionW, -, PathIsFileSpecW, -, -, -, StrRetToStrW, -, AssocCreate, -, StrRetToBufW, AssocQueryStringW, -, PathQuoteSpacesW, -, -, SHDeleteKeyW, -, SHRegGetUSValueW, -, -, PathIsNetworkPathW, -, -, -, -, SHOpenRegStream2W, -, -, -, -, -, -, PathRemoveFileSpecW, -, -, -, -, SHRegGetBoolUSValueW, -, -, PathGetDriveNumberW, PathFileExistsW, PathIsDirectoryW, -, -, PathFindExtensionW, StrChrIW, -, -, PathAppendW, SHDeleteValueW, -, SHSetValueW, -, -, PathRemoveArgsW, PathRemoveBlanksW, StrCmpNIW, -, PathGetArgsW, PathFindFileNameW, SHGetValueW, SHCreateThreadRef, SHSetThreadRef, PathCombineW, SHRegGetValueW, -, -, -, -, StrToIntW, -, StrChrW, -, -, -, -, -, -, SHStrDupW, PathStripToRootW, -, -, -, StrTrimW, StrCmpNW, SHQueryInfoKeyW, SHCreateStreamOnFileW, -, -, -, -, -, -, PathIsPrefixW, -, StrCmpIW, PathParseIconLocationW, PathIsRootW, -, -, -, AssocQueryKeyW, PathStripPathW, ChrCmpIW, StrStrIW, -
SHELL32.dll: -, -, -, SHGetPropertyStoreForWindow, -, -, SHGetStockIconInfo, -, -, -, -, -, -, -, -, -, Shell_GetCachedImageIndexW, -, -, -, SHGetLocalizedName, SHCreateDataObject, -, -, -, -, -, -, SHCreateShellItemArrayFromShellItem, SHGetKnownFolderPath, SHCreateShellItemArrayFromIDLists, -, -, SHBindToFolderIDListParentEx, SHGetFileInfoW, -, SHCreateItemWithParent, -, -, -, -, -, SHGetFolderLocation, -, SHParseDisplayName, SHGetSpecialFolderPathW, -, ShellExecuteExW, SHGetKnownFolderIDList, SHBindToObject, -, -, -, -, -, -, -, -, -, -, -, SHGetNameFromIDList, SHCreateShellItem, -, -, -, -, -, -, -, -, -, -, SHGetPathFromIDListW, ShellExecuteW, SHEnableServiceObject, -, SHGetIDListFromObject, -, SHChangeNotifyRegisterThread, -, -, -, -, SHUpdateRecycleBinIcon, -, -, SHCreateItemFromIDList, -, -, SHFileOperationW, SHGetFolderPathEx, -, -, -, -, -, SHGetPathFromIDListA, SHGetFolderPathW, SHBindToParent, -, SHAddToRecentDocs, Shell_NotifyIconW, Shell_NotifyIconGetRect, ExtractIconExW, SHEvaluateSystemCommandTemplate, SHChangeNotify, SHCreateItemFromParsingName, -, DragQueryFileW, -, -, SHGetSpecialFolderLocation, SHBindToFolderIDListParent
ole32.dll: OleInitialize, StringFromGUID2, CoRegisterMessageFilter, RegisterDragDrop, RevokeDragDrop, OleUninitialize, CoRevokeClassObject, CoCreateFreeThreadedMarshaler, CreateBindCtx, PropVariantClear, ReleaseStgMedium, CoInitializeEx, CreateStreamOnHGlobal, CoRegisterClassObject, CoCreateInstance, CoTaskMemFree, CoGetInterfaceAndReleaseStream, CoMarshalInterThreadInterfaceInStream, CoUninitialize, CoInitialize, CoGetMalloc, CoTaskMemAlloc, CLSIDFromString, CoFreeUnusedLibraries
OLEAUT32.dll: -, -, -, -, -, -
EXPLORERFRAME.dll: -, -
UxTheme.dll: DrawThemeTextEx, IsCompositionActive, IsAppThemed, GetThemeMetric, CloseThemeData, OpenThemeData, SetWindowTheme, DrawThemeBackground, GetThemeTextExtent, DrawThemeText, DrawThemeParentBackground, GetWindowTheme, GetThemePartSize, GetThemeBackgroundContentRect, EndBufferedPaint, GetThemeMargins, BeginBufferedPaint, BufferedPaintInit, BufferedPaintUnInit, IsThemeActive, -, GetThemeRect, IsThemePartDefined, GetThemeBackgroundRegion, GetThemeColor, GetThemeBool, DrawThemeIcon, GetBufferedPaintBits, BufferedPaintClear, GetThemeBackgroundExtent
POWRPROF.dll: CallNtPowerInformation, GetPwrCapabilities, PowerDeterminePlatformRole
dwmapi.dll: -, -, DwmEnableBlurBehindWindow, DwmIsCompositionEnabled, DwmSetWindowAttribute, -, DwmQueryThumbnailSourceSize, DwmUnregisterThumbnail, DwmUpdateThumbnailProperties, -, -
slc.dll: SLGetWindowsInformationDWORD
gdiplus.dll: GdipAlloc, GdiplusStartup, GdiplusShutdown, GdipFree, GdipDeleteGraphics, GdipDisposeImage, GdipGetImageWidth, GdipGetImageHeight, GdipCreateBitmapFromHBITMAP, GdipCreateFromHDC, GdipSetCompositingMode, GdipSetInterpolationMode, GdipDrawImageRectI, GdipCloneImage
Secur32.dll: GetUserNameExW
RPCRT4.dll: RpcBindingFree, RpcBindingSetAuthInfoExW, RpcStringFreeW, RpcBindingFromStringBindingW, RpcStringBindingComposeW, I_RpcExceptionFilter, NdrClientCall2
PROPSYS.dll: PropVariantToUInt32, PropVariantToStringAlloc, PropVariantToUInt64, PropVariantToBoolean, VariantToStringAlloc, VariantToStringWithDefault, PropVariantToString, VariantToBooleanWithDefault, VariantToInt32WithDefault, PSCreateMemoryPropertyStore, PropVariantToInt64
ExifTool:
file metadata
CharacterSet: Unicode
CodeSize: 717312
CompanyName: Microsoft Corporation
EntryPoint: 0x2a8cb
FileDescription: Windows Explorer
FileFlagsMask: 0x003f
FileOS: Windows NT 32-bit
FileSize: 2.5 MB
FileSubtype: 0
FileType: Win32 EXE
FileVersion: 6.1.7600.16450 (win7_gdr.091030-1504)
FileVersionNumber: 6.1.7600.16450
ImageVersion: 6.1
InitializedDataSize: 1897472
InternalName: explorer
LanguageCode: English (U.S.)
LegalCopyright: Microsoft Corporation. All rights reserved.
LinkerVersion: 187.7
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 6.1
ObjectFileType: Executable application
OriginalFilename: EXPLORER.EXE
PEType: PE32
ProductName: Microsoft Windows Operating System
ProductVersion: 6.1.7600.16450
ProductVersionNumber: 6.1.7600.16450
Subsystem: Windows GUI
SubsystemVersion: 6.1
TimeStamp: 2009:10:31 03:35:29+01:00
UninitializedDataSize: 0
=============================================

wininit:
Zitat:
Antivirus Version Last Update Result
AhnLab-V3 2010.10.13.01 2010.10.13 -
AntiVir 7.10.12.208 2010.10.13 TR/Spy.96256.33
Antiy-AVL 2.0.3.7 2010.10.13 -
Authentium 5.2.0.5 2010.10.13 -
Avast 4.8.1351.0 2010.10.13 -
Avast5 5.0.594.0 2010.10.13 -
AVG 9.0.0.851 2010.10.13 -
BitDefender 7.2 2010.10.13 Gen:Trojan.Heur.TP.fq0@b431usl
CAT-QuickHeal 11.00 2010.10.13 -
ClamAV 0.96.2.0-git 2010.10.13 -
Comodo 6378 2010.10.13 -
DrWeb 5.0.2.03300 2010.10.13 Win32.Dat.10
Emsisoft 5.0.0.50 2010.10.13 Gen.Trojan!IK
eSafe 7.0.17.0 2010.10.12 -
eTrust-Vet 36.1.7908 2010.10.13 -
F-Prot 4.6.2.117 2010.10.12 -
F-Secure 9.0.15370.0 2010.10.13 Gen:Trojan.Heur.TP.fq0@b431usl
Fortinet 4.2.249.0 2010.10.13 -
Ikarus T3.1.1.90.0 2010.10.13 Gen.Trojan
Jiangmin 13.0.900 2010.10.13 -
K7AntiVirus 9.65.2742 2010.10.13 -
Kaspersky 7.0.0.125 2010.10.13 -
McAfee 5.400.0.1158 2010.10.13 -
McAfee-GW-Edition 2010.1C 2010.10.13 Heuristic.BehavesLike.Win32.Suspicious.H
Microsoft 1.6201 2010.10.13 -
NOD32 5528 2010.10.13 -
Norman 6.06.07 2010.10.12 -
nProtect 2010-10-13.01 2010.10.13 -
Panda 10.0.2.7 2010.10.13 -
PCTools 7.0.3.5 2010.10.13 -
Prevx 3.0 2010.10.13 -
Rising 22.69.02.04 2010.10.13 -
Sophos 4.58.0 2010.10.13 -
Sunbelt 7050 2010.10.13 Virus.Win32.Bamital.c (v)
SUPERAntiSpyware 4.40.0.1006 2010.10.13 -
Symantec 20101.2.0.161 2010.10.13 -
TheHacker 6.7.0.1.056 2010.10.13 -
TrendMicro 9.120.0.1004 2010.10.13 -
TrendMicro-HouseCall 9.120.0.1004 2010.10.13 -
VBA32 3.12.14.1 2010.10.13 -
ViRobot 2010.9.25.4060 2010.10.13 -
VirusBuster 12.68.1.0 2010.10.13 -
Additional information
Show all
MD5 : c971be5176232414672869a541de40b0
SHA1 : 708db103e368eb3eeb9187b05737681a62bf4a2c
SHA256: 118c16c20deb1d2e0f0e0ef84ebcb8f161f40871a91a673321f32a82f0d781b4
ssdeep: 1536:AGDwCs1vXHQZ9f7gimiMoQqmokUuXYz2C/6gBoBZyoZLB//cVU2n:AG8Cs1v0576o+XzMo
BZyoZLdcPn
File size : 96256 bytes
First seen: 2010-10-13 16:54:12
Last seen : 2010-10-13 16:54:12
TrID:
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: (c) Microsoft Corporation. All rights reserved.
product......: Microsoft_ Windows_ Operating System
description..: Windows Start-Up Application
original name: WinInit.exe
internal name: WinInit
file version.: 6.1.7600.16385 (win7_rtm.090713-1255)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x4DC8
timedatestamp....: 0x4A5BC50F (Mon Jul 13 23:36:47 2009)
machinetype......: 0x14c (I386)

[[ 4 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x13B7B, 0x13C00, 6.34, 0e405b0a06b06fd0b565731c831eaa93
.data, 0x15000, 0x8D4, 0x800, 1.62, f7a5b83b22b50ef2bb97fee4c7db73d4
.rsrc, 0x16000, 0x18F8, 0x1A00, 3.89, f83307e1a9d24d061a924f2b8eaceeb1
.reloc, 0x18000, 0x14C4, 0x1600, 6.65, f39439410d625e3fc948d59ac7234abc

[[ 8 import(s) ]]
USER32.dll: SetWindowStationUser, SwitchDesktopWithFade, LoadLocalFonts, SetWindowsHookExW, RegisterLogonProcess, SetProcessWindowStation, CreateDesktopW, CloseDesktop, CloseWindowStation, SetUserObjectSecurity, SwitchDesktop, UpdatePerUserSystemParameters, RecordShutdownReason, GetAsyncKeyState, ExitWindowsEx, UnhookWindowsHookEx, SetThreadDesktop, CreateWindowStationW
msvcrt.dll: _vsnwprintf, _wcsicmp, memcpy, memmove, wcschr, __getmainargs, _cexit, _exit, _XcptFilter, _ismbblead, exit, _acmdln, _initterm, _amsg_exit, __setusermatherr, __p__commode, __p__fmode, __set_app_type, _except_handler4_common, _terminate@@YAXXZ, _controlfp, memset, wcsstr
ntdll.dll: RtlNtStatusToDosError, RtlInitUnicodeString, NtShutdownSystem, RtlDeregisterWaitEx, RtlFreeHeap, RtlAllocateHeap, EtwEventEnabled, EtwEventWrite, EtwEventUnregister, EtwEventRegister, NtOpenProcessToken, RtlRemovePrivileges, NtClose, EtwUnregisterTraceGuids, EtwRegisterTraceGuidsW, EtwGetTraceLoggerHandle, EtwGetTraceEnableLevel, EtwGetTraceEnableFlags, EtwTraceMessage, RtlRegisterWait, RtlDestroyEnvironment, NtSetValueKey, NtReplyPort, NtCreateKey, NtReplyWaitReceivePort, NtAcceptConnectPort, NtCreatePort, NtAllocateLocallyUniqueId, TpSimpleTryPost, RtlFreeSid, RtlSetSaclSecurityDescriptor, RtlAddMandatoryAce, RtlCreateAcl, RtlCreateSecurityDescriptor, RtlGetDaclSecurityDescriptor, RtlCopySid, RtlLengthSid, RtlSetDaclSecurityDescriptor, RtlAddAce, RtlUnhandledExceptionFilter, NtQueryInformationProcess, NtQuerySystemInformation, RtlSetThreadIsCritical, RtlSetProcessIsCritical, RtlLeaveCriticalSection, RtlEnterCriticalSection, RtlCompareUnicodeString, NtPrivilegeObjectAuditAlarm, EtwEventWriteEndScenario, EtwEventWriteStartScenario, EtwEventActivityIdControl, NtPrivilegeCheck, NtOpenThreadToken, RtlAllocateAndInitializeSid, RtlInitializeCriticalSection, NtQueryInformationToken, RtlSetEnvironmentVariable, RtlQueryEnvironmentVariable_U, RtlInitUnicodeStringEx, RtlCreateEnvironment, NtCreateEvent, RtlAdjustPrivilege, NtSystemDebugControl, NtCompleteConnectPort
API_MS_Win_Core_LocalRegistry_L1_1_0.dll: RegDeleteValueW, RegQueryValueExA, RegQueryInfoKeyA, RegQueryInfoKeyW, RegEnumValueW, RegGetValueW, RegQueryValueExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey
RPCRT4.dll: RpcBindingFree, RpcStringBindingParseW, RpcBindingToStringBindingW, RpcBindingServerFromClient, RpcRevertToSelf, RpcImpersonateClient, RpcServerInqCallAttributesW, RpcServerListen, RpcServerRegisterIfEx, RpcServerUseProtseqEpW, RpcExceptionFilter, RpcServerInqDefaultPrincNameW, RpcServerRegisterAuthInfoW, RpcStringFreeW, RpcServerInqBindings, UuidFromStringW, RpcEpRegisterW, RpcServerUnregisterIf, RpcEpUnregister, RpcBindingVectorFree, NdrAsyncServerCall, RpcServerTestCancel, RpcAsyncAbortCall, I_RpcBindingIsClientLocal, NdrAsyncClientCall, RpcBindingCopy, RpcBindingCreateW, RpcBindingBind, RpcServerUseProtseqW, RpcAsyncInitializeHandle, RpcAsyncCancelCall, RpcAsyncCompleteCall, RpcBindingUnbind, NdrClientCall2, NdrServerCall2, I_RpcExceptionFilter, RpcBindingSetAuthInfoExW, RpcBindingFromStringBindingW, RpcStringBindingComposeW, RpcMgmtIsServerListening
KERNEL32.dll: SetEvent, CreateTimerQueueTimer, SetErrorMode, GetTickCount, GetWindowsDirectoryW, FindFirstFileW, FindClose, HeapSetInformation, CreateProcessW, InterlockedExchange, CreateThread, SleepEx, GetCurrentProcessId, SetThreadExecutionState, Sleep, ResetEvent, WaitForSingleObject, QueueUserWorkItem, WaitForSingleObjectEx, HeapFree, HeapAlloc, HeapDestroy, HeapCreate, LoadLibraryW, GetProcAddress, GetFileAttributesW, SetTimerQueueTimer, OpenProcess, GetModuleHandleW, CreateRemoteThread, ResumeThread, DeleteTimerQueueTimer, RegDeleteTreeW, UnhandledExceptionFilter, TerminateProcess, GetSystemTimeAsFileTime, GetCurrentThreadId, QueryPerformanceCounter, GetModuleHandleA, SetUnhandledExceptionFilter, GetStartupInfoA, LoadLibraryExA, InterlockedCompareExchange, DelayLoadFailureHook, MoveFileExW, LocalSize, LocalReAlloc, FindFirstVolumeW, GetDriveTypeW, DeleteFileW, FindNextVolumeW, FindVolumeClose, lstrcmpiW, GetShortPathNameW, CreateFileW, LocalAlloc, ReadFile, CreateDirectoryW, LocalFree, SetLastError, lstrlenW, GetVersionExW, CreateEventW, GetDateFormatW, GetTimeFormatW, FileTimeToSystemTime, SystemTimeToFileTime, GetLocalTime, LockResource, LoadResource, FindResourceExW, GetProcessHeap, FreeLibrary, GetComputerNameW, SetEnvironmentVariableW, GetLastError, GetCurrentProcess, SetPriorityClass, GetCurrentThread, SetThreadPriority, GetExitCodeProcess, CloseHandle, WaitForMultipleObjectsEx, ExpandEnvironmentStringsW
API_MS_Win_Security_LSALookup_L1_1_0.dll: LookupAccountSidLocalW
profapi.dll: -
ExifTool:
file metadata
CharacterSet: Unicode
CodeSize: 80896
CompanyName: Microsoft Corporation
EntryPoint: 0x4dc8
FileDescription: Windows Start-Up Application
FileFlagsMask: 0x003f
FileOS: Windows NT 32-bit
FileSize: 94 kB
FileSubtype: 0
FileType: Win32 EXE
FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
FileVersionNumber: 6.1.7600.16385
ImageVersion: 6.1
InitializedDataSize: 14848
InternalName: WinInit
LanguageCode: English (U.S.)
LegalCopyright: Microsoft Corporation. All rights reserved.
LinkerVersion: 187.7
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 6.1
ObjectFileType: Executable application
OriginalFilename: WinInit.exe
PEType: PE32
ProductName: Microsoft Windows Operating System
ProductVersion: 6.1.7600.16385
ProductVersionNumber: 6.1.7600.16385
Subsystem: Windows GUI
SubsystemVersion: 6.1
TimeStamp: 2009:07:14 01:36:47+02:00
UninitializedDataSize: 0
Symantec reputation:Suspicious.Insight

======================================================

OTL bringt mir folgende Scanmeldung wenn ich runscan wähle und die Einstellungen wie unter folgendem link setze
h**p://www.trojaner-board.de/85104-otl-otlogfile-oldtimer.html :


OTL Logfile:
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL logfile created on: 13.10.2010 19:03:52 - Run 1
OTL by OldTimer - Version 3.2.15.2     Folder = C:\Users\Jakob\Desktop
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,84 Gb Total Space | 26,76 Gb Free Space | 33,95% Space Free | Partition Type: NTFS
Drive F: | 209,05 Gb Total Space | 20,60 Gb Free Space | 9,85% Space Free | Partition Type: NTFS
 
Computer Name: Jakob-VAIO | User Name: ****** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Jakob\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla\Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\TimeLeft3\TimeLeft.exe (NesterSoft Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Realtek\Audio\HDA\RtkAudioService.exe (Realtek Semiconductor)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\vmnat.exe (VMware, Inc.)
PRC - C:\Programme\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
PRC - C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Programme\VMware\VMware Player\hqtray.exe (VMware, Inc.)
PRC - C:\Programme\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
PRC - C:\Programme\sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
PRC - C:\Users\Jakob\AppData\Local\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
PRC - C:\Users\Jakob\AppData\Local\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Programme\sony\Network Utility\LANUtil.exe (Sony Corporation)
PRC - C:\Programme\sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Programme\sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Programme\sony\VAIO Update 4\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Programme\Common Files\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Programme\sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Programme\sony\VAIO Power Management\SPMService.exe (Sony Corporation)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
PRC - C:\Programme\Winamp\winampa.exe ()
PRC - C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
PRC - C:\Programme\sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
PRC - C:\Programme\sony\Network Utility\NSUService.exe (Sony Corporation)
PRC - C:\Programme\sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Programme\Apoint\Apvfb.exe (ALPS)
PRC - C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Apoint\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
PRC - C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
PRC - C:\Programme\Creative\Software Update 3\SoftAuto.exe (Creative Technology Ltd)
PRC - C:\Programme\totalcmd\TOTALCMD.EXE (C. Ghisler & Co.)
PRC - C:\Programme\Creative\Shared Files\CTDevSrv.exe (Creative Technology Ltd)
PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Programme\MMEDIA\TV Jukebox 3.0\tvjbMonitor.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Jakob\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (VUAgent) -- C:\Program Files\sony\VAIO Update 5\VUAgent.exe (Sony Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (RtkAudioService) -- C:\Programme\Realtek\Audio\HDA\RtkAudioService.exe (Realtek Semiconductor)
SRV - (VMware NAT Service) -- C:\Windows\System32\vmnat.exe (VMware, Inc.)
SRV - (VMAuthdService) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
SRV - (VMnetDHCP) -- C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMUSBArbService) -- C:\Programme\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
SRV - (ufad-ws60) -- C:\Program Files\VMware\VMware Player\vmware-ufad.exe (VMware, Inc.)
SRV - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation)
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (VAIO Event Service) -- C:\Program Files\sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (SOHPlMgr) -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHDBSvr) -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (Roxio Upnp Server 10) -- C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)
SRV - (Roxio UPnP Renderer 10) -- C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)
SRV - (NSUService) -- C:\Program Files\sony\Network Utility\NSUService.exe (Sony Corporation)
SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (yksvc) -- C:\Windows\System32\ykx32mpcoinst.dll (Marvell)
SRV - (uCamMonitor) -- C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (CTUPnPSv) -- C:\Programme\Creative\Creative Centrale\CTUPnPSv.exe (Creative Technology Ltd)
SRV - (CTDevice_Srv) -- C:\Programme\Creative\Shared Files\CTDevSrv.exe (Creative Technology Ltd)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WPRO_40_1340) WinPcap Packet Driver (WPRO_40_1340) -- C:\Windows\System32\drivers\WPRO_40_1340.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (mv2) -- C:\Windows\System32\drivers\mv2.sys (UVNC BVBA)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (vmx86) -- C:\Windows\System32\drivers\vmx86.sys (VMware, Inc.)
DRV - (vmci) -- C:\Windows\System32\drivers\vmci.sys (VMware, Inc.)
DRV - (vmkbd) -- C:\Windows\System32\drivers\VMkbd.sys (VMware, Inc.)
DRV - (VMnetuserif) -- C:\Windows\System32\drivers\vmnetuserif.sys (VMware, Inc.)
DRV - (hcmon) -- C:\Windows\System32\drivers\hcmon.sys (VMware, Inc.)
DRV - (vmusb) -- C:\Windows\System32\drivers\vmusb.sys (VMware, Inc.)
DRV - (VMnetBridge) -- C:\Windows\System32\drivers\vmnetbridge.sys (VMware, Inc.)
DRV - (VMnetAdapter) -- C:\Windows\System32\drivers\vmnetadapter.sys (VMware, Inc.)
DRV - (vstor2-ws60) -- C:\Programme\VMware\VMware Player\vstor2-ws60.sys (VMware, Inc.)
DRV - (ctxusbm) -- C:\Windows\System32\drivers\ctxusbm.sys (Citrix Systems, Inc.)
DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwl2cap) -- C:\Windows\System32\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (VClone) -- C:\Windows\System32\drivers\VClone.sys (Elaborate Bytes AG)
DRV - (tdrpman228) Acronis Try&Decide and Restore Points filter (build 228) -- C:\Windows\system32\DRIVERS\tdrpm228.sys (Acronis)
DRV - (snapman) -- C:\Windows\system32\DRIVERS\snapman.sys (Acronis)
DRV - (SIVDRIVER) -- C:\Windows\System32\drivers\SIVX32.sys (Ray Hinchliffe)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (LUsbFilt) -- C:\Windows\System32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LHidEqd) -- C:\Windows\System32\drivers\LHidEqd.sys (Logitech, Inc.)
DRV - (LEqdUsb) -- C:\Windows\System32\drivers\LEqdUsb.sys (Logitech, Inc.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (mcdbus) -- C:\Windows\System32\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (ArcSoftKsUFilter) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (USBPNPA) -- C:\Windows\System32\drivers\CM108.sys (C-Media Inc)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
DRV - (SBKUPNT) -- C:\Windows\System32\drivers\SBKUPNT.SYS ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=EU01
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=SNYT
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=EU01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.metacrawler.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;127.0.0.1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ftp=192.168.123.2:8080;http=192.168.123.2:8080;https=192.168.123.2:8080;socks=192.168.123.2:8080
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Ask"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "eBay"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.metacrawler.de"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.5
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: timeleft@nestersoft.com:1.0
FF - prefs.js..extensions.enabledItems: spam@trashmail.net:2.0.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0
FF - prefs.js..extensions.enabledItems: jl@leimbach-it.de:2.5
FF - prefs.js..keyword.URL: "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q="
FF - prefs.js..network.proxy.autoconfig_url: "hxxp://ad1ivp.tecosim.com/pac/tecosimproxy.pac"
FF - prefs.js..network.proxy.backup.ftp: "192.168.123.2"
FF - prefs.js..network.proxy.backup.ftp_port: 8080
FF - prefs.js..network.proxy.backup.gopher: "192.168.123.2"
FF - prefs.js..network.proxy.backup.gopher_port: 8080
FF - prefs.js..network.proxy.backup.socks: "192.168.123.2"
FF - prefs.js..network.proxy.backup.socks_port: 8080
FF - prefs.js..network.proxy.backup.ssl: "192.168.123.2"
FF - prefs.js..network.proxy.backup.ssl_port: 8080
FF - prefs.js..network.proxy.ftp: "192.168.123.2"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "192.168.123.2"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "192.168.123.2"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "192.168.123.2"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "192.168.123.2"
FF - prefs.js..network.proxy.ssl_port: 8080
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla\Firefox\components [2010.09.17 18:32:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla\Firefox\plugins [2010.09.17 18:32:08 | 000,000,000 | ---D | M]
 
[2010.01.17 22:51:40 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\mozilla\Extensions
[2010.01.10 18:51:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jakob\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009.09.30 18:37:33 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2010.10.12 19:21:45 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\0mlohea2.default\extensions
[2010.09.12 10:22:55 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\0mlohea2.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010.04.27 19:20:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\0mlohea2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.09.24 18:11:49 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\0mlohea2.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2010.07.26 22:09:31 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\0mlohea2.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.08.17 20:39:36 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\0mlohea2.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2010.09.12 10:22:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\0mlohea2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.10.08 21:54:21 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\0mlohea2.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.10.09 20:35:07 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\0mlohea2.default\extensions\jl@leimbach-it.de
[2010.06.29 20:18:07 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\0mlohea2.default\extensions\spam@trashmail.net
[2010.06.06 09:57:37 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\0mlohea2.default\extensions\timeleft@nestersoft.com
[2010.05.29 23:00:14 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\0mlohea2.default\extensions\youtube2mp3@mondayx.de
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Programme\FlashGet\ComDlls\bhoCATCH.dll (FlashGet)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ConnectionCenter] C:\Users\Jakob\AppData\Local\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [MarketingTools] C:\Programme\sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SHTtray.exe] C:\Programme\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)
O4 - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [tvjbmonitor] C:\Programme\MMEDIA\TV Jukebox 3.0\tvjbMonitor.exe ()
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [VMware hqtray] C:\Program Files\VMware\VMware Player\hqtray.exe (VMware, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [WinVNC] C:\Program Files\UltraVNC\WinVNC.exe (UltraVNC)
O4 - HKCU..\Run: [googletalk] C:\Users\Jakob\AppData\Roaming\Google Talk\googletalk.exe File not found
O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O4 - HKCU..\Run: [SoftAuto.exe] C:\Program Files\Creative\Software Update 3\SoftAuto.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Programme\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TimeLeft.lnk = C:\Programme\TimeLeft3\TimeLeft.exe (NesterSoft Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: &Download All by FlashGet - C:\Programme\FlashGet\ComDlls\Bhoall.htm ()
O8 - Extra context menu item: &Download by FlashGet - C:\Programme\FlashGet\ComDlls\Bholink.htm ()
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Add to TimeLeft Auction Watch - {21196042-830F-419f-A594-F9D456A6C29A} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Add to TimeLeft Auction Watch - {21196042-830F-419f-A594-F9D456A6C29A} - Reg Error: Key error. File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {7E0FDFBB-87D4-43A1-9AD4-41F0EA8AFF7B} https://citrix.industriehansa.de/net6helper.cab (Net6Launcher Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\VAIO 08 img5 Wallpaper 1366x768.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\VAIO 08 img5 Wallpaper 1366x768.jpg
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.10.13 19:00:41 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\Jakob\Desktop\OTL.exe
[2010.10.13 18:52:31 | 000,000,000 | ---D | C] -- C:\avrescue
[2010.10.12 00:56:21 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2010.10.07 20:34:39 | 000,000,000 | ---D | C] -- C:\Users\Jakob\AppData\Roaming\Raptr
[2010.10.07 20:34:39 | 000,000,000 | ---D | C] -- C:\Programme\Raptr
[2010.10.07 18:01:07 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\Server
[2010.10.06 05:55:50 | 000,000,000 | ---D | C] -- C:\h2format
[2010.09.30 03:00:46 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010.09.29 14:21:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.09.17 21:46:04 | 000,000,000 | ---D | C] -- C:\Users\Jakob\AppData\Roaming\Google Talk
[2010.09.17 03:03:06 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.09.15 20:18:50 | 000,000,000 | ---D | C] -- C:\Users\Jakob\Desktop\Stardict
[2010.09.14 20:53:48 | 000,000,000 | ---D | C] -- C:\GIFs
[2010.09.14 20:17:25 | 000,000,000 | ---D | C] -- C:\Programme\bitsoft.net
[2010.09.14 20:15:58 | 000,000,000 | ---D | C] -- C:\Users\Jakob\AppData\Roaming\Bitsoft
[2010.09.14 20:15:54 | 000,000,000 | ---D | C] -- C:\Programme\Video Snapshot Wizard
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.10.13 19:00:47 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Jakob\Desktop\OTL.exe
[2010.10.13 18:47:50 | 000,014,624 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.13 18:47:50 | 000,014,624 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.13 18:45:00 | 000,003,933 | ---- | M] () -- C:\Users\Jakob\wincmd.ini
[2010.10.13 18:39:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.13 18:39:07 | 2389,987,328 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.11 06:43:40 | 000,656,850 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.10.11 06:43:40 | 000,618,692 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.10.11 06:43:40 | 000,131,216 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.10.11 06:43:40 | 000,107,598 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.10.07 20:33:25 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2010.09.14 20:17:25 | 000,001,190 | ---- | M] () -- C:\Users\Public\Desktop\Video Snapshot Wizard.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.10.07 20:33:25 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk
[2010.10.07 17:54:47 | 000,014,976 | ---- | C] () -- C:\Windows\System32\drivers\SBKUPNT.SYS
[2010.10.07 17:54:47 | 000,013,312 | ---- | C] () -- C:\Windows\System32\DEVLOAD.EXE
[2010.09.14 20:15:54 | 000,001,190 | ---- | C] () -- C:\Users\Public\Desktop\Video Snapshot Wizard.lnk
[2010.08.01 19:35:40 | 000,000,011 | ---- | C] () -- C:\ProgramData\.tv
[2010.07.08 16:09:00 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.04.18 17:35:40 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010.04.07 10:48:04 | 000,000,589 | ---- | C] () -- C:\Windows\wiso.ini
[2010.03.04 16:00:53 | 000,000,000 | ---- | C] () -- C:\Users\Jakob\AppData\Roaming\wklnhst.dat
[2010.02.21 05:48:22 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.01.28 17:19:04 | 000,007,680 | ---- | C] () -- C:\Users\Jakob\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.17 20:56:09 | 000,000,062 | ---- | C] () -- C:\Windows\WININIT.INI
[2009.12.02 19:02:50 | 001,632,887 | ---- | C] () -- C:\Windows\System32\ffmpegmt.dll
[2009.12.02 18:56:10 | 004,840,081 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2009.12.01 13:16:59 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009.11.17 23:42:29 | 000,000,051 | ---- | C] () -- C:\Programme\.directory
[2009.11.04 20:45:44 | 000,611,638 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2009.11.04 20:43:20 | 000,324,096 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2009.11.03 22:11:22 | 000,113,152 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2009.11.03 22:11:00 | 000,146,944 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll
[2009.11.03 22:10:42 | 000,183,296 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2009.11.03 22:09:18 | 000,178,688 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2009.11.03 22:08:58 | 000,484,864 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2009.11.03 22:08:12 | 000,257,024 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2009.11.03 22:07:16 | 000,142,848 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2009.11.03 21:36:06 | 000,145,408 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2009.11.03 21:34:56 | 000,100,864 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2009.11.03 20:05:02 | 000,957,047 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2009.10.28 00:46:26 | 000,248,320 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll
[2009.08.16 11:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.08.09 16:39:11 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.05 22:47:51 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.17 10:23:10 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2009.05.15 19:22:04 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2009.01.11 00:17:32 | 000,163,840 | ---- | C] () -- C:\Windows\System32\ts.dll
[2009.01.11 00:16:56 | 000,148,480 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2009.01.11 00:16:50 | 000,108,032 | ---- | C] () -- C:\Windows\System32\avi.dll
[2009.01.11 00:16:14 | 000,141,312 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2009.01.11 00:15:54 | 000,120,832 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2009.01.11 00:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\mmfinfo.dll
[2009.01.11 00:15:32 | 000,102,400 | ---- | C] () -- C:\Windows\System32\avss.dll
[2009.01.11 00:15:28 | 000,246,784 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2009.01.11 00:15:12 | 000,097,280 | ---- | C] () -- C:\Windows\System32\avs.dll
[2009.01.11 00:14:08 | 000,079,360 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2009.01.11 00:14:06 | 000,023,552 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007.10.13 11:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\System32\Registration.ini
[2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
 
========== LOP Check ==========
 
[2010.01.17 22:51:26 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Acronis
[2010.10.07 20:44:33 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Azureus
[2010.04.20 07:40:46 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\BITS
[2010.09.14 20:15:58 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Bitsoft
[2010.03.21 18:09:47 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\BitTyrant
[2010.04.07 10:45:40 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Buhl Data Service
[2010.01.17 22:51:31 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Canneverbe_Limited
[2010.05.18 19:48:00 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\CheckPoint
[2010.01.20 11:13:00 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Citrix
[2010.01.17 22:51:31 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\DeepBurner
[2010.01.17 22:51:31 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Foxit
[2010.01.17 22:51:31 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\GHISLER
[2010.02.13 02:48:32 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\ICAClient
[2010.01.17 22:51:31 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\InterVideo
[2010.01.17 22:51:31 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Leadertech
[2010.01.17 22:51:31 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Leawo
[2010.01.17 22:51:31 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\LSTC
[2010.06.05 19:39:20 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\NesterSoft
[2010.03.13 15:31:52 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Nokia
[2010.01.17 22:51:48 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\OpenOffice.org
[2010.03.13 15:30:04 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\PC Suite
[2010.10.13 18:30:17 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Raptr
[2010.04.25 15:54:38 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\ScummVM
[2010.01.17 22:52:21 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\smc
[2010.01.17 22:52:21 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\SpeedProject
[2010.07.26 20:45:18 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\TeamViewer
[2010.03.04 16:00:56 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Template
[2010.01.17 22:52:21 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Thinstall
[2010.10.13 18:50:30 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Thunderbird
[2010.01.17 22:52:26 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\TomTom
[2010.08.01 20:04:10 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\TwonkyMedia
[2010.01.17 22:52:26 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\VistaCodecs
[2010.01.17 22:52:26 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\VitySoft
[2010.02.12 11:58:25 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\WebEx
[2010.03.21 15:09:58 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Win7codecs
[2010.01.17 22:52:27 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\XnView
[2010.06.26 07:04:39 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---

--- --- ---

Das kommt bei der extras.txt DAtei raus:

OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 13.10.2010 19:03:52 - Run 1
OTL by OldTimer - Version 3.2.15.2     Folder = C:\Users\Jakob\Desktop
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,84 Gb Total Space | 26,76 Gb Free Space | 33,95% Space Free | Partition Type: NTFS
Drive F: | 209,05 Gb Total Space | 20,60 Gb Free Space | 9,85% Space Free | Partition Type: NTFS
 
Computer Name: JAKOB-VAIO | User Name: Jakob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla\Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet\FlashGet.exe" = C:\Program Files\FlashGet\FlashGet.exe:*:Enabled:Flashget2 -- (FLASHGET)
"C:\Program Files\FlashGet\LiveUpdate.exe" = C:\Program Files\FlashGet\LiveUpdate.exe:*:Enabled:FGLiveUpdate -- File not found
"C:\Program Files\FlashGet\LiveUpdateEx.exe" = C:\Program Files\FlashGet\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx -- File not found
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0A1B60E0-F250-BD91-79C9-C29B9C05A5AA}" = Catalyst Control Center InstallProxy
"{0BCA9EFD-F2D6-4638-B053-8693BA0404BE}" = Citrix Online Plug-in (Web)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID-Anmelde-Assistent
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2411" = CanoScan LiDE 70
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{183372B8-A3C2-063B-5C9E-B5C3E09F7158}" = CCC Help Norwegian
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18510937-0146-417B-95D8-14706649C384}" = VAIO Content Metadata Manager Settings
"{19B683DF-B562-4C0B-8AAA-2A92409D190A}" = Sony Home Network Library
"{1D2DF848-BA1C-6D29-8DC6-A8EBC85B2128}" = CCC Help Thai
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2176C142-DEE5-8AF0-9257-CA2E65368A52}" = CCC Help Finnish
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Einstellungen für VAIO-Inhaltsüberwachung
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{27EA389E-B0D3-E606-A801-C397BC417B00}" = Catalyst Control Center Graphics Previews Common
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{31E8F586-4EF7-4500-844D-BA8756474FF1}" = Windows Automated Installation Kit
"{32DD0B80-68A4-2BAD-6D43-D2A6A7732AA2}" = CCC Help Hungarian
"{331ED3CF-3A1B-467C-9A62-899E2D3B20C4}_is1" =  Leawo Video Converter version  1.9.2.8
"{33F55462-96AF-0D67-AAF3-5ACBDE186FF7}" = CCC Help Dutch
"{359391F9-1A4D-A988-D62D-0F33C59AFDF6}" = CCC Help English
"{36FBD8D7-CEFC-2BFD-9E50-CDEA040D5F47}" = CCC Help Swedish
"{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C7C4990-D713-E889-63E7-214D35B55B18}" = Catalyst Control Center Graphics Previews Vista
"{4442AB48-DEC4-4B39-B067-1F75BF8017E7}" = Creative Centrale
"{4448ABF6-786D-4C3D-A49D-7BB237E6DD17}" = Foxit PDF IFilter
"{45D4F727-43B5-49CD-B474-B9866A8F4FB8}" = Nokia Map Loader
"{46B70DEB-97B3-4E38-B746-EC16905E6A8F}" = WISO Sparbuch 2010
"{484D0DD1-57D3-4AE5-8B5A-40232C83B674}" = VAIO Entertainment Platform
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{495FB15C-3CEE-4C2B-BBF2-5879792ABCCA}" = HyperWorks
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C5FC19D-AE05-3F78-4336-90116C43400E}" = CCC Help French
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4E64FCCA-AE91-609C-6646-3BA7B2542C17}" = CCC Help Russian
"{4F29AF49-2F30-4E33-416B-E373ACE30B03}" = Catalyst Control Center Core Implementation
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{55392E52-1AAD-44C4-BE49-258FFE72434F}" = Citrix Online Plug-in (USB)
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5CCB5E3A-8FA6-E1B8-082E-507493C836CD}" = Catalyst Control Center Localization All
"{5D9F5605-4B95-A700-B10E-FC5DBE052D18}" = CCC Help Italian
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{6419ED85-0F56-473E-9C65-5BFCA43402C0}" = VMXWizard beta
"{653C3AFC-E8BB-E745-DEE8-A9EA8ED5D432}" = CCC Help Greek
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69C8B1E3-2665-4A0F-B049-67746E5C4CE3}" = Software Info for Me&My VAIO
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6CCAF3C8-8B77-3601-6E9C-E85E9444B0E6}" = CCC Help Chinese Traditional
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" = 
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{76D7CCD6-8369-405C-B494-5F34FAE67249}" = Me&My VAIO
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B79CD75-F848-4B33-83E3-0EE1A1805A8C}" = VAIO Movie Story
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7C404084-C5A6-42FF-B731-0BAC79A6E134}" = VAIO Original Funktion Einstellungen
"{7C84DDDF-DEC9-4E02-8222-D86E73531CEB}" = Citrix Online Plug-in (SSON)
"{7C8744A5-DED2-028E-C0B7-42AAA764E806}" = CCC Help Korean
"{7CF4115F-8947-2E35-718E-9AE7907FDD34}" = Catalyst Control Center Graphics Full New
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FCCDC50-98B9-423F-AC82-7250EDAEB874}" = Altair HyperWorks 10.0
"{812424AC-A8B5-44E6-8D48-07E939D1AD9A}" = Citrix Online Plug-in (HDX)
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{86604C06-DA30-425E-AECE-47304FE81C45}" = Creative Software Update
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial 
"{8B1CF7D7-9D45-6FB7-8B8A-72E804B74ACD}" = CCC Help Danish
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{931FE23C-BB40-4C7A-A594-DB35908D8E83}" = VAIO Quick Web Access
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95229EF6-F4A1-413A-BA50-668311FAFE19}" = VAIO Original Function Settings
"{96AE9B73-23A5-3781-07EE-D873CDF1935A}" = CCC Help Polish
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = 
"{97F52122-E41C-C805-3981-E8686E073978}" = CCC Help Chinese Standard
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{989ED050-E296-4FDC-9E4E-C48B4AF76E32}" = VAIO Content Metadata Intelligent Analyzing Manager
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{99804FF5-11AC-4FC9-B66B-72E9A6B386BC}" = ccc-core-static
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E39EA0D-38CD-4739-9E28-DEA4A1155522}" = Sony Home Network Library
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player
"{A568DFBD-4A04-484E-86BB-165AA6C53E2B}" = VAIO Content Monitoring Settings
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A82C622C-22E2-409E-7113-EB749DEBC9F7}" = CCC Help Portuguese
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{A9669DD6-33A2-4F12-85BA-AA5EE03B3CA5}_is1" = Video Snapshot Wizard 2.1
"{AA66EAEF-E6F9-BB8A-1463-72BE38F70856}" = CCC Help Japanese
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time  Lib Setup
"{AC76BA86-7AD7-1031-7B44-A90100000001}" = Adobe Reader 9.0.1 - Deutsch
"{AEF0D6B2-1087-3D96-624F-B83A5EBD175D}" = Catalyst Control Center Graphics Full Existing
"{B1991F22-4F93-4D11-9866-A7DFE551DF9E}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}" = PC Connectivity Solution
"{B8A2256E-6225-4D9E-B1C9-C26CA1E22FEB}" = Citrix Online Plug-in (PNA)
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{C0482AA0-9CDF-49B4-9B39-551FD1A7A7E6}" = VAIO Movie Story 1.5 Upgrade
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup aktivieren
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CF0F8D1B-5FB9-468D-BD88-E6239906D2B7}" = Click to Disc
"{CF53CF7C-D996-43EB-9904-DBED57C25625}" = Citrix Online Plug-in (DV)
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1E0E859-F46D-4708-A41D-ED90C0C1822A}" = Acronis*True*Image*Home
"{D2004393-13BB-E18E-B1BF-19D758AFCD8D}" = CCC Help Spanish
"{D47087E7-AA15-4D1D-8C0A-60F7E446D597}" = PSP ISO Compressor
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D613E659-6503-42A8-9617-4F599061EAD5}" = VAIO MusicBox
"{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime
"{DD21CAA4-C666-656A-0717-064BFCB850A9}" = ccc-utility
"{DDAF9A24-31F2-998B-79F3-F02580284D50}" = CCC Help Turkish
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{e7394a0f-3f80-45b1-87fc-abcd51893246}" = Python 2.6.4
"{E9459BCF-0982-498B-ABA7-26C34323493F}" = Citrix Presentation Server Client - Nur Web
"{E9DC3DE6-B510-FF40-F696-CFA52F9916FE}" = CCC Help German
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{F03173B5-9A14-40AF-81F7-A87ABD7D7089}" = VB-WinSock
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F29F2FAC-3F7E-4302-689C-C6579A19B3FC}" = CCC Help Czech
"{F3F1D08D-ABEF-4528-8383-54C46369EBB6}" = TV Jukebox 3.0
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F50D41C8-AC24-3FCD-D3AB-10C2D7CBDFB8}" = Catalyst Control Center Graphics Light
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F88A7EB0-90F4-4012-9194-33AF2F1C5BF1}" = VAIO Movie Story 1.5 Upgrade
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FD423BBD-8095-D342-F496-59D7C22FD581}" = ATI Catalyst Install Manager
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"8461-7759-5462-8226" = Vuze
"ActiveTcl 8.5.8.2" = ActiveState ActiveTcl 8.5.8.2
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"Bitsoft 123 Video Snapshot Wizard_is1" = Bitsoft 123 Video Snapshot Wizard 2.0
"BitTyrant" = BitTyrant
"CamStudio" = CamStudio
"CCleaner" = CCleaner (remove only)
"CitrixOnlinePluginFull" = Citrix Online Plug-in
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"ConTEXTEditor_is1" = ConTEXT
"Creative Centrale" = Creative Centrale
"DivX Setup.divx.com" = DivX-Setup
"dt icon module" = 
"eMule" = eMule
"FlashGet 2.0" = FlashGet 2.0
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"FreePDF_XP" = FreePDF (Remove only)
"GnuCash_is1" = GnuCash 2.3.7
"GPL Ghostscript 8.70" = GPL Ghostscript 8.70
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"JDownloader" = JDownloader
"LS-DYNA" = LS-DYNA
"LS-PrePost" = LS-PrePost-3.0-Win32
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"MarketingTools" = VAIO Marketing Tools
"MFU Module" = 
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"PCSX2-beta-r1888" = PCSX2 - Playstation 2 Emulator
"pdfsam" = pdfsam
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"ScummVM_is1" = ScummVM 1.1.0
"secretmaryo" = Secret Maryo Chronicles
"splashtop" = VAIO Quick Web Access
"SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)
"TIMELEFT3_is1" = TimeLeft
"TomTom HOME" = TomTom HOME 2.7.2.1825
"Totalcmd" = Total Commander (Remove or Repair)
"TwonkyvisionUPnPTwonkyMedia" = TwonkyMedia
"Ultravnc2_is1" = UltraVNC 1.0.8.2
"VAIO Help and Support" = 
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.0
"VMware_Player" = VMware Player
"VMX Builder" = VMX Builder 0.9
"Vuze_Remote Toolbar" = Vuze_Remote Toolbar
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Windows 7 - Codec Pack" = Windows 7 Codec Pack 2.3.0
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"ZENXFI2UG" = Creative ZEN X-Fi2 Dokumentation
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ActiveTouchMeetingClient" = WebEx
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
--- --- ---


=========================================================


des weiteren habe ich scans über dei kapersky rescue cd durchgeführt.
jedoch konnte mir diese nicht weiterhelfen :-(
hat andere Sachen gemeldet, welche ich bereinigt habe.
Jedoch gegen das beschriebene war dies auch keine Hilfe! :-(
Ich weiss dass ich mich wiederhole, jedoch bin ich inzwischen ziemlich am verzweifeln. :-(

Ich danke euch schonmal vorab für Lösung für dieses Problem.

Mfg
Jake555

Alt 13.10.2010, 18:25   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/spy.2614272.4 und TR/spy.96256.33 bekomme ich nicht gelöscht - Standard

TR/spy.2614272.4 und TR/spy.96256.33 bekomme ich nicht gelöscht



Hallo und

hast Du schon Malwarebytes ausgeführt? Wenn ja bitte alle Logs davon posten

Wenn nicht => Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!
__________________

__________________

Alt 13.10.2010, 18:26   #3
Jake555
 
TR/spy.2614272.4 und TR/spy.96256.33 bekomme ich nicht gelöscht - Standard

TR/spy.2614272.4 und TR/spy.96256.33 bekomme ich nicht gelöscht



werde ich sofort durchführen
__________________

Alt 13.10.2010, 20:35   #4
Jake555
 
TR/spy.2614272.4 und TR/spy.96256.33 bekomme ich nicht gelöscht - Standard

TR/spy.2614272.4 und TR/spy.96256.33 bekomme ich nicht gelöscht



jetzt will er nicht mehr richtig ins win7 starten. :-(
schwarzer bildschirm und maus sind zu sehen.
hat jemand ne idee?

bin per we3b funktion von meinem vaio unterwegs.
aber mehr als web ist da auch nicht möglich. :-(

Alt 14.10.2010, 07:30   #5
Jake555
 
TR/spy.2614272.4 und TR/spy.96256.33 bekomme ich nicht gelöscht - Standard

TR/spy.2614272.4 und TR/spy.96256.33 bekomme ich nicht gelöscht



Leider hat mir die Reparaturmassnahme von Malwarebytes das System zerschossen. :-(

Somit habe ich es aufgegeben, weil ich dringend den Rechner nach dem WE komplett (mit allen Progs) benötige.
System partition platt gemacht. Daten partition da gelassen und WIN7 neu installiert. Avira auch inzwischen installiert und habe keine TR Meldung mehr bekommen. Nun nur meine progs installieren und alles wird wieder gut.

Trotzdem danke für eure Ratschläge.

SEe YEah


Antwort

Themen zu TR/spy.2614272.4 und TR/spy.96256.33 bekomme ich nicht gelöscht
.dll, adblock, avgntflt.sys, bho, cdburnerxp, components, computer, conduit, conhost.exe, corp./icp, data restore, defender, ebay, einstellungen, entfernen, error, excel.exe, extras.txt, firefox, firefox.exe, focus, fontcache, ftp, generic, getwindowinfo, home, home premium, iastor.sys, install.exe, jdownloader, kaspersky rescue, liveupdate.exe, loswerden, microsoft office word, mozilla, mp3, nvidia, nvstor.sys, office 2007, opera, otl.exe, programdata, realtek, rescue cd, saver, scan, sched.exe, security update, software, spam, start menu, studio, system, system neu, taskhost.exe, tr/spy., trojaner, ucash, version., video converter, visual studio, vlc media player, webcheck, windows, winpcap packet driver, write



Ähnliche Themen: TR/spy.2614272.4 und TR/spy.96256.33 bekomme ich nicht gelöscht


  1. ich bekomme odir.org nicht vom verlauf gelöscht
    Log-Analyse und Auswertung - 18.01.2014 (19)
  2. Bekomme Snap.Do nicht gelöscht!
    Log-Analyse und Auswertung - 07.06.2013 (19)
  3. Bekomme 2 Objekte mit Malwarebytes nicht gelöscht ?
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (41)
  4. W32/Generic.worm!p2p, W32.Patched.UB. Fehlermeldung beim Start von Windows und Virus den ich nicht gelöscht bekomme.
    Plagegeister aller Art und deren Bekämpfung - 13.08.2012 (4)
  5. Bekomme Mail mit Trojaneranhang in Thunderbird nicht gelöscht
    Plagegeister aller Art und deren Bekämpfung - 01.08.2012 (9)
  6. Virusbefall explorer.exe mit TR/Spy.2614272.6 und wininit.exe/TR.Spy.96256.37
    Plagegeister aller Art und deren Bekämpfung - 05.11.2010 (5)
  7. TR/Spy.2614272.4 und TR/Spy.96256.33 machen mir Sorgen...
    Plagegeister aller Art und deren Bekämpfung - 20.10.2010 (15)
  8. TR/Spy.96256.32
    Plagegeister aller Art und deren Bekämpfung - 17.10.2010 (1)
  9. bekomme ein virus nicht gelöscht
    Plagegeister aller Art und deren Bekämpfung - 22.03.2009 (0)
  10. Hilfe bekomme virus nicht gelöscht
    Plagegeister aller Art und deren Bekämpfung - 08.01.2009 (1)
  11. Habe irgendwelche Plagegeister und auch schon diverse gelöscht trotzdem bekomme ich
    Plagegeister aller Art und deren Bekämpfung - 21.03.2008 (3)
  12. Wie bekomme ich WORN/Ntech.Z.4 gelöscht? Kann mir jemand helfen?
    Plagegeister aller Art und deren Bekämpfung - 11.02.2008 (16)
  13. Bekomme Trojaner nicht gelöscht
    Log-Analyse und Auswertung - 15.01.2008 (0)
  14. Trojanisches Pferd TR/Crypt.XPACK.Gen , bekomme diesen Trojaner nicht gelöscht
    Plagegeister aller Art und deren Bekämpfung - 04.10.2007 (4)
  15. Hilfe bekomme Virus nicht gelöscht
    Plagegeister aller Art und deren Bekämpfung - 13.09.2007 (7)
  16. DSO Exploid mit sybot serch&destroy gefunden. bekomme es aber nicht gelöscht
    Plagegeister aller Art und deren Bekämpfung - 01.02.2005 (2)
  17. bekomme Viren nicht gelöscht
    Plagegeister aller Art und deren Bekämpfung - 26.12.2004 (3)

Zum Thema TR/spy.2614272.4 und TR/spy.96256.33 bekomme ich nicht gelöscht - Hallo Leute, Google und hier das Forum (SuFu schon benutzt) konnte mir mit den bisherigen Beiträgen nicht helfen. Leider wurde diese Version des TR noch nicht hier gemeldet. Bei google - TR/spy.2614272.4 und TR/spy.96256.33 bekomme ich nicht gelöscht...
Archiv
Du betrachtest: TR/spy.2614272.4 und TR/spy.96256.33 bekomme ich nicht gelöscht auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.