|
"Der Computer ist für die Verletzung der Gesetze der Bundesrepublik Deutschland wurde blockiert" Hello, Ich habe mir einen Sperr-Trojaner eingefangen, der den kompletten Bildschirm verdeckt und per Ukash auffordert 100€ zu zahlen, ich habe schon OTL scannen lassen, das log ist hier : OTL logfile created on: 25.07.2012 17:50:23 - Run 1 OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Jawad Bishara\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19170) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,97 Gb Total Physical Memory | 2,47 Gb Available Physical Memory | 83,17% Memory free 6,13 Gb Paging File | 5,83 Gb Available in Paging File | 95,06% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 360,73 Gb Total Space | 214,33 Gb Free Space | 59,42% Space Free | Partition Type: NTFS Computer Name: JAWADBISHARA-PC | User Name: Jawad Bishara | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Jawad Bishara\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\HelpPane.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - \\?\globalroot\systemroot\system32\mswsock.dll () MOD - C:\Programme\WinRAR\RarExt.dll () ========== Win32 Services (SafeList) ========== SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (Akamai) -- c:\program files\common files\akamai/netsession_win_4f7fccd.dll () SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\3.0.271\McCHSvc.exe (McAfee, Inc.) SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (XS Stick Service) -- C:\Windows\service4g.exe (4G Systems GmbH & Co. KG) SRV - (WTGService) -- C:\Programme\XSManager\WTGService.exe () SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV - (NSUService) -- C:\Programme\Sony\Network Utility\NSUService.exe (Sony Corporation) SRV - (RtkAudioService) -- C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor) SRV - (VAIO Event Service) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (VCFw) -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (Vcsw) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation) SRV - (VzCdbSvc) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (SOHDms) -- C:\Programme\Sony\VAIO Media plus\SOHDms.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Programme\Sony\VAIO Media plus\SOHCImp.exe (Sony Corporation) SRV - (SOHDs) -- C:\Programme\Sony\VAIO Media plus\SOHDs.exe (Sony Corporation) SRV - (SPTISRV) -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation) SRV - (MSCSPTISRV) -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation) SRV - (PACSPTISVR) -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation) SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (AVP) -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe (Kaspersky Lab) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (AdobeActiveFileMonitor6.0) -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe () SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (UIUSys) -- system32\DRIVERS\UIUSYS.SYS File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (cncuhg) -- System32\drivers\qyhcwmuy.sys File not found DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab) DRV - (cmnsusbser) -- C:\Windows\System32\drivers\cmnsusbser.sys (Mobile Connector) DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.) DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (hwusbdev) -- C:\Windows\System32\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.) DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC) DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation) DRV - (ISODrive) -- C:\Programme\UltraISO\drivers\ISODrive.sys (EZB Systems, Inc.) DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Windows (R) Codename Longhorn DDK provider) DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia) DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Windows (R) Codename Longhorn DDK provider) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (NETw5v32) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation) DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.) DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab) DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab) DRV - (GTUQBUS) -- C:\Windows\System32\drivers\gtuqbus.sys (Option N.V.) DRV - (GTPTSER) -- C:\Windows\System32\drivers\gtptser.sys (Option N.V.) DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com IE - HKLM\..\SearchScopes,DefaultScope = {19E9452E-77E6-48AA-BBAB-3D81852794D0} IE - HKLM\..\SearchScopes\{19E9452E-77E6-48AA-BBAB-3D81852794D0}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta= IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1425416 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {f228c6a4-a593-4017-944c-4e7958fb3177} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {19E9452E-77E6-48AA-BBAB-3D81852794D0} IE - HKCU\..\SearchScopes\{19E9452E-77E6-48AA-BBAB-3D81852794D0}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_de IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=8js9rdqdSLwPZf4ZV4wIWXglnT8?q={searchTerms} IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1425416 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009.04.09 18:28:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.10.14 17:45:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 8\components [2012.07.14 11:09:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 8\plugins [2012.04.19 18:57:23 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.10.14 17:45:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 8\components [2012.07.14 11:09:56 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 8\plugins [2012.04.19 18:57:23 | 000,000,000 | ---D | M] [2011.04.02 16:47:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jawad Bishara\AppData\Roaming\mozilla\Extensions [2011.04.02 16:47:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jawad Bishara\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2012.05.02 18:24:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jawad Bishara\AppData\Roaming\mozilla\Firefox\Profiles\ylqmfywt.default\extensions [2011.03.25 22:34:03 | 000,000,000 | ---D | M] (GamePlayLabs Plugin) -- C:\Users\Jawad Bishara\AppData\Roaming\mozilla\Firefox\Profiles\ylqmfywt.default\extensions\plugin2@gameplaylabs.com O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google BAE\BAE.dll (Your Company Name) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {F228C6A4-A593-4017-944C-4E7958FB3177} - No CLSID value found. O4 - HKLM..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe (Sony) O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe (brother) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MarketingTools] C:\Programme\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [starter4g] C:\Windows\starter4g.exe (4G Systems GmbH & Co. KG) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Jawad Bishara\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation) O4 - HKCU..\Run: [olatbr] C:\Users\Jawad Bishara\AppData\Roaming\olatbr.dll (DT Soft Ltd) O4 - HKCU..\Run: [Oqegynsuxi] C:\Users\Jawad Bishara\AppData\Roaming\Eregs\tyehw.exe () O4 - HKCU..\Run: [XpsPrint] C:\Users\Jawad Bishara\AppData\Local\Microsoft\Windows\1401\XpsPrint.exe () O4 - HKCU..\Run: [XSECVA] C:\Users\Jawad Bishara\AppData\Roaming\xsecva\xsecva.exe () O4 - Startup: C:\Users\Jawad Bishara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O4 - Startup: C:\Users\Jawad Bishara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winmpa.exe () O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Statistik für Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll (Kaspersky Lab) O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O12 - Plugin for: .spop - C:\Programme\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D2368DD2-1C39-40ED-867C-596C6B1ECB71}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll) - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 7.0\r3hook.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll) - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab) O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img31.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img31.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{17aedf48-bf20-11de-9465-00214f4b9b60}\Shell - "" = AutoRun O33 - MountPoints2\{17aedf48-bf20-11de-9465-00214f4b9b60}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{17aedf62-bf20-11de-9465-00214f4b9b60}\Shell - "" = AutoRun O33 - MountPoints2\{17aedf62-bf20-11de-9465-00214f4b9b60}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{2507792c-c167-11de-8cb3-00114322daec}\Shell - "" = AutoRun O33 - MountPoints2\{2507792c-c167-11de-8cb3-00114322daec}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{3eceaaa0-4331-11e0-88dd-001e101fb45e}\Shell - "" = AutoRun O33 - MountPoints2\{3eceaaa0-4331-11e0-88dd-001e101fb45e}\Shell\AutoRun\command - "" = I:\AutoRun.exe O33 - MountPoints2\{46c7c577-4f8f-11de-a8de-0040d0434d18}\Shell - "" = AutoRun O33 - MountPoints2\{46c7c577-4f8f-11de-a8de-0040d0434d18}\Shell\AutoRun\command - "" = H:\LaunchU3.exe O33 - MountPoints2\{559ef1e5-cd0a-11de-9bee-00114322daec}\Shell - "" = AutoRun O33 - MountPoints2\{559ef1e5-cd0a-11de-9bee-00114322daec}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{a8a4e96c-cc08-11df-aaa3-001e101f36d9}\Shell - "" = AutoRun O33 - MountPoints2\{a8a4e96c-cc08-11df-aaa3-001e101f36d9}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{d0a71eea-d06f-11df-bd9b-001e101f4da1}\Shell - "" = AutoRun O33 - MountPoints2\{d0a71eea-d06f-11df-bd9b-001e101f4da1}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{dcac66f8-6be2-11de-8aec-0040d0434d18}\Shell - "" = AutoRun O33 - MountPoints2\{dcac66f8-6be2-11de-8aec-0040d0434d18}\Shell\AutoRun\command - "" = I:\start.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\J\Shell - "" = AutoRun O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.07.25 17:11:43 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Jawad Bishara\Desktop\OTL.exe [2012.07.24 23:08:13 | 000,000,000 | ---D | C] -- C:\Users\Jawad Bishara\AppData\Roaming\Zugak [2012.07.24 23:08:13 | 000,000,000 | ---D | C] -- C:\Users\Jawad Bishara\AppData\Roaming\Zudoyv [2012.07.24 23:08:13 | 000,000,000 | ---D | C] -- C:\Users\Jawad Bishara\AppData\Roaming\Eregs [2012.07.24 23:08:03 | 000,000,000 | ---D | C] -- C:\Users\Jawad Bishara\AppData\Roaming\hellomoto [2012.07.22 16:48:04 | 000,000,000 | ---D | C] -- C:\Users\Jawad Bishara\AppData\Local\{9D3A2FDB-EBB3-4720-B0D3-5B1D53CB293B} [2012.07.21 13:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2012.07.21 13:38:40 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab [2012.07.21 13:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 7.0 [2012.07.21 13:38:14 | 000,147,984 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys [2012.07.21 12:17:00 | 000,000,000 | ---D | C] -- C:\Program Files\SaferSurf [2012.07.21 12:16:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Nutzwerk [2012.07.21 12:12:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [2012.07.21 12:12:07 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan [2012.07.21 12:11:58 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan [2012.07.20 18:56:43 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA% [2012.07.20 18:12:20 | 000,142,336 | ---- | C] (DT Soft Ltd) -- C:\Users\Jawad Bishara\AppData\Roaming\olatbr.dll [2012.07.20 18:12:17 | 000,000,000 | ---D | C] -- C:\Users\Jawad Bishara\AppData\Roaming\xsecva [2012.07.14 11:04:00 | 000,000,000 | ---D | C] -- C:\Users\Jawad Bishara\AppData\Local\{E4300E4A-CC2B-4BE4-93D5-FEEDD090ED11} [2012.07.14 11:03:37 | 000,000,000 | ---D | C] -- C:\Users\Jawad Bishara\AppData\Local\{CBD0B5C0-B280-46F2-92BC-41A4FCCE352D} [2012.07.08 11:29:53 | 000,000,000 | ---D | C] -- C:\Users\Jawad Bishara\AppData\Local\{AD182243-64D7-47C8-AE85-DCF4631126AB} [2012.07.08 11:29:32 | 000,000,000 | ---D | C] -- C:\Users\Jawad Bishara\AppData\Local\{D5C1F78C-AA11-4C27-B3ED-015BEFB80E88} [2012.07.08 11:15:04 | 000,000,000 | ---D | C] -- C:\Users\Jawad Bishara\AppData\Local\{B500FE5B-9750-4698-946D-5FDE885A9AB8} [2012.07.04 22:32:32 | 000,000,000 | ---D | C] -- C:\Users\Jawad Bishara\Desktop\fluggraaammmmmmmmmmmmm ========== Files - Modified Within 30 Days ========== [2012.07.25 17:46:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.07.25 17:44:22 | 000,000,099 | ---- | M] () -- C:\Windows\Brownie.ini [2012.07.25 17:44:03 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.07.25 17:43:55 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.25 17:43:55 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.25 17:42:34 | 000,001,108 | ---- | M] () -- C:\Users\Jawad Bishara\Desktop\logfile malware [2012.07.25 17:11:50 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Jawad Bishara\Desktop\OTL.exe [2012.07.24 23:25:53 | 000,043,008 | ---- | M] () -- C:\Windows\System32\umstartup.etl [2012.07.24 23:08:12 | 000,254,976 | ---- | M] () -- C:\Users\Jawad Bishara\0.9346447002192098.exe [2012.07.24 22:52:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.07.24 22:42:59 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.07.24 21:55:12 | 000,000,442 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{FEC5CBEB-A5AC-40F8-BCC2-D87CA84FE8EA}.job [2012.07.24 00:17:36 | 166,479,904 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.dat [2012.07.22 23:43:55 | 001,618,772 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.idx [2012.07.22 23:43:20 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012.07.22 20:21:35 | 000,000,574 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Jawad Bishara.job [2012.07.21 13:40:13 | 000,091,700 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat [2012.07.21 13:40:13 | 000,085,860 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat [2012.07.21 13:38:14 | 000,147,984 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys [2012.07.21 12:12:07 | 000,001,953 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2012.07.21 12:12:07 | 000,001,953 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012.07.20 18:12:20 | 000,142,336 | ---- | M] (DT Soft Ltd) -- C:\Users\Jawad Bishara\AppData\Roaming\olatbr.dll [2012.06.30 13:34:37 | 000,052,364 | ---- | M] () -- C:\Users\Jawad Bishara\Desktop\playlist.xps [2012.06.28 15:25:20 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.06.28 15:25:20 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.06.28 15:25:20 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.06.28 15:25:20 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat ========== Files Created - No Company Name ========== [2012.07.25 17:42:34 | 000,001,108 | ---- | C] () -- C:\Users\Jawad Bishara\Desktop\logfile malware [2012.07.24 23:08:10 | 000,254,976 | ---- | C] () -- C:\Users\Jawad Bishara\0.9346447002192098.exe [2012.07.21 13:40:13 | 000,091,700 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat [2012.07.21 13:40:13 | 000,085,860 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat [2012.07.21 13:38:41 | 166,479,904 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox.dat [2012.07.21 13:38:41 | 001,618,772 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox.idx [2012.07.21 12:12:07 | 000,001,953 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2012.07.21 12:11:59 | 000,001,953 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012.07.21 10:03:59 | 000,232,960 | ---- | C] () -- C:\Users\Jawad Bishara\AppData\Local\{955007ae-2a81-c4a1-2057-7a6558843f30}\U\00000008.@ [2012.07.21 10:03:59 | 000,092,160 | ---- | C] () -- C:\Users\Jawad Bishara\AppData\Local\{955007ae-2a81-c4a1-2057-7a6558843f30}\U\80000032.@ [2012.07.21 10:03:59 | 000,000,804 | ---- | C] () -- C:\Users\Jawad Bishara\AppData\Local\{955007ae-2a81-c4a1-2057-7a6558843f30}\L\00000004.@ [2012.07.21 10:03:48 | 000,013,312 | ---- | C] () -- C:\Users\Jawad Bishara\AppData\Local\{955007ae-2a81-c4a1-2057-7a6558843f30}\U\80000000.@ [2012.07.21 10:03:47 | 000,002,048 | ---- | C] () -- C:\Users\Jawad Bishara\AppData\Local\{955007ae-2a81-c4a1-2057-7a6558843f30}\U\00000004.@ [2012.07.21 10:03:47 | 000,001,632 | ---- | C] () -- C:\Users\Jawad Bishara\AppData\Local\{955007ae-2a81-c4a1-2057-7a6558843f30}\U\000000cb.@ [2012.07.20 18:46:35 | 000,232,960 | ---- | C] () -- C:\Windows\Installer\{955007ae-2a81-c4a1-2057-7a6558843f30}\U\00000008.@ [2012.07.20 18:46:33 | 000,092,160 | ---- | C] () -- C:\Windows\Installer\{955007ae-2a81-c4a1-2057-7a6558843f30}\U\80000032.@ [2012.07.20 18:46:33 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{955007ae-2a81-c4a1-2057-7a6558843f30}\L\00000004.@ [2012.07.20 18:46:18 | 000,013,312 | ---- | C] () -- C:\Windows\Installer\{955007ae-2a81-c4a1-2057-7a6558843f30}\U\80000000.@ [2012.07.20 18:46:17 | 000,002,048 | ---- | C] () -- C:\Windows\Installer\{955007ae-2a81-c4a1-2057-7a6558843f30}\U\00000004.@ [2012.07.20 18:46:17 | 000,001,632 | ---- | C] () -- C:\Windows\Installer\{955007ae-2a81-c4a1-2057-7a6558843f30}\U\000000cb.@ [2012.06.30 13:34:36 | 000,052,364 | ---- | C] () -- C:\Users\Jawad Bishara\Desktop\playlist.xps [2012.01.28 14:35:11 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{955007ae-2a81-c4a1-2057-7a6558843f30}\@ [2012.01.28 14:35:11 | 000,002,048 | -HS- | C] () -- C:\Users\Jawad Bishara\AppData\Local\{955007ae-2a81-c4a1-2057-7a6558843f30}\@ [2010.10.14 17:32:39 | 000,181,904 | ---- | C] () -- C:\Windows\hpoins44.dat [2009.06.17 20:36:42 | 000,000,600 | ---- | C] () -- C:\Users\Jawad Bishara\AppData\Local\PUTTY.RND [2009.03.19 19:57:12 | 000,000,000 | ---- | C] () -- C:\Users\Jawad Bishara\AppData\Roaming\wklnhst.dat [2009.01.09 02:15:47 | 000,032,256 | ---- | C] () -- C:\Users\Jawad Bishara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.01.08 21:14:02 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009.01.08 20:20:53 | 000,002,032 | ---- | C] () -- C:\Users\Jawad Bishara\AppData\Local\d3d9caps.dat ========== LOP Check ========== [2009.01.26 23:26:08 | 000,000,000 | ---D | M] -- C:\Users\Jawad Bishara\AppData\Roaming\Bytemobile [2012.07.24 23:08:13 | 000,000,000 | ---D | M] -- C:\Users\Jawad Bishara\AppData\Roaming\Eregs [2012.07.24 23:08:19 | 000,000,000 | ---D | M] -- C:\Users\Jawad Bishara\AppData\Roaming\hellomoto [2009.01.09 20:59:07 | 000,000,000 | ---D | M] -- C:\Users\Jawad Bishara\AppData\Roaming\ICQ [2010.03.01 20:37:02 | 000,000,000 | ---D | M] -- C:\Users\Jawad Bishara\AppData\Roaming\InterTrust [2011.10.24 21:00:05 | 000,000,000 | ---D | M] -- C:\Users\Jawad Bishara\AppData\Roaming\JAM Software [2011.05.19 19:22:51 | 000,000,000 | ---D | M] -- C:\Users\Jawad Bishara\AppData\Roaming\LowRateVoip [2009.05.20 01:45:42 | 000,000,000 | ---D | M] -- C:\Users\Jawad Bishara\AppData\Roaming\Opera [2012.03.24 16:24:38 | 000,000,000 | ---D | M] -- C:\Users\Jawad Bishara\AppData\Roaming\PoivY [2009.03.19 19:57:13 | 000,000,000 | ---D | M] -- C:\Users\Jawad Bishara\AppData\Roaming\Template [2011.04.02 16:47:17 | 000,000,000 | ---D | M] -- C:\Users\Jawad Bishara\AppData\Roaming\TomTom [2009.01.26 23:33:46 | 000,000,000 | ---D | M] -- C:\Users\Jawad Bishara\AppData\Roaming\Vodafone [2011.08.08 19:40:57 | 000,000,000 | ---D | M] -- C:\Users\Jawad Bishara\AppData\Roaming\VoipBlast [2011.02.05 12:07:48 | 000,000,000 | ---D | M] -- C:\Users\Jawad Bishara\AppData\Roaming\VoipBuster [2012.05.05 15:08:36 | 000,000,000 | ---D | M] -- C:\Users\Jawad Bishara\AppData\Roaming\WindSolutions [2012.07.21 10:10:13 | 000,000,000 | ---D | M] -- C:\Users\Jawad Bishara\AppData\Roaming\xsecva [2010.12.07 18:48:58 | 000,000,000 | ---D | M] -- C:\Users\Jawad Bishara\AppData\Roaming\XSManager [2012.07.24 23:11:10 | 000,000,000 | ---D | M] -- C:\Users\Jawad Bishara\AppData\Roaming\Zudoyv [2012.07.24 23:08:13 | 000,000,000 | ---D | M] -- C:\Users\Jawad Bishara\AppData\Roaming\Zugak [2010.10.12 17:27:08 | 000,653,312 | ---- | M] () -- C:\Windows\Tasks\d1.exe [2011.01.02 22:49:41 | 000,054,784 | ---- | M] () -- C:\Windows\Tasks\d2.exe [2010.06.17 18:46:06 | 000,000,090 | ---- | M] () -- C:\Windows\Tasks\ID.Conf [2012.07.22 23:43:31 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011.04.03 18:38:32 | 000,151,040 | ---- | M] (hxxp://sharppcap.sf.net) -- C:\Windows\Tasks\SharpPcap.dll [2012.07.24 21:55:12 | 000,000,442 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{FEC5CBEB-A5AC-40F8-BCC2-D87CA84FE8EA}.job [2011.04.03 20:27:58 | 000,443,655 | ---- | M] () -- C:\Windows\Tasks\wpcap.exe [2010.08.19 15:17:50 | 000,060,928 | ---- | M] () -- C:\Windows\Tasks\y.exe ========== Purity Check ========== < End of report > und hier ist der log von OTL EXTRA : OTL Extras logfile created on: 25.07.2012 17:50:23 - Run 1 OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Jawad Bishara\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19170) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,97 Gb Total Physical Memory | 2,47 Gb Available Physical Memory | 83,17% Memory free 6,13 Gb Paging File | 5,83 Gb Available in Paging File | 95,06% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 360,73 Gb Total Space | 214,33 Gb Free Space | 59,42% Space Free | Partition Type: NTFS Computer Name: JAWADBISHARA-PC | User Name: Jawad Bishara | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 4.0 Beta 8\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 "" = [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 1 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found ========== Firewall Settings ========== ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{018F8F57-B46B-B9B9-C452-DE8F5618434F}" = Catalyst Control Center Graphics Full Existing "{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{07C93E59-2DE3-1565-28A9-8C848B26D0F5}" = CCC Help German "{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data "{0A6F9244-8C79-1296-3A43-097F67EB666A}" = Catalyst Control Center Localization Dutch "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo "{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{1790FDA2-938F-C886-8988-1ECB74E45517}" = Catalyst Control Center Localization Norwegian "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger "{1C815731-19F3-0770-8776-D78D6BEBC291}" = Catalyst Control Center Localization Hungarian "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth "{1EC06E70-BE43-DAAA-A217-E5C98869B1F8}" = Catalyst Control Center Localization Greek "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation "{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery "{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only) "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting "{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes "{248e4799-db04-4b1a-902c-194669f995ce}" = Nero Move it "{252E50FD-F27C-C8DD-C9E2-D2845A2DC399}" = ATI Catalyst Install Manager "{25BA8D5A-228A-7192-6FA1-890D9F1C679F}" = CCC Help Korean "{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi-Software "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6 "{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{363611D9-1106-41F2-B74E-BD8481C41219}" = Click to Disc "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works "{3B311FB9-5B6A-328C-D7AE-2445D639D886}" = CCC Help Norwegian "{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D333C7C-102B-F474-9524-72AAA3F292B8}" = Catalyst Control Center Localization Danish "{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime "{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0 "{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{4529BC6B-16AE-6829-4946-36C33DBF8DD1}" = Catalyst Control Center Localization French "{46D7A7FB-305B-F77D-60F8-8FAE1C432374}" = Catalyst Control Center InstallProxy "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM "{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor "{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox "{527EB2A4-BF51-B1B6-3F09-2032A861548E}" = Catalyst Control Center Graphics Light "{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ "{55C0F7C1-8B6D-CBBD-2B88-EE7261A87254}" = CCC Help Greek "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool "{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic "{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" = "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8 "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung "{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5 "{629FD96D-5877-0832-2D31-0EFE781F870D}" = CCC Help Portuguese "{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{652C5DED-9B9F-93D0-5E94-931B8C38EF0E}" = Catalyst Control Center Localization Thai "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting "{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc "{6A54CB6A-59D1-6A3A-08F3-E34ECF8905A9}" = Catalyst Control Center Graphics Previews Vista "{6AA6EEA5-BF09-932B-AC25-0E9CCA4B709A}" = CCC Help Danish "{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform "{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400 "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{6C4EF0CA-A9DD-96CF-B722-CCDEB589DD26}" = Catalyst Control Center Localization Chinese Traditional "{6C50525A-2D77-4C22-B058-9AA2F27ACFF2}" = VAIO Content Metadata Intelligent Analyzing Manager "{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{711D43D7-24FE-A2B7-CC52-A48BCAAF3926}" = Catalyst Control Center Graphics Previews Common "{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center "{73496381-83C9-7BE6-6EB6-4CF97C00E5FD}" = CCC Help Polish "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{79BBD55C-9FF6-D496-8AE6-E2EC2829F974}" = Catalyst Control Center Localization Czech "{7B63B2922B174135AFC0E1377DD81EC2}" = "{7CC28423-465C-F4B9-9379-343DF715BE62}" = CCC Help Swedish "{7E823DA5-43A2-46E8-A75E-5A2A0FDE81A1}" = VAIO Content Metadata Manager Setting "{80828DF5-270E-F8E6-6274-55ACA4C7E229}" = Catalyst Control Center Localization Japanese "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4 "{84037798-D63A-F5CA-9FB2-829B362BF712}" = CCC Help Finnish "{8470A1D9-536E-C7C1-AE2D-24B739B1665A}" = Catalyst Control Center Localization Russian "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{882683C6-8B60-5CBC-38A8-55ED185FD975}" = CCC Help Turkish "{8843C5E1-51E5-DFA6-1AD8-757C8DCA7E37}" = CCC Help Russian "{88C596E4-6882-8E76-EBEF-AB739F5A3B69}" = Catalyst Control Center Localization Italian "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8BD60AEF-3F9D-47AE-B80A-FB7FFCE335A0}" = VAIO Movie Story "{8C467DE1-6E04-0888-B281-172909C96F37}" = Skins "{8C7FB08D-7A84-22E0-F553-F6B827023E17}" = CCC Help Chinese Traditional "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93F32124-BB54-C599-CF55-E1E57565BCE3}" = CCC Help Czech "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{96C951BB-47C8-8497-78F0-7D8D328B58E3}" = Catalyst Control Center Localization Portuguese "{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = "{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music "{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2 "{99D8CD4E-A5D2-A9DF-A152-B28EB5A71F85}" = Catalyst Control Center Localization German "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO "{A552C4EA-D41E-4C61-A0FB-C0E05440F7D7}" = VAIO Entertainment Platform "{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A939F952-1C7E-CBF8-EE77-CFBD9C6A4ECC}" = ccc-core-static "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA75988E-9EC1-EECE-CE00-D5D935974528}" = CCC Help Dutch "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.1 - Deutsch "{ACB5FD4A-6C58-972C-180C-9677C037E71D}" = Catalyst Control Center Localization Chinese Standard "{ADBDB038-FF77-C672-04A1-7A0E67E8C73C}" = Catalyst Control Center Core Implementation "{ADECE95F-585D-8B33-BF50-53C2BDA1E241}" = Catalyst Control Center Localization Korean "{AE0FBCB5-3193-4583-C6CB-AA96F307EA70}" = ccc-utility "{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{AFF10119-F154-4888-77F3-B149DE987976}" = Catalyst Control Center Localization Polish "{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles "{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center "{B513C7B0-024A-498F-B0F5-00C67E2440A9}" = VAIO Content Metadata Intelligent Analyzing Manager "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy "{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0 "{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.4 "{BACD22AE-5B6B-4F23-B506-3FCFF13AC137}" = VAIO Media plus "{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver "{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00 "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service "{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects "{C767EE67-9AA4-1CBF-8FD4-87F52CBB041D}" = CCC Help Italian "{C774410D-3EF9-4DE7-AC01-332613163ECF}" = Kaspersky Internet Security 7.0 "{C8E57F8C-64FE-28D7-0F65-7BE87AF49745}" = Catalyst Control Center Graphics Full New "{C93F4E7C-1B31-449B-A304-EF277CF55E39}" = Catalyst Control Center - Branding "{CADBCBBA-6CDD-4119-B5ED-4AE075B153E7}" = MobileMe Control Panel "{CAE07D54-A400-DAF9-912B-306DD941B61C}" = Catalyst Control Center Localization Finnish "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CB6CF566-E06F-2556-55EF-EE149FC6EE7F}" = CCC Help French "{CB8A8696-93EC-414E-A752-850AB133F68A}" = VAIO Content Metadata XML Interface Library "{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 "{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}" = Dolby Control Center "{D355ECA7-DBF5-F22E-4E1A-BF69CFC5CED8}" = CCC Help Japanese "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D44DF260-2D5A-3277-97D6-C97D1A806CF5}" = CCC Help Thai "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility "{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents "{D7019E24-BF07-3690-18C7-3D0DE87D09AB}" = CCC Help Chinese Standard "{D7FFE7EB-1A15-864C-B335-E768BF623B84}" = Catalyst Control Center Localization Swedish "{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade "{dbb90477-c355-4afb-a2c1-e16154aeaaf5}" = Nero Move it Trial "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE1F799A-0A02-FF3B-8786-195E91D0DE94}" = CCC Help Spanish "{defa5390-8533-47b5-81f7-3816916bdc6f}" = Nero Move it Help "{DF0415CC-0563-407F-B560-9B7F277122C5}" = VAIO BD Menu Data "{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E31010F6-DE18-0E9F-E028-FC709306C6F1}" = Catalyst Control Center Localization Turkish "{E464702F-5433-46EC-8F65-159276C0A54F}" = WIDCOMM Bluetooth Software 6.2.0.4100 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E5BD6683-301D-B224-FB7C-320299CD51F9}" = CCC Help Hungarian "{E6A3770D-C87A-4505-B8C6-A4CF96AC395C}" = SonicStage Mastering Studio "{E827C04A-7BE5-4443-8B65-A8012EA33AC0}" = Brother HL-2140 "{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer "{E9730C7A-E5DA-8222-45FE-2D71E810BE46}" = Catalyst Control Center Localization Spanish "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{EA39F1F5-D4A1-C02A-0865-7F6A95A33A56}" = CCC Help English "{EAFEF30E-3789-49C7-A6D9-77C12E005BAC}" = Safari "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core "{EE59BBF9-415C-45DB-8C4B-EE43CF635FEA}" = VAIO Content Metadata XML Interface Library "{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{f411c3cb-4ef9-4a0e-aa8e-2c3d8e6262d2}" = Nero 9 Essentials "{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0 "{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm "{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy "{FD72E69E-CF34-4071-BFD6-FD081A365E2C}" = VAIO Content Metadata Intelligent Analyzing Manager "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner "{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home "{FE697886-F392-4E0D-A0C0-47587BF60992}" = VAIO Content Metadata Manager Setting "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0 "Akamai" = Akamai NetSession Interface Service "bwin Poker_is1" = bwin Poker "CCleaner" = CCleaner "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "DivX Setup" = DivX-Setup "dt icon module" = "Google Desktop" = Google Desktop "gtfirstboot Setting Request" = "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Print Projects" = HP Print Projects 1.0 "HP Smart Web Printing" = HP Smart Web Printing 4.5 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO "InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor "InstallShield_{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00 "InstallWIX_{C774410D-3EF9-4DE7-AC01-332613163ECF}" = Kaspersky Internet Security 7.0 "Lexmark 510 Series" = Lexmark 510 Series "LowRateVoip_is1" = LowRateVoip "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MarketingTools" = VAIO Marketing Tools "McAfee Security Scan" = McAfee Security Scan Plus "MFU Module" = "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mobile Partner" = Mobile Partner "Mozilla Firefox 14.0 (x86 de)" = Mozilla Firefox 14.0 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Nero - Burning Rom!UninstallKey" = Nero OEM "Network Stumbler" = Network Stumbler 0.4.0 (remove only) "NSS" = Norton Security Scan "Picasa 3" = Picasa 3 "PoivY_is1" = PoivY "PremElem40" = Adobe Premiere Elements 4.0 "PremElem40Templates" = Adobe Premiere Elements 4.0 Templates "ProInst" = Intel PROSet Wireless "RealPlayer 6.0" = RealPlayer "ShoppingReport2" = ShopperReports "SopCast" = SopCast 3.2.8 "TomTom HOME" = TomTom HOME 2.8.1.2218 "TreeSize Professional_is1" = TreeSize Professional V5.5.2 "UltraISO_is1" = UltraISO Premium V9.2 "VAIO Help and Support" = "VoipBlast_is1" = VoipBlast "VoipBuster_is1" = VoipBuster "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver "XSManager" = XSManager ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Akamai" = Akamai NetSession Interface "CopyTrans Suite" = Nur Entfernen der CopyTrans Suite möglich ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 24.07.2012 17:32:27 | Computer Name = JawadBishara-PC | Source = EventSystem | ID = 4609 Description = Error - 24.07.2012 17:33:18 | Computer Name = JawadBishara-PC | Source = WinMgmt | ID = 10 Description = Error - 24.07.2012 17:33:22 | Computer Name = JawadBishara-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung services.exe, Version 6.0.6002.18005, Zeitstempel 0x49e01a51, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5, Ausnahmecode 0xc0000005, Fehleroffset 0x0003dd6d, Prozess-ID 0x220, Anwendungsstartzeit 01cd69e3bb2986d1. Error - 24.07.2012 17:33:32 | Computer Name = JawadBishara-PC | Source = Microsoft-Windows-CAPI2 | ID = 131584 Description = Error - 25.07.2012 11:09:35 | Computer Name = JawadBishara-PC | Source = EventSystem | ID = 4609 Description = Error - 25.07.2012 11:10:21 | Computer Name = JawadBishara-PC | Source = WinMgmt | ID = 10 Description = Error - 25.07.2012 11:23:21 | Computer Name = JawadBishara-PC | Source = EventSystem | ID = 4609 Description = Error - 25.07.2012 11:24:01 | Computer Name = JawadBishara-PC | Source = WinMgmt | ID = 10 Description = Error - 25.07.2012 11:46:31 | Computer Name = JawadBishara-PC | Source = EventSystem | ID = 4609 Description = Error - 25.07.2012 11:47:16 | Computer Name = JawadBishara-PC | Source = WinMgmt | ID = 10 Description = [ OSession Events ] Error - 09.06.2010 06:42:50 | Computer Name = JawadBishara-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash. Error - 22.07.2010 11:57:16 | Computer Name = JawadBishara-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash. Error - 03.12.2011 06:55:52 | Computer Name = JawadBishara-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 25.07.2012 11:46:07 | Computer Name = JawadBishara-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 25.07.2012 um 17:43:50 unerwartet heruntergefahren. Error - 25.07.2012 11:46:20 | Computer Name = JawadBishara-PC | Source = DCOM | ID = 10005 Description = Error - 25.07.2012 11:46:31 | Computer Name = JawadBishara-PC | Source = DCOM | ID = 10005 Description = Error - 25.07.2012 11:46:33 | Computer Name = JawadBishara-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 Description = Error - 25.07.2012 11:46:52 | Computer Name = JawadBishara-PC | Source = DCOM | ID = 10005 Description = Error - 25.07.2012 11:47:01 | Computer Name = JawadBishara-PC | Source = DCOM | ID = 10005 Description = Error - 25.07.2012 11:47:17 | Computer Name = JawadBishara-PC | Source = Service Control Manager | ID = 7001 Description = Error - 25.07.2012 11:47:17 | Computer Name = JawadBishara-PC | Source = Service Control Manager | ID = 7003 Description = Error - 25.07.2012 11:47:17 | Computer Name = JawadBishara-PC | Source = Service Control Manager | ID = 7003 Description = Error - 25.07.2012 11:47:17 | Computer Name = JawadBishara-PC | Source = Service Control Manager | ID = 7026 Description = < End of report > kann mir jemand bitte helfen, was soll ich tun? vielen dank im voraus |
:hallo: Fixen mit OTL Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).
Code: :Processes
Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen! |
Hab alles was du geschreiben hast genau gemacht, das computer ist neugestartet ohne dieses bild von " der computer ist..." aber jetzt ziegt leerem bild, und hab bei safe mode gestartet dann fang mit errors an und jetzt das internet drahtlos wird nicht mehr erkannt. Mfg |
Wo ist das Logfile? Rechner normal starten! |
Ich hab normal gestartet dabei kam nur weisses leeres bild, jetzt kann ich nicht hier den logfile posten weil ich hab kein internet verbindung mehr , ich schreib hier von mein handy was kann ich tun? |
Wie stellst du die Verbindung mit dem Internet her? |
Ich poste von mein handy |
Ich rede vom PC! |
Was meinst du jetzt? Was kann ich tun? Ist das noch zu retten oder muss ich formatieren? |
Ich meine, wie verbindest du dich mit dem Internet? Wlan Router? Kabel? wie? |
Internet vebindung mit wlan |
Und was genau ist das Problem? |
Laptop erkannt kein wlan mehr und findet den rauter nicht nach dem fixen beim OTL |
Schau in den Geraetemanager ob da die WLan-Karte aufgefuehrt ist. |
Ja hab schon geguckt, und da steht das alles in ordnung ist und funtion einwandfrei, aber wenn ich nach wlan suche finde ich keins |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 05:23 Uhr. |
Copyright ©2000-2025, Trojaner-Board