Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Internet sehr langsam brauche dringend Hilfe (https://www.trojaner-board.de/96070-internet-sehr-langsam-brauche-dringend-hilfe.html)

T.C 1 26.02.2011 13:26
Internet sehr langsam brauche dringend Hilfe
 
Hallo,

bin neu hier und brauche dringend eure Hilfe.Habe seit ca.7 Tagen eine sehr schlechte Internetverbindung (aufbau von Seiten dauert gefühlte Jahre).Habe antivir,Adaware und Spyboot ohne Erfolg/Fund durchlaufen lassen.Auch Datenträgerbereinigung,Defragmentierung und Systemwiederherstellung ohne Erfolg durchgeführt. Habe hier von hijackthis gelesen und bei chip runtergeladen.Da ich in solchen Sachen keine Kenntnisse habe ( welch Wunder ;) ) und gelesen habe das damit wichtige Sachen geändert werden können habe ich nur Durchlaufen lassen.MAnchmal funktioniert alles einwandfrei und nach dem nächsten Neustart ist alles wieder Lahm.Das Problem habe ich am Laptop,am Pc ist alles in Ordnung.Habe auch direkt über Lan versucht mit gleichem Ergebniss.Auch bei Nutzung bei Freunden (also Fremder Router und Netz)ist alles Lahm.Habe seit Tagen gegoogelt und auch in Anderen Foren nach Hilfe gesucht,ohne Erfolg.Das Komplette System neu aufsetzen ist die Möglichkeit die ich versuche (wenig Kenntnisse,OEM Version usw.)zu Umgehen.

Brauche dringend eure Hilfe damit ich mit dem Laptop wieder ohne Frust arbeiten kann.

Was kann ich tun,wie soll ich vorgehen?

Danke euch schon mal für eure Mühen und eure Geduld.
MfG Ayhan

Kann mir wirklich:headbang: Keiner helfen?????:headbang:

cosinus 28.02.2011 14:30
http://www.trojaner-board.de/images/icons/icon4.gif Bitte beachten http://www.trojaner-board.de/images/icons/icon4.gif => http://www.trojaner-board.de/95173-b...es-posten.html und http://www.trojaner-board.de/69886-a...-beachten.html

T.C 1 28.02.2011 15:05


Danke für Deinen Beitrag. Wie soll ich Ihn verstehen ? Habe ich was übersehen ?

cosinus 28.02.2011 17:02
Zitat:
Danke für Deinen Beitrag. Wie soll ich Ihn verstehen ? Habe ich was übersehen ?
Kannst du lesen? Kannst du auf die Links klicken? :balla:

T.C 1 28.02.2011 18:24
Zitat:
Zitat von cosinus (Beitrag 625532)
Kannst du lesen? Kannst du auf die Links klicken? :balla:
Wen Du mir helfen willst bin ich Dir dankbar,dann nimm Dir bitte die Zeit und sag (schreib ) was Du meinst. Habe diese Prog. bis auf eins ,was ich nicht verstanden habe,ausgeführt .Es gab keine (für mich ersichtlichen )Ergebnisse.
Interpretierst Du aus meinem Namen das ich nicht lesen kann ??? Oder ist es Deine übliche Art so herablassend zu sein??
Danke für Deine Mühen .

MfG
Ayhan

cosinus 28.02.2011 20:39
Zitat:
dann nimm Dir bitte die Zeit und sag (schreib ) was Du meinst
Und du möchtest dir Zeit nehmen, die verlinkten Hinweise zu lesen.
Was soll das hier sonst werden? Soll ich den ganzen Kram nochmal abtippen, wenn alles wichtige da schon steht?? :stirn:

T.C 1 01.03.2011 16:43
OTL Logfile:
Code:
OTL logfile created on: 01.03.2011 16:08:54 - Run 2
OTL by OldTimer - Version 3.2.22.1    Folder = C:\Users\????\Desktop\MFTools
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free
10,00 Gb Paging File | 8,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454,83 Gb Total Space | 356,94 Gb Free Space | 78,48% Space Free | Partition Type: NTFS
 
Computer Name: NILGÜN-VAIO | User Name: ???? | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Nilgün\Desktop\MFTools\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Program Files (x86)\Lingoes\Translator2\Lingoes.exe (Lingoes Project)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Program Files (x86)\IncrediMail\bin\IMApp.exe (IncrediMail, Ltd.)
PRC - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Nilgün\Desktop\MFTools\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\Lingoes\Translator2\opentext2.dll ()
MOD - C:\Program Files (x86)\IncrediMail\bin\B4ImApp.dll (Babylon Ltd.)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (yksvc) -- C:\Windows\SysNative\yk62x64.dll (Marvell)
SRV:64bit: - (VUAgent) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation)
SRV:64bit: - (VSNService) -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)
SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (McShield) -- C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
SRV - (McSysmon) -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
SRV - (McProxy) -- c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (AdobeActiveFileMonitor7.0) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NETw5s64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis)
DRV:64bit: - (tdrpman251) Acronis Try&Decide and Restore Points filter (build 251) -- C:\Windows\SysNative\drivers\tdrpm251.sys (Acronis)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (oodivdh) -- C:\Windows\SysNative\drivers\oodivdh.sys (O&O Software GmbH)
DRV:64bit: - (oodivd) -- C:\Windows\SysNative\drivers\oodivd.sys (O&O Software GmbH)
DRV:64bit: - (oodisrh) -- C:\Windows\SysNative\drivers\oodisrh.sys (O&O Software GmbH)
DRV:64bit: - (oodisr) -- C:\Windows\SysNative\drivers\oodisr.sys (O&O Software GmbH)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (JMCR_CFS) -- C:\Windows\SysNative\drivers\jmcr_cfs.sys (JMicron Technology Corporation)
DRV:64bit: - (risdptsk) -- C:\Windows\SysNative\drivers\risdsn64.sys (REDC)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimssn64.sys (REDC)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (61883) -- C:\Windows\SysNative\drivers\61883.sys (Microsoft Corporation)
DRV:64bit: - (Avc) -- C:\Windows\SysNative\drivers\avc.sys (Microsoft Corporation)
DRV:64bit: - (MSDV) -- C:\Windows\SysNative\drivers\msdv.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5v64.sys (Intel Corporation)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64k.sys (Microsoft Corporation)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfesmfk) -- C:\Windows\SysNative\drivers\mfesmfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdk) -- C:\Windows\SysNative\drivers\mferkdk.sys (McAfee, Inc.)
DRV:64bit: - (MPFP) -- C:\Windows\SysNative\drivers\Mpfp.sys (McAfee, Inc.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV - (Lavasoft Kernexplorer) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {e7f88e02-0c78-48a1-86d2-82d8865de2df} - C:\Program Files (x86)\Oryte_Games_1.9\tbOry2.dll (Conduit Ltd.)
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEA&bmod=EU01
IE - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?searchsource=10&ctid=ct2476266
IE - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\..\URLSearchHook: {e7f88e02-0c78-48a1-86d2-82d8865de2df} - C:\Program Files (x86)\Oryte_Games_1.9\tbOry2.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.internetcologne.de/"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736
FF - prefs.js..extensions.enabledItems: support@predictad.com:1.11
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: testpilot@labs.mozilla.com:1.0.6
FF - prefs.js..keyword.URL: "hxxp://mystart.incredimail.com/?loc=ff_address_bar_im2_test_v2&search="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\support@predictad.com: C:\Program Files (x86)\AutocompletePro\support@predictad.com [2010.06.29 09:19:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2011.02.12 20:07:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.02.23 08:41:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.02.23 08:41:48 | 000,000,000 | ---D | M]
 
[2009.12.17 20:14:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nilgün\AppData\Roaming\mozilla\Extensions
[2011.02.28 14:53:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nilgün\AppData\Roaming\mozilla\Firefox\Profiles\yjism3e0.default\extensions
[2011.02.23 08:41:46 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Nilgün\AppData\Roaming\mozilla\Firefox\Profiles\yjism3e0.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.02.23 08:41:45 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Nilgün\AppData\Roaming\mozilla\Firefox\Profiles\yjism3e0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.02.23 08:41:46 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Nilgün\AppData\Roaming\mozilla\Firefox\Profiles\yjism3e0.default\extensions\DTToolbar@toolbarnet.com
[2011.02.23 08:41:46 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Nilgün\AppData\Roaming\mozilla\Firefox\Profiles\yjism3e0.default\extensions\personas@christopher.beard
[2011.02.26 20:26:21 | 000,000,000 | ---D | M] (Feedback) -- C:\Users\Nilgün\AppData\Roaming\mozilla\Firefox\Profiles\yjism3e0.default\extensions\testpilot@labs.mozilla.com
[2011.02.28 14:53:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.05.03 14:08:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.06.29 09:19:07 | 000,000,000 | ---D | M] ("AutocompletePro - Your handy search suggestions tool") -- C:\PROGRAM FILES (X86)\AUTOCOMPLETEPRO\SUPPORT@PREDICTAD.COM
[2011.02.12 20:07:04 | 000,000,000 | ---D | M] (PC Sync 2 Synchronisation Extension) -- C:\PROGRAM FILES (X86)\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC
File not found (No name found) -- C:\USERS\NILGüN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJISM3E0.DEFAULT\EXTENSIONS\{635ABD67-4FE9-1B23-4F01-E679FA7484C1}
File not found (No name found) -- C:\USERS\NILGüN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJISM3E0.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}
File not found (No name found) -- C:\USERS\NILGüN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJISM3E0.DEFAULT\EXTENSIONS\DTTOOLBAR@TOOLBARNET.COM
File not found (No name found) -- C:\USERS\NILGüN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJISM3E0.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD
File not found (No name found) -- C:\USERS\NILGüN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJISM3E0.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM
[2010.05.03 14:08:25 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2006.09.26 12:03:14 | 000,098,304 | ---- | M] (Zylom) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npzylomgamesplayer.dll
[2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.02.25 16:09:29 | 000,430,182 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 127.0.0.1        1-2005-search.com
O1 - Hosts: 127.0.0.1        123fporn.info
O1 - Hosts: 14806 more lines...
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - No CLSID value found.
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (Oryte Games 1.9 Toolbar) - {e7f88e02-0c78-48a1-86d2-82d8865de2df} - C:\Program Files (x86)\Oryte_Games_1.9\tbOry2.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Oryte Games 1.9 Toolbar) - {e7f88e02-0c78-48a1-86d2-82d8865de2df} - C:\Program Files (x86)\Oryte_Games_1.9\tbOry2.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\..\Toolbar\WebBrowser: (Oryte Games 1.9 Toolbar) - {E7F88E02-0C78-48A1-86D2-82D8865DE2DF} - C:\Program Files (x86)\Oryte_Games_1.9\tbOry2.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-484552633-2301324986-2533605579-1001..\Run: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKU\S-1-5-21-484552633-2301324986-2533605579-1001..\Run: [Lingoes] C:\Program Files (x86)\Lingoes\Translator2\Lingoes.exe (Lingoes Project)
O4 - HKU\S-1-5-21-484552633-2301324986-2533605579-1001..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-484552633-2301324986-2533605579-1001..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin]  File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin]  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.173.194.76 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (lsdelete) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.02.27 19:12:59 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.02.27 19:11:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011.02.27 19:11:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2011.02.27 19:03:02 | 000,000,000 | ---D | C] -- C:\Users\Nilgün\Desktop\MFTools
[2011.02.25 22:16:53 | 000,000,000 | ---D | C] -- C:\Users\Nilgün\AppData\Roaming\PCFix
[2011.02.24 11:30:28 | 000,000,000 | ---D | C] -- C:\Users\Nilgün\AppData\Roaming\Protector Suite
[2011.02.24 11:15:28 | 000,504,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll
[2011.02.24 11:15:28 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
[2011.02.24 11:00:47 | 000,000,000 | ---D | C] -- C:\Click to Disc
[2011.02.24 10:27:44 | 000,000,000 | ---D | C] -- C:\Update
[2011.02.24 09:23:37 | 000,000,000 | ---D | C] -- C:\Users\Nilgün\Mozila Fav
[2011.02.23 10:03:13 | 000,000,000 | ---D | C] -- C:\Programme\OO Software
[2011.02.23 08:55:54 | 000,000,000 | ---D | C] -- C:\Programme\PC Beschleunigen
[2011.02.23 07:42:02 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.02.23 07:42:02 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.02.23 07:42:01 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.02.23 07:42:01 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.02.22 12:55:39 | 000,000,000 | ---D | C] -- C:\Users\Nilgün\AppData\Roaming\Malwarebytes
[2011.02.22 12:52:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.02.22 12:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.02.22 12:52:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.02.22 12:52:25 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.02.22 12:52:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.02.22 10:49:46 | 000,000,000 | ---D | C] -- C:\Users\Nilgün\Prog
[2011.02.21 11:41:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011.02.21 11:41:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011.02.21 11:41:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011.02.21 09:16:38 | 000,000,000 | ---D | C] -- C:\Users\????\AppData\Roaming\QuickScan
[2011.02.18 22:20:08 | 000,000,000 | ---D | C] -- C:\Users\????\AppData\Roaming\Avira
[2011.02.18 22:16:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.02.18 22:16:27 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.02.18 22:16:27 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.02.18 22:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.02.18 21:18:12 | 000,336,896 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLMA0.DLL
[2011.02.18 21:15:24 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2011.02.18 20:16:47 | 000,573,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp50.dll
[2011.02.18 20:15:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\F-Secure
[2011.02.18 20:12:36 | 000,000,000 | ---D | C] -- C:\ProgramData\fssg
[2011.02.18 20:11:42 | 000,000,000 | ---D | C] -- C:\ProgramData\f-secure
[2011.02.17 10:46:18 | 006,952,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\NETw5s64.sys
[2011.02.17 10:46:18 | 002,747,904 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\NETw5r64.dll
[2011.02.17 10:46:18 | 000,787,456 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\NETw5c64.dll
[2011.02.17 10:45:05 | 000,592,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipcoin80.dll
[2011.02.17 10:36:11 | 000,501,536 | ---- | C] (Marvell) -- C:\Windows\SysNative\yk62x64.dll
[2011.02.17 10:36:11 | 000,402,720 | ---- | C] (Marvell) -- C:\Windows\SysNative\drivers\yk62x64.sys
[2011.02.17 10:35:15 | 000,541,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvuhda6.exe
[2011.02.17 10:35:15 | 000,084,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2011.02.17 10:35:15 | 000,062,976 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\nvapo64v.dll
[2011.02.17 10:35:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2011.02.17 10:34:20 | 000,036,616 | ---- | C] (IVT Corporation.) -- C:\Windows\SysNative\drivers\btcusb.sys
[2011.02.17 10:34:20 | 000,019,464 | ---- | C] (IVT Corporation.) -- C:\Windows\SysNative\btinstall.dll
[2011.02.17 10:32:33 | 000,132,648 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys
[2011.02.17 10:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2011.02.17 09:48:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2011.02.17 09:20:49 | 000,000,000 | ---D | C] -- C:\Users\????\AppData\Roaming\Uniblue
[2011.02.17 09:20:11 | 000,000,000 | ---D | C] -- C:\Users\?????AppData\Local\PackageAware
[2011.02.12 20:07:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PCSuite
[2011.02.12 20:07:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
[2011.02.12 20:07:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia
[2011.02.12 20:06:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2011.02.12 19:06:11 | 000,000,000 | ---D | C] -- C:\Users\????\AppData\Roaming\Apple Computer
[2011.02.12 19:06:11 | 000,000,000 | ---D | C] -- C:\Users\????\AppData\Local\Apple Computer
[2011.02.12 19:05:26 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011.02.10 07:58:01 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.02.10 07:58:00 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.02.10 07:57:59 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.02.10 07:57:59 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.02.10 07:57:59 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.02.10 07:57:59 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.02.10 07:57:59 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.02.10 07:57:59 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.02.10 07:57:59 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.02.10 07:57:59 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.02.10 07:57:59 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.02.10 07:57:59 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.02.10 07:57:51 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2011.02.10 07:57:51 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2011.02.10 07:57:50 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2011.02.10 07:57:49 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2011.02.10 07:57:49 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2011.02.10 07:57:49 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2011.02.10 07:57:49 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2011.02.10 07:57:49 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2011.02.10 07:57:48 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.02.10 07:57:46 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.02.10 07:57:46 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.02.10 07:57:42 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.02.10 07:57:42 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.02.10 07:57:42 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.02.10 07:57:39 | 005,510,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.02.10 07:57:39 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011.02.10 07:57:38 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.02.10 07:57:38 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.02.10 07:57:37 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.02.10 07:57:37 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.02.10 07:57:37 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.02.10 07:57:37 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.02.06 10:47:20 | 000,000,000 | ---D | C] -- C:\Users\?????\Neuer Ordner
 
========== Files - Modified Within 30 Days ==========
 
[2011.03.01 16:06:40 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.03.01 16:06:09 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2011.03.01 16:06:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.01 16:06:00 | 3195,318,272 | -HS- | M] () -- C:\hiberfil.sys
[2011.03.01 16:05:17 | 008,126,464 | ---- | M] () -- C:\Users????\ntuser.dat
[2011.03.01 16:05:09 | 006,240,578 | -H-- | M] () -- C:\Users\?????\AppData\Local\IconCache.db
[2011.03.01 15:31:03 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.01 15:31:03 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.01 15:30:40 | 001,512,234 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.03.01 15:30:40 | 000,659,310 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.03.01 15:30:40 | 000,620,546 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.03.01 15:30:40 | 000,131,890 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.03.01 15:30:40 | 000,108,106 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.03.01 15:28:00 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.02.27 22:03:36 | 000,524,288 | -HS- | M] () -- C:\Users\?????\ntuser.dat{e730be36-429e-11e0-ab3b-0024be3e1a50}.TMContainer00000000000000000002.regtrans-ms
[2011.02.27 22:03:36 | 000,524,288 | -HS- | M] () -- C:\Users\??????\ntuser.dat{e730be36-429e-11e0-ab3b-0024be3e1a50}.TMContainer00000000000000000001.regtrans-ms
[2011.02.27 22:03:36 | 000,065,536 | -HS- | M] () -- C:\Users\?????\ntuser.dat{e730be36-429e-11e0-ab3b-0024be3e1a50}.TM.blf
[2011.02.27 19:44:28 | 008,126,464 | ---- | M] () -- C:\Users\????\ntuser.bak
[2011.02.27 19:11:08 | 000,000,884 | ---- | M] () -- C:\Users\?????\Desktop\NTREGOPT.lnk
[2011.02.27 19:11:08 | 000,000,865 | ---- | M] () -- C:\Users\?????\Desktop\ERUNT.lnk
[2011.02.25 16:09:29 | 000,430,182 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.02.23 08:32:43 | 000,524,288 | -HS- | M] () -- C:\Users\?????\ntuser.dat{5a9c8cb4-3f19-11e0-a7fa-0024be3e1a50}.TMContainer00000000000000000002.regtrans-ms
[2011.02.23 08:32:43 | 000,524,288 | -HS- | M] () -- C:\Users\?????\ntuser.dat{5a9c8cb4-3f19-11e0-a7fa-0024be3e1a50}.TMContainer00000000000000000001.regtrans-ms
[2011.02.23 08:32:43 | 000,065,536 | -HS- | M] () -- C:\Users\?????\ntuser.dat{5a9c8cb4-3f19-11e0-a7fa-0024be3e1a50}.TM.blf
[2011.02.22 13:21:29 | 000,015,292 | ---- | M] () -- C:\Users\Public\Documents\cc_20110222_132120.reg
[2011.02.22 12:52:29 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.22 10:17:52 | 000,001,024 | ---- | M] () -- C:\Windows\SysNative\AutoPartNt.let
[2011.02.22 10:16:34 | 003,704,088 | ---- | M] (Acronis) -- C:\Windows\SysNative\AutoPartNt.exe
[2011.02.19 13:38:20 | 000,001,289 | ---- | M] () -- C:\Users\?????\Desktop\Acronis*True*Image*Home.lnk
[2011.02.18 20:21:45 | 000,042,664 | ---- | M] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2011.02.18 20:16:51 | 001,549,124 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.18 20:15:34 | 000,573,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp50.dll
[2011.02.17 22:06:09 | 000,524,288 | -HS- | M] () -- C:\Users\?????\ntuser.dat{5a7bad10-3abc-11e0-9fde-00264370aba7}.TMContainer00000000000000000002.regtrans-ms
[2011.02.17 22:06:09 | 000,524,288 | -HS- | M] () -- C:\Users\?????\ntuser.dat{5a7bad10-3abc-11e0-9fde-00264370aba7}.TMContainer00000000000000000001.regtrans-ms
[2011.02.17 22:06:09 | 000,065,536 | -HS- | M] () -- C:\Users\??????\ntuser.dat{5a7bad10-3abc-11e0-9fde-00264370aba7}.TM.blf
[2011.02.17 15:42:49 | 000,524,288 | -HS- | M] () -- C:\Users\??????\ntuser.dat{a5d8b5eb-3aa0-11e0-9191-0024be3e1a50}.TMContainer00000000000000000002.regtrans-ms
[2011.02.17 15:42:49 | 000,524,288 | -HS- | M] () -- C:\Users\?????\ntuser.dat{a5d8b5eb-
3aa0-11e0-9191-0024be3e1a50}.TMContainer00000000000000000001.regtrans-ms
[2011.02.17 15:42:49 | 000,065,536 | -HS- | M] () -- C:\Users\?????\ntuser.dat{a5d8b5eb-3aa0-11e0-9191-0024be3e1a50}.TM.blf
[2011.02.17 13:19:14 | 000,524,288 | -HS- | M] () -- C:\Users\?????\ntuser.dat{a3571dff-3a79-11e0-8fbb-00264370aba7}.TMContainer00000000000000000002.regtrans-ms
[2011.02.17 13:19:14 | 000,524,288 | -HS- | M] () -- C:\Users\?????\ntuser.dat{a3571dff-3a79-11e0-8fbb-00264370aba7}.TMContainer00000000000000000001.regtrans-ms
[2011.02.17 13:19:14 | 000,065,536 | -HS- | M] () -- C:\Users\??????\ntuser.dat{a3571dff-3a79-11e0-8fbb-00264370aba7}.TM.blf
[2011.02.17 10:46:18 | 006,952,960 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\NETw5s64.sys
[2011.02.17 10:46:18 | 002,747,904 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\NETw5r64.dll
[2011.02.17 10:46:18 | 000,787,456 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\NETw5c64.dll
[2011.02.17 10:45:05 | 000,592,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ipcoin80.dll
[2011.02.17 10:36:11 | 000,501,536 | ---- | M] (Marvell) -- C:\Windows\SysNative\yk62x64.dll
[2011.02.17 10:36:11 | 000,402,720 | ---- | M] (Marvell) -- C:\Windows\SysNative\drivers\yk62x64.sys
[2011.02.17 10:35:15 | 000,541,216 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NVUNINST.EXE
[2011.02.17 10:35:15 | 000,541,216 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvuhda6.exe
[2011.02.17 10:35:15 | 000,171,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcohda6.dll
[2011.02.17 10:35:15 | 000,084,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2011.02.17 10:35:15 | 000,062,976 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\nvapo64v.dll
[2011.02.17 10:35:15 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2011.02.17 10:35:15 | 000,001,481 | ---- | M] () -- C:\Windows\SysNative\nvhda.nvu
[2011.02.17 10:34:20 | 000,036,616 | ---- | M] (IVT Corporation.) -- C:\Windows\SysNative\drivers\btcusb.sys
[2011.02.17 10:34:20 | 000,019,464 | ---- | M] (IVT Corporation.) -- C:\Windows\SysNative\btinstall.dll
[2011.02.17 10:32:33 | 000,132,648 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys
[2011.02.17 09:33:51 | 000,524,288 | -HS- | M] () -- C:\Users\?????\ntuser.dat{6d71d8e4-3a6b-11e0-8b4d-00264370aba7}.TMContainer00000000000000000002.regtrans-ms
[2011.02.17 09:33:51 | 000,524,288 | -HS- | M] () -- C:\Users\??????\ntuser.dat{6d71d8e4-3a6b-11e0-8b4d-00264370aba7}.TMContainer00000000000000000001.regtrans-ms
[2011.02.17 09:33:51 | 000,065,536 | -HS- | M] () -- C:\Users\?????\ntuser.dat{6d71d8e4-3a6b-11e0-8b4d-00264370aba7}.TM.blf
[2011.02.13 14:02:23 | 000,050,688 | ---- | M] () -- C:\Windows\SysNative\KCDSMSNO.DLL
[2011.02.10 13:49:56 | 002,386,416 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.02.08 13:55:21 | 000,016,432 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe
 
========== Files Created - No Company Name ==========
 
[2011.02.27 19:46:00 | 000,524,288 | -HS- | C] () -- C:\Users\??????\ntuser.dat{e730be36-429e-11e0-ab3b-0024be3e1a50}.TMContainer00000000000000000002.regtrans-ms
[2011.02.27 19:46:00 | 000,524,288 | -HS- | C] () -- C:\Users\?????\ntuser.dat{e730be36-429e-11e0-ab3b-0024be3e1a50}.TMContainer00000000000000000001.regtrans-ms
[2011.02.27 19:46:00 | 000,065,536 | -HS- | C] () -- C:\Users\?????\ntuser.dat{e730be36-429e-11e0-ab3b-0024be3e1a50}.TM.blf
[2011.02.27 19:11:08 | 000,000,884 | ---- | C] () -- C:\Users\?????\Desktop\NTREGOPT.lnk
[2011.02.27 19:11:08 | 000,000,865 | ---- | C] () -- C:\Users\?????\Desktop\ERUNT.lnk
[2011.02.24 11:43:12 | 000,002,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO-Support für Übertragungen.lnk
[2011.02.24 10:29:13 | 000,001,039 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2011.02.23 08:46:56 | 006,240,578 | -H-- | C] () -- C:\Users\?????\AppData\Local\IconCache.db
[2011.02.23 08:25:33 | 000,524,288 | -HS- | C] () -- C:\Users\?????\ntuser.dat{5a9c8cb4-3f19-11e0-a7fa-0024be3e1a50}.TMContainer00000000000000000002.regtrans-ms
[2011.02.23 08:25:33 | 000,524,288 | -HS- | C] () -- C:\Users\?????\ntuser.dat{5a9c8cb4-3f19-11e0-a7fa-0024be3e1a50}.TMContainer00000000000000000001.regtrans-ms
[2011.02.23 08:25:33 | 000,065,536 | -HS- | C] () -- C:\Users\?????\ntuser.dat{5a9c8cb4-3f19-11e0-a7fa-0024be3e1a50}.TM.blf
[2011.02.22 13:21:26 | 000,015,292 | ---- | C] () -- C:\Users\Public\Documents\cc_20110222_132120.reg
[2011.02.22 12:52:29 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.19 13:38:20 | 000,001,289 | ---- | C] () -- C:\Users\?????\Desktop\Acronis*True*Image*Home.lnk
[2011.02.18 20:17:22 | 000,042,664 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2011.02.17 18:47:28 | 000,524,288 | -HS- | C] () -- C:\Users\?????\ntuser.dat{5a7bad10-3abc-11e0-9fde-00264370aba7}.TMContainer00000000000000000002.regtrans-ms
[2011.02.17 18:47:28 | 000,524,288 | -HS- | C] () -- C:\Users\??????\ntuser.dat{5a7bad10-3abc-11e0-9fde-00264370aba7}.TMContainer00000000000000000001.regtrans-ms
[2011.02.17 18:47:28 | 000,065,536 | -HS- | C] () -- C:\Users\??????\ntuser.dat{5a7bad10-3abc-11e0-9fde-00264370aba7}.TM.blf
[2011.02.17 15:37:49 | 000,524,288 | -HS- | C] () -- C:\Users\Nilgün\ntuser.dat{a5d8b5eb-3aa0-11e0-9191-0024be3e1a50}.TMContainer00000000000000000002.regtrans-ms
[2011.02.17 15:37:49 | 000,524,288 | -HS- | C] () -- C:\Users\?????\ntuser.dat{a5d8b5eb-3aa0-11e0-9191-0024be3e1a50}.TMContainer00000000000000000001.regtrans-ms
[2011.02.17 15:37:49 | 000,065,536 | -HS- | C] () -- C:\Users\?????\ntuser.dat{a5d8b5eb-3aa0-11e0-9191-0024be3e1a50}.TM.blf
[2011.02.17 11:03:56 | 000,524,288 | -HS- | C] () -- C:\Users\??????\ntuser.dat{a3571dff-3a79-11e0-8fbb-00264370aba7}.TMContainer00000000000000000002.regtrans-ms
[2011.02.17 11:03:56 | 000,524,288 | -HS- | C] () -- C:\Users\?????\ntuser.dat{a3571dff-3a79-11e0-8fbb-00264370aba7}.TMContainer00000000000000000001.regtrans-ms
[2011.02.17 11:03:56 | 000,065,536 | -HS- | C] () -- C:\Users\?????\ntuser.dat{a3571dff-3a79-11e0-8fbb-00264370aba7}.TM.blf
[2011.02.17 10:35:15 | 000,001,481 | ---- | C] () -- C:\Windows\SysNative\nvhda.nvu
[2011.02.17 09:05:44 | 000,524,288 | -HS- | C] () -- C:\Users\?????\ntuser.dat{6d71d8e4-3a6b-11e0-8b4d-00264370aba7}.TMContainer00000000000000000002.regtrans-ms
[2011.02.17 09:05:44 | 000,524,288 | -HS- | C] () -- C:\Users\?????\ntuser.dat{6d71d8e4-3a6b-11e0-8b4d-00264370aba7}.TMContainer00000000000000000001.regtrans-ms
[2011.02.17 09:05:44 | 000,065,536 | -HS- | C] () -- C:\Users\?????\ntuser.dat{6d71d8e4-3a6b-11e0-8b4d-00264370aba7}.TM.blf
[2011.02.13 14:02:23 | 000,050,688 | ---- | C] () -- C:\Windows\SysNative\KCDSMSNO.DLL
[2010.10.17 13:37:43 | 001,549,124 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.08.27 11:33:50 | 000,000,025 | ---- | C] () -- C:\Windows\CDEC66SeriesEuro.ini
[2010.07.11 08:06:25 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\unM9205.exe
[2010.07.11 08:06:25 | 000,021,201 | ---- | C] () -- C:\Windows\SysWow64\rm9205.exe
[2010.07.01 09:59:51 | 000,004,608 | ---- | C] () -- C:\Users\?????\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.02 10:31:29 | 000,000,495 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010.03.08 21:34:17 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml
[2010.02.21 03:48:22 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.01.17 14:18:32 | 000,000,127 | ---- | C] () -- C:\Users\?????\AppData\Roaming\default.rss
[2010.01.17 14:16:55 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.01.17 13:34:13 | 000,000,039 | ---- | C] () -- C:\Windows\Irremote.ini
[2010.01.14 10:01:21 | 000,000,017 | ---- | C] () -- C:\Users\?????\AppData\Local\resmon.resmoncfg
[2010.01.06 16:37:49 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Profiles
[2010.01.06 16:37:49 | 000,000,268 | RH-- | C] () -- C:\Users\?????\AppData\Roaming\Printer Icons
[2010.01.06 16:37:49 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010.01.06 16:37:49 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Resources
[2009.12.25 10:58:44 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.12.16 18:38:33 | 000,123,440 | ---- | C] () -- C:\Users\?????\AppData\Local\GDIPFONTCACHEV1.DAT
[2009.09.06 10:23:26 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2009.09.06 10:07:13 | 000,002,835 | ---- | C] () -- C:\Windows\SysWow64\McOEMAppRules.dat
[2009.08.16 09:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:35:42 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2009.07.14 03:34:57 | 000,000,510 | ---- | C] () -- C:\Windows\win.ini
[2009.07.14 03:34:57 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.05.29 14:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.05.29 14:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2007.02.05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
 
========== LOP Check ==========
 
[2010.07.11 21:19:38 | 000,000,000 | -HSD | M] -- C:\Users\?????\AppData\Roaming\.#
[2011.01.07 22:51:07 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\Acronis
[2009.12.16 19:31:04 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\BitDefender
[2010.06.16 07:52:00 | 000,000,000 | ---D | M] -- C:\Users\??????\AppData\Roaming\Canon
[2010.02.25 19:48:14 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\DAEMON Tools Lite
[2010.02.09 20:20:48 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\DAEMON Tools Pro
[2010.07.11 08:27:49 | 000,000,000 | ---D | M] -- C:\Users?????\AppData\Roaming\DriverFinder
[2010.02.26 19:38:03 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\Farm Mania
[2010.08.08 11:32:57 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\Lingoes
[2010.01.06 16:54:10 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\Nikon
[2010.06.01 11:54:08 | 000,000,000 | ---D | M] -- C:\Users?????\AppData\Roaming\Nokia
[2010.06.01 11:54:04 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\PC Suite
[2011.02.25 22:18:16 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\PCFix
[2011.02.24 11:30:28 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\Protector Suite
[2011.02.21 09:17:07 | 000,000,000 | ---D | M] -- C:\Users\??????\AppData\Roaming\QuickScan
[2010.03.27 17:18:53 | 000,000,000 | ---D | M] -- C:\Users\???????\AppData\Roaming\Spesoft Audio Converter
[2010.02.09 20:34:44 | 000,000,000 | ---D | M] -- C:\Users\??????\AppData\Roaming\TuneUp Software
[2011.02.28 18:30:09 | 000,000,000 | ---D | M] -- C:\Users\??????\AppData\Roaming\Uniblue
[2011.02.23 08:41:45 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\Win7codecs
[2010.02.26 19:37:50 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\Zylom
[2011.02.08 09:16:30 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:456A69E6

< End of report >
--- --- ---



Hoffe das bringt was.

cosinus 01.03.2011 20:50
Da fehlen Logfiles. Nochmal sag ich es nicht, dass du die Anleitung richtig lesen und umsetzen sollst. :balla:

T.C 1 01.03.2011 21:22
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5919

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

01.03.2011 21:15:35
mbam-log-2011-03-01 (21-15-35).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 167718
Laufzeit: 3 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

T.C 1 01.03.2011 21:33
OTL Extras logfile created on: 01.03.2011 16:01:27 - Run 1
OTL by OldTimer - Version 3.2.22.1 Folder = C:\Users\?????\Desktop\MFTools
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
10,00 Gb Paging File | 8,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454,83 Gb Total Space | 356,94 Gb Free Space | 78,48% Space Free | Partition Type: NTFS

Computer Name: NILGÜN-VAIO | User Name: ????? | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series" = Canon MP560 series MP Drivers
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java(TM) 6 Update 14 (64-bit)
"{3B4D3734-1C75-40bb-8C73-D6B00ECFF5C2}" = O&O DiskImage Express
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID-Anmelde-Assistent
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{C74A84EC-7C5F-4C36-A4A6-381E516D643B}" = Microsoft IntelliPoint 7.0
"{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}" = Dolby Control Center
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Windows-Treiberpaket - Nokia Modem (10/07/2010 4.6)
"CCleaner" = CCleaner
"E5372C32E8562C76C24DBA6525002B1031495F34" = Windows-Treiberpaket - Nokia Modem (06/09/2010 7.01.0.8)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08C7A49D-2B12-46F6-8B41-26D3B0D1C01F}" = Visual Studio C++ 9.0 Runtime
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0A5F02E5-1A52-4F85-892C-A35227641C75}" = VAIO Content Metadata Intelligent Analyzing Manager
"{0F55D046-3367-4C93-A419-4D17EFDC496C}" = Malen nach Zahlen 2
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{15382D89-6EF6-4D21-9484-B500F2B10E46}" = PhotoMail Maker
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236135FC-78F2-44e7-883D-1D5671C8F4C7}" = JMicron JMB368 CF Host Controller Driver
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Einstellungen für VAIO-Inhaltsüberwachung
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216017F0}" = Java(TM) 6 Update 17
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2BE51320-174A-44EC-8041-50E35E091283}" = VAIO Content Metadata Intelligent Analyzing Manager
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{3B1168DE-1F8C-471C-AC49-0CA52F096170}" = VAIO Content Metadata Intelligent Network Service Manager
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3A1CF5-A2A0-4D80-8808-609C87FB33FE}_is1" = Bildschutz Pro 3.01
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{3F9FB449-93DB-4C47-BB5B-7334C4D1736E}" = SD Formatter
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{45D4F727-43B5-49CD-B474-B9866A8F4FB8}" = Nokia Map Loader
"{48E91AD2-2A80-4E70-98E6-450A189F6048}" = VAIO Movie Story
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{51BEF30C-58E4-490F-BA40-A2F12AB8B5F9}" = VAIO Content Metadata Manager Settings
"{51CFD8DC-5C66-42ec-9598-72E28FD62ED5}" = MusicStation
"{52210D57-0B1F-4681-90DD-8659DF4BCC40}" = Moorhuhn Remake
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{5511C07D-A83C-45AD-92B6-42DF99729A3C}" = Adobe Photoshop Elements 7.0
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57AABF73-E17F-4212-A103-13A9794F0869}" = VAIO Content Metadata XML Interface Library
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F2D882B-A663-4EB5-9851-48CC6C75FD2D}" = VAIO Content Metadata Intelligent Network Service Manager
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7395DD51-0D1A-47A7-9993-742073ECF4CE}" = VAIO Content Metadata Manager Settings
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{7A512C74-7780-43A1-93DA-29C23D0DF374}" = VAIO Content Metadata XML Interface Library
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7E8DE539-B044-48B3-BC76-4F0A089ABE2F}" = VAIO Content Metadata Intelligent Analyzing Manager
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8466123B-2CBE-4809-8FAF-94D1F76BC4FE}" = AKVIS Chameleon
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F47B673-8D71-49E3-98B6-BCF547C82F57}" = Click to Disc
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{949419DF-F4AF-4693-B60A-522B24F233C6}" = VAIO Content Metadata XML Interface Library
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{96b3347a-062c-4a89-85cd-32e7fd4ea3c3}" = Nero 9
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D912275-85FD-45F6-9AF3-388A0F8AADB2}" = VAIO Content Metadata Intelligent Network Service Manager
"{9E39EA0D-38CD-4739-9E28-DEA4A1155522}" = Sony Home Network Library
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A568DFBD-4A04-484E-86BB-165AA6C53E2B}" = VAIO Content Monitoring Settings
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Funktion Einstellungen
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.2 - Deutsch
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor



Falls das gemeint war muß ich mich wohl entschuldigen.Habe es missverstanden (es sollen keine Hijack this Log Files gepostet werden ,die Anderen sollen wohl hier rein.)

MfG
Ayhan

cosinus 01.03.2011 22:02
Zitat:
Art des Suchlaufs: Quick-Scan
Bitte routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

T.C 1 02.03.2011 19:17
Von eben mit Fund (schon entfernt):Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5934

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

02.03.2011 18:59:54
mbam-log-2011-03-02 (18-59-54).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 433623
Laufzeit: 1 Stunde(n), 23 Minute(n), 10 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\program files (x86)\win7codecs\Tools\settings32.exe (Trojan.Clicker) -> Quarantined and deleted successfully.


ältere:Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5919

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

01.03.2011 21:15:35
mbam-log-2011-03-01 (21-15-35).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 167718
Laufzeit: 3 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5919

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

01.03.2011 21:01:47
mbam-log-2011-03-01 (21-01-47).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 167648
Laufzeit: 2 Minute(n), 30 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)



Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5895

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

27.02.2011 19:54:06
mbam-log-2011-02-27 (19-54-06).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 167423
Laufzeit: 3 Minute(n), 27 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

habe auch eine log File von hijack this mit (sehr selten )funktionierendem und eine Log File mit jetzigem Internet Problem .Würden die vielleicht was bringen??
Danke

cosinus 02.03.2011 19:45
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
http://saved.im/mtm0nzyzmzd5/cofi.jpg
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

T.C 1 02.03.2011 20:20
Combofix Logfile:
Code:
ComboFix 11-03-02.01 - Nilgün 02.03.2011  20:03:34.1.2 - x64
ausgeführt von:: c:\users\Nilgün\Desktop\cofi.exe
.

((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files (x86)\AutocompletePro
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome.manifest
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\browserOverlay.xul
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\options.js
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\options.xul
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\utils.js
c:\program files (x86)\AutocompletePro\support@predictad.com\defaults\preferences\predictad.js
c:\program files (x86)\AutocompletePro\support@predictad.com\install.rdf
c:\program files (x86)\AutocompletePro\unins000.dat
c:\program files (x86)\AutocompletePro\unins000.exe
c:\users\Nilgün\AppData\Roaming\.#
c:\windows\system32\twunk_32.exe
c:\windows\SysWow64\twunk_32.exe

.
(((((((((((((((((((((((  Dateien erstellt von 2011-02-02 bis 2011-03-02  ))))))))))))))))))))))))))))))
.

2011-03-02 19:08 . 2011-03-02 19:08        --------        d-----w-        c:\users\Default\AppData\Local\temp
2011-03-01 14:18 . 2011-02-11 07:30        7947600        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{BE0F4345-DE18-45EE-9FD7-181ED0593EBD}\mpengine.dll
2011-02-27 18:11 . 2011-02-27 18:11        --------        d-----w-        c:\program files (x86)\ERUNT
2011-02-25 21:16 . 2011-02-25 21:18        --------        d-----w-        c:\users\Nilgün\AppData\Roaming\PCFix
2011-02-24 10:30 . 2011-02-24 10:30        --------        d-----w-        c:\users\Nilgün\AppData\Roaming\Protector Suite
2011-02-24 10:15 . 2010-01-25 07:37        504832        ----a-w-        c:\windows\system32\imapi2.dll
2011-02-24 10:15 . 2010-01-25 07:11        392192        ----a-w-        c:\windows\SysWow64\imapi2.dll
2011-02-24 10:00 . 2011-02-24 10:00        --------        d-----w-        C:\Click to Disc
2011-02-24 09:27 . 2011-02-24 14:11        --------        d-----w-        C:\Update
2011-02-24 08:23 . 2011-02-24 09:29        --------        d-----w-        c:\users\Nilgün\Mozila Fav
2011-02-23 10:50 . 2010-09-14 06:45        367104        ----a-w-        c:\windows\system32\wcncsvc.dll
2011-02-23 10:50 . 2010-09-14 06:07        276992        ----a-w-        c:\windows\SysWow64\wcncsvc.dll
2011-02-23 09:03 . 2011-02-23 09:03        --------        d-----w-        c:\program files\OO Software
2011-02-23 07:55 . 2011-02-23 08:06        --------        d-----w-        c:\program files\PC Beschleunigen
2011-02-23 06:42 . 2011-01-07 08:07        662528        ----a-w-        c:\windows\system32\XpsPrint.dll
2011-02-23 06:42 . 2011-01-07 07:31        442880        ----a-w-        c:\windows\SysWow64\XpsPrint.dll
2011-02-23 06:42 . 2011-01-07 08:07        475648        ----a-w-        c:\windows\system32\XpsGdiConverter.dll
2011-02-23 06:42 . 2011-01-07 07:31        288256        ----a-w-        c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-22 11:55 . 2011-02-22 11:55        --------        d-----w-        c:\users\Nilgün\AppData\Roaming\Malwarebytes
2011-02-22 11:52 . 2010-12-20 17:09        38224        ----a-w-        c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-02-22 11:52 . 2011-02-22 11:52        --------        d-----w-        c:\programdata\Malwarebytes
2011-02-22 11:52 . 2011-03-02 17:59        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2011-02-22 11:52 . 2010-12-20 17:08        24152        ----a-w-        c:\windows\system32\drivers\mbam.sys
2011-02-22 09:49 . 2011-02-24 08:28        --------        d-----w-        c:\users\Nilgün\Prog
2011-02-21 10:41 . 2011-03-01 16:20        --------        d-----w-        c:\programdata\Spybot - Search & Destroy
2011-02-21 10:41 . 2011-02-23 07:41        --------        d-----w-        c:\program files (x86)\Spybot - Search & Destroy
2011-02-21 08:16 . 2011-02-21 08:17        --------        d-----w-        c:\users\Nilgün\AppData\Roaming\QuickScan
2011-02-18 21:20 . 2011-02-18 21:20        --------        d-----w-        c:\users\Nilgün\AppData\Roaming\Avira
2011-02-18 21:16 . 2011-01-10 13:23        83120        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2011-02-18 21:16 . 2011-01-10 13:23        116568        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2011-02-18 21:16 . 2011-02-18 21:16        --------        d-----w-        c:\programdata\Avira
2011-02-18 20:18 . 2010-04-24 04:00        336896        ----a-w-        c:\windows\system32\CNMLMA0.DLL
2011-02-18 20:15 . 2009-10-10 03:17        14336        ----a-w-        c:\windows\system32\drivers\sffp_sd.sys
2011-02-18 20:15 . 2009-10-10 02:41        109056        ----a-w-        c:\windows\system32\drivers\sdbus.sys
2011-02-18 19:17 . 2011-02-18 19:21        42664        ----a-w-        c:\windows\SysWow64\drivers\fsbts.sys
2011-02-18 19:16 . 2011-02-18 19:15        573608        ----a-w-        c:\windows\SysWow64\msvcp50.dll
2011-02-18 19:15 . 2011-02-19 07:38        --------        d-----w-        c:\program files (x86)\F-Secure
2011-02-18 19:12 . 2011-02-18 19:15        --------        d-----w-        c:\programdata\fssg
2011-02-18 19:11 . 2011-02-18 19:16        --------        d-----w-        c:\programdata\f-secure
2011-02-17 09:46 . 2011-02-17 09:46        787456        ----a-w-        c:\windows\system32\NETw5c64.dll
2011-02-17 09:46 . 2011-02-17 09:46        6952960        ----a-w-        c:\windows\system32\drivers\NETw5s64.sys
2011-02-17 09:46 . 2011-02-17 09:46        2747904        ----a-w-        c:\windows\system32\NETw5r64.dll
2011-02-17 09:45 . 2011-02-17 09:45        592272        ----a-w-        c:\windows\system32\ipcoin80.dll
2011-02-17 09:36 . 2011-02-17 09:36        501536        ----a-w-        c:\windows\system32\yk62x64.dll
2011-02-17 09:36 . 2011-02-17 09:36        402720        ----a-w-        c:\windows\system32\drivers\yk62x64.sys
2011-02-17 09:35 . 2011-02-17 09:35        84512        ----a-w-        c:\windows\system32\drivers\nvhda64v.sys
2011-02-17 09:35 . 2011-02-17 09:35        62976        ----a-w-        c:\windows\system32\nvapo64v.dll
2011-02-17 09:35 . 2011-02-17 09:35        541216        ----a-w-        c:\windows\system32\nvuhda6.exe
2011-02-17 09:35 . 2011-02-17 09:35        22528        ----a-w-        c:\windows\system32\nvhdap64.dll
2011-02-17 09:34 . 2011-02-17 09:34        36616        ----a-w-        c:\windows\system32\drivers\btcusb.sys
2011-02-17 09:34 . 2011-02-17 09:34        19464        ----a-w-        c:\windows\system32\btinstall.dll
2011-02-17 09:32 . 2011-02-17 09:32        132648        ----a-w-        c:\windows\system32\drivers\btwavdt.sys
2011-02-17 09:29 . 2011-02-17 09:29        --------        d-----w-        c:\programdata\Uniblue
2011-02-17 08:20 . 2011-02-28 17:30        --------        d-----w-        c:\users\Nilgün\AppData\Roaming\Uniblue
2011-02-17 08:20 . 2011-02-17 08:20        --------        d-----w-        c:\users\Nilgün\AppData\Local\PackageAware
2011-02-13 13:02 . 2011-02-13 13:02        50688        ----a-w-        c:\windows\system32\KCDSMSNO.DLL
2011-02-12 19:07 . 2011-02-12 19:07        --------        d-----w-        c:\program files (x86)\Common Files\PCSuite
2011-02-12 19:07 . 2011-02-12 19:07        --------        d-----w-        c:\program files (x86)\Common Files\Nokia
2011-02-12 19:06 . 2011-02-12 19:06        --------        d-----w-        c:\program files (x86)\PC Connectivity Solution
2011-02-12 18:06 . 2011-02-12 18:10        --------        d-----w-        c:\users\Nilgün\AppData\Roaming\Apple Computer
2011-02-12 18:06 . 2011-02-12 18:06        --------        d-----w-        c:\users\Nilgün\AppData\Local\Apple Computer
2011-02-12 18:05 . 2011-02-12 18:05        --------        d-----w-        c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-02-10 06:58 . 2010-12-18 06:17        696592        ----a-w-        c:\program files\Internet Explorer\iexplore.exe
2011-02-10 06:58 . 2010-12-18 06:11        1013248        ----a-w-        c:\program files\Internet Explorer\iedvtool.dll
2011-02-10 06:58 . 2010-12-18 05:33        673040        ----a-w-        c:\program files (x86)\Internet Explorer\iexplore.exe
2011-02-10 06:58 . 2010-12-18 05:29        860160        ----a-w-        c:\program files (x86)\Internet Explorer\iedvtool.dll
2011-02-06 09:47 . 2011-02-06 09:47        --------        d-----w-        c:\users\Nilgün\Neuer Ordner

.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-22 09:16 . 2009-12-22 10:14        3704088        ----a-w-        c:\windows\system32\AutoPartNt.exe
2011-02-17 09:35 . 2009-08-18 02:22        171520        ----a-w-        c:\windows\system32\nvcohda6.dll
2011-02-17 09:35 . 2009-08-17 17:24        541216        ----a-w-        c:\windows\system32\NVUNINST.EXE
2011-02-08 12:55 . 2009-12-17 19:38        16432        ----a-w-        c:\windows\system32\lsdelete.exe
2011-02-02 16:11 . 2009-12-17 15:14        270720        ------w-        c:\windows\system32\MpSigStub.exe
2010-12-14 17:51 . 2010-12-14 17:51        51712        ----a-w-        c:\windows\system32\drivers\usbaapl64.sys
2010-12-14 17:51 . 2010-12-14 17:51        4184352        ----a-w-        c:\windows\system32\usbaaplrc.dll
2010-12-12 19:59 . 2010-12-12 19:59        15256        ----a-w-        c:\users\Nilgün\AppData\Roaming\Microsoft\IdentityCRL\production\ppcrlconfig.dll
2010-12-12 19:59 . 2010-12-12 19:59        15256        ----a-w-        c:\users\Nilgün\AppData\Roaming\Microsoft\IdentityCRL\production\ppcrlconfig.dll
.

((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{e7f88e02-0c78-48a1-86d2-82d8865de2df}"= "c:\program files (x86)\Oryte_Games_1.9\tbOry2.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{e7f88e02-0c78-48a1-86d2-82d8865de2df}]

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{e7f88e02-0c78-48a1-86d2-82d8865de2df}]
2010-10-18 10:26        3908192        ----a-w-        c:\program files (x86)\Oryte_Games_1.9\tbOry2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{e7f88e02-0c78-48a1-86d2-82d8865de2df}"= "c:\program files (x86)\Oryte_Games_1.9\tbOry2.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{e7f88e02-0c78-48a1-86d2-82d8865de2df}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail"="c:\program files (x86)\IncrediMail\bin\IncMail.exe" [2009-12-22 251336]
"Lingoes"="c:\program files (x86)\Lingoes\Translator2\Lingoes.exe" [2010-07-23 2252800]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-12-21 1483264]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2009-08-28 5078416]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-01-10 281768]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe"
"MarketingTools"=c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-06 133104]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-06-26 362992]
R2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-07-16 411496]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-08-03 35104]
R3 JMCR_CFS;JMCR_CFS;c:\windows\system32\DRIVERS\jmcr_cfs.sys [2009-07-31 73128]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-05 5435904]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-06-26 313840]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-07-27 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-07-27 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-07-27 427304]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-07-27 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-07-27 91432]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-12-14 51712]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-06-26 468264]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-06-26 357672]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-06-17 110888]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-04-09 1223024]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-07-06 69152]
S0 oodisr;O&O DiskImage Snapshot/Restore Driver;c:\windows\system32\DRIVERS\oodisr.sys [2009-10-24 117328]
S0 oodisrh;oodisrh;c:\windows\system32\DRIVERS\oodisrh.sys [2009-10-24 40016]
S0 oodivd;O&O DiskImage Virtual Devices Driver;c:\windows\system32\DRIVERS\oodivd.sys [2009-10-24 210512]
S0 oodivdh;oodivdh;c:\windows\system32\DRIVERS\oodivdh.sys [2009-10-24 42576]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-08-12 55856]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-09 834544]
S0 tdrpman251;Acronis Try&Decide and Restore Points filter (build 251);c:\windows\system32\DRIVERS\tdrpm251.sys [2009-12-18 1455648]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-08 169312]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2009-12-18 2326912]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-01-10 135336]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-03-01 1405384]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-07-22 642920]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2009-08-12 522240]
S2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2009-12-18 240672]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2011-02-17 6952960]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-02-17 84512]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64k.sys [2009-05-28 33160]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2009-06-11 11392]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2011-02-17 402720]

.
Inhalt des "geplante Tasks" Ordners

2011-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-06 09:06]

2011-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-06 09:06]
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-28 2314120]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-29 16335904]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-24 7938080]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-08-28 357936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com/?searchsource=10&ctid=ct2476266
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Add animation to IncrediMail Style Box
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Nilgün\AppData\Roaming\Mozilla\Firefox\Profiles\yjism3e0.default\
FF - prefs.js: browser.search.selectedEngine - MyStart Search
FF - prefs.js: browser.startup.homepage - hxxp://www.internetcologne.de/
FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar_im2_test_v2&search=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Feedback: testpilot@labs.mozilla.com - %profile%\extensions\testpilot@labs.mozilla.com
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files (x86)\Nokia\Nokia PC Suite 7\bkmrksync
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

Notify-VESWinlogon - VESWinlogon.dll
SafeBoot-mcmscsvc
SafeBoot-MCODS
WebBrowser-{E7F88E02-0C78-48A1-86D2-82D8865DE2DF} - (no file)
AddRemove-AutocompletePro3_is1 - c:\program files (x86)\AutocompletePro\unins000.exe
AddRemove-{C03434E6-C4D3-4045-95A1-31301675E404} - c:\windows\system32\unM9205.exe



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Lavasoft Kernexplorer]
"ImagePath"="\??\c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10a.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10a.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\progra~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\program files (x86)\IncrediMail\bin\IMApp.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-03-02  20:14:53 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-03-02 19:14

Vor Suchlauf: 13 Verzeichnis(se), 381.926.424.576 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 381.754.519.552 Bytes frei

- - End Of File - - 3F65FC94D762277AB768A13A925B0AE7
--- --- ---

cosinus 02.03.2011 20:49
Bitte nun Logs mit GMER und mbrcheck erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg

Anleitung zu mbrcheck:
Downloade Dir MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur wenige Sekunden.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:18 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131