Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Internet sehr langsam brauche dringend Hilfe (https://www.trojaner-board.de/96070-internet-sehr-langsam-brauche-dringend-hilfe.html)

T.C 1 26.02.2011 13:26
Internet sehr langsam brauche dringend Hilfe
 
Hallo,

bin neu hier und brauche dringend eure Hilfe.Habe seit ca.7 Tagen eine sehr schlechte Internetverbindung (aufbau von Seiten dauert gefühlte Jahre).Habe antivir,Adaware und Spyboot ohne Erfolg/Fund durchlaufen lassen.Auch Datenträgerbereinigung,Defragmentierung und Systemwiederherstellung ohne Erfolg durchgeführt. Habe hier von hijackthis gelesen und bei chip runtergeladen.Da ich in solchen Sachen keine Kenntnisse habe ( welch Wunder ;) ) und gelesen habe das damit wichtige Sachen geändert werden können habe ich nur Durchlaufen lassen.MAnchmal funktioniert alles einwandfrei und nach dem nächsten Neustart ist alles wieder Lahm.Das Problem habe ich am Laptop,am Pc ist alles in Ordnung.Habe auch direkt über Lan versucht mit gleichem Ergebniss.Auch bei Nutzung bei Freunden (also Fremder Router und Netz)ist alles Lahm.Habe seit Tagen gegoogelt und auch in Anderen Foren nach Hilfe gesucht,ohne Erfolg.Das Komplette System neu aufsetzen ist die Möglichkeit die ich versuche (wenig Kenntnisse,OEM Version usw.)zu Umgehen.

Brauche dringend eure Hilfe damit ich mit dem Laptop wieder ohne Frust arbeiten kann.

Was kann ich tun,wie soll ich vorgehen?

Danke euch schon mal für eure Mühen und eure Geduld.
MfG Ayhan

Kann mir wirklich:headbang: Keiner helfen?????:headbang:

cosinus 28.02.2011 14:30
http://www.trojaner-board.de/images/icons/icon4.gif Bitte beachten http://www.trojaner-board.de/images/icons/icon4.gif => http://www.trojaner-board.de/95173-b...es-posten.html und http://www.trojaner-board.de/69886-a...-beachten.html

T.C 1 28.02.2011 15:05


Danke für Deinen Beitrag. Wie soll ich Ihn verstehen ? Habe ich was übersehen ?

cosinus 28.02.2011 17:02
Zitat:
Danke für Deinen Beitrag. Wie soll ich Ihn verstehen ? Habe ich was übersehen ?
Kannst du lesen? Kannst du auf die Links klicken? :balla:

T.C 1 28.02.2011 18:24
Zitat:
Zitat von cosinus (Beitrag 625532)
Kannst du lesen? Kannst du auf die Links klicken? :balla:
Wen Du mir helfen willst bin ich Dir dankbar,dann nimm Dir bitte die Zeit und sag (schreib ) was Du meinst. Habe diese Prog. bis auf eins ,was ich nicht verstanden habe,ausgeführt .Es gab keine (für mich ersichtlichen )Ergebnisse.
Interpretierst Du aus meinem Namen das ich nicht lesen kann ??? Oder ist es Deine übliche Art so herablassend zu sein??
Danke für Deine Mühen .

MfG
Ayhan

cosinus 28.02.2011 20:39
Zitat:
dann nimm Dir bitte die Zeit und sag (schreib ) was Du meinst
Und du möchtest dir Zeit nehmen, die verlinkten Hinweise zu lesen.
Was soll das hier sonst werden? Soll ich den ganzen Kram nochmal abtippen, wenn alles wichtige da schon steht?? :stirn:

T.C 1 01.03.2011 16:43
OTL Logfile:
Code:
OTL logfile created on: 01.03.2011 16:08:54 - Run 2
OTL by OldTimer - Version 3.2.22.1    Folder = C:\Users\????\Desktop\MFTools
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free
10,00 Gb Paging File | 8,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454,83 Gb Total Space | 356,94 Gb Free Space | 78,48% Space Free | Partition Type: NTFS
 
Computer Name: NILGÜN-VAIO | User Name: ???? | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Nilgün\Desktop\MFTools\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Program Files (x86)\Lingoes\Translator2\Lingoes.exe (Lingoes Project)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Program Files (x86)\IncrediMail\bin\IMApp.exe (IncrediMail, Ltd.)
PRC - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Nilgün\Desktop\MFTools\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\Lingoes\Translator2\opentext2.dll ()
MOD - C:\Program Files (x86)\IncrediMail\bin\B4ImApp.dll (Babylon Ltd.)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (yksvc) -- C:\Windows\SysNative\yk62x64.dll (Marvell)
SRV:64bit: - (VUAgent) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation)
SRV:64bit: - (VSNService) -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)
SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (McShield) -- C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
SRV - (McSysmon) -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
SRV - (McProxy) -- c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (AdobeActiveFileMonitor7.0) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NETw5s64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis)
DRV:64bit: - (tdrpman251) Acronis Try&Decide and Restore Points filter (build 251) -- C:\Windows\SysNative\drivers\tdrpm251.sys (Acronis)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (oodivdh) -- C:\Windows\SysNative\drivers\oodivdh.sys (O&O Software GmbH)
DRV:64bit: - (oodivd) -- C:\Windows\SysNative\drivers\oodivd.sys (O&O Software GmbH)
DRV:64bit: - (oodisrh) -- C:\Windows\SysNative\drivers\oodisrh.sys (O&O Software GmbH)
DRV:64bit: - (oodisr) -- C:\Windows\SysNative\drivers\oodisr.sys (O&O Software GmbH)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (JMCR_CFS) -- C:\Windows\SysNative\drivers\jmcr_cfs.sys (JMicron Technology Corporation)
DRV:64bit: - (risdptsk) -- C:\Windows\SysNative\drivers\risdsn64.sys (REDC)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimssn64.sys (REDC)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (61883) -- C:\Windows\SysNative\drivers\61883.sys (Microsoft Corporation)
DRV:64bit: - (Avc) -- C:\Windows\SysNative\drivers\avc.sys (Microsoft Corporation)
DRV:64bit: - (MSDV) -- C:\Windows\SysNative\drivers\msdv.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5v64.sys (Intel Corporation)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64k.sys (Microsoft Corporation)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfesmfk) -- C:\Windows\SysNative\drivers\mfesmfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdk) -- C:\Windows\SysNative\drivers\mferkdk.sys (McAfee, Inc.)
DRV:64bit: - (MPFP) -- C:\Windows\SysNative\drivers\Mpfp.sys (McAfee, Inc.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV - (Lavasoft Kernexplorer) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {e7f88e02-0c78-48a1-86d2-82d8865de2df} - C:\Program Files (x86)\Oryte_Games_1.9\tbOry2.dll (Conduit Ltd.)
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEA&bmod=EU01
IE - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?searchsource=10&ctid=ct2476266
IE - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\..\URLSearchHook: {e7f88e02-0c78-48a1-86d2-82d8865de2df} - C:\Program Files (x86)\Oryte_Games_1.9\tbOry2.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.internetcologne.de/"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736
FF - prefs.js..extensions.enabledItems: support@predictad.com:1.11
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: testpilot@labs.mozilla.com:1.0.6
FF - prefs.js..keyword.URL: "hxxp://mystart.incredimail.com/?loc=ff_address_bar_im2_test_v2&search="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\support@predictad.com: C:\Program Files (x86)\AutocompletePro\support@predictad.com [2010.06.29 09:19:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2011.02.12 20:07:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.02.23 08:41:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.02.23 08:41:48 | 000,000,000 | ---D | M]
 
[2009.12.17 20:14:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nilgün\AppData\Roaming\mozilla\Extensions
[2011.02.28 14:53:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nilgün\AppData\Roaming\mozilla\Firefox\Profiles\yjism3e0.default\extensions
[2011.02.23 08:41:46 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Nilgün\AppData\Roaming\mozilla\Firefox\Profiles\yjism3e0.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.02.23 08:41:45 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Nilgün\AppData\Roaming\mozilla\Firefox\Profiles\yjism3e0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.02.23 08:41:46 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Nilgün\AppData\Roaming\mozilla\Firefox\Profiles\yjism3e0.default\extensions\DTToolbar@toolbarnet.com
[2011.02.23 08:41:46 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Nilgün\AppData\Roaming\mozilla\Firefox\Profiles\yjism3e0.default\extensions\personas@christopher.beard
[2011.02.26 20:26:21 | 000,000,000 | ---D | M] (Feedback) -- C:\Users\Nilgün\AppData\Roaming\mozilla\Firefox\Profiles\yjism3e0.default\extensions\testpilot@labs.mozilla.com
[2011.02.28 14:53:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.05.03 14:08:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.06.29 09:19:07 | 000,000,000 | ---D | M] ("AutocompletePro - Your handy search suggestions tool") -- C:\PROGRAM FILES (X86)\AUTOCOMPLETEPRO\SUPPORT@PREDICTAD.COM
[2011.02.12 20:07:04 | 000,000,000 | ---D | M] (PC Sync 2 Synchronisation Extension) -- C:\PROGRAM FILES (X86)\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC
File not found (No name found) -- C:\USERS\NILGüN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJISM3E0.DEFAULT\EXTENSIONS\{635ABD67-4FE9-1B23-4F01-E679FA7484C1}
File not found (No name found) -- C:\USERS\NILGüN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJISM3E0.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}
File not found (No name found) -- C:\USERS\NILGüN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJISM3E0.DEFAULT\EXTENSIONS\DTTOOLBAR@TOOLBARNET.COM
File not found (No name found) -- C:\USERS\NILGüN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJISM3E0.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD
File not found (No name found) -- C:\USERS\NILGüN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJISM3E0.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM
[2010.05.03 14:08:25 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2006.09.26 12:03:14 | 000,098,304 | ---- | M] (Zylom) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npzylomgamesplayer.dll
[2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.02.25 16:09:29 | 000,430,182 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 127.0.0.1        1-2005-search.com
O1 - Hosts: 127.0.0.1        123fporn.info
O1 - Hosts: 14806 more lines...
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - No CLSID value found.
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (Oryte Games 1.9 Toolbar) - {e7f88e02-0c78-48a1-86d2-82d8865de2df} - C:\Program Files (x86)\Oryte_Games_1.9\tbOry2.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Oryte Games 1.9 Toolbar) - {e7f88e02-0c78-48a1-86d2-82d8865de2df} - C:\Program Files (x86)\Oryte_Games_1.9\tbOry2.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\..\Toolbar\WebBrowser: (Oryte Games 1.9 Toolbar) - {E7F88E02-0C78-48A1-86D2-82D8865DE2DF} - C:\Program Files (x86)\Oryte_Games_1.9\tbOry2.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-484552633-2301324986-2533605579-1001..\Run: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKU\S-1-5-21-484552633-2301324986-2533605579-1001..\Run: [Lingoes] C:\Program Files (x86)\Lingoes\Translator2\Lingoes.exe (Lingoes Project)
O4 - HKU\S-1-5-21-484552633-2301324986-2533605579-1001..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-484552633-2301324986-2533605579-1001..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin]  File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin]  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-484552633-2301324986-2533605579-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.173.194.76 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (lsdelete) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.02.27 19:12:59 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.02.27 19:11:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011.02.27 19:11:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2011.02.27 19:03:02 | 000,000,000 | ---D | C] -- C:\Users\Nilgün\Desktop\MFTools
[2011.02.25 22:16:53 | 000,000,000 | ---D | C] -- C:\Users\Nilgün\AppData\Roaming\PCFix
[2011.02.24 11:30:28 | 000,000,000 | ---D | C] -- C:\Users\Nilgün\AppData\Roaming\Protector Suite
[2011.02.24 11:15:28 | 000,504,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll
[2011.02.24 11:15:28 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
[2011.02.24 11:00:47 | 000,000,000 | ---D | C] -- C:\Click to Disc
[2011.02.24 10:27:44 | 000,000,000 | ---D | C] -- C:\Update
[2011.02.24 09:23:37 | 000,000,000 | ---D | C] -- C:\Users\Nilgün\Mozila Fav
[2011.02.23 10:03:13 | 000,000,000 | ---D | C] -- C:\Programme\OO Software
[2011.02.23 08:55:54 | 000,000,000 | ---D | C] -- C:\Programme\PC Beschleunigen
[2011.02.23 07:42:02 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.02.23 07:42:02 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.02.23 07:42:01 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.02.23 07:42:01 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.02.22 12:55:39 | 000,000,000 | ---D | C] -- C:\Users\Nilgün\AppData\Roaming\Malwarebytes
[2011.02.22 12:52:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.02.22 12:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.02.22 12:52:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.02.22 12:52:25 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.02.22 12:52:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.02.22 10:49:46 | 000,000,000 | ---D | C] -- C:\Users\Nilgün\Prog
[2011.02.21 11:41:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011.02.21 11:41:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011.02.21 11:41:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011.02.21 09:16:38 | 000,000,000 | ---D | C] -- C:\Users\????\AppData\Roaming\QuickScan
[2011.02.18 22:20:08 | 000,000,000 | ---D | C] -- C:\Users\????\AppData\Roaming\Avira
[2011.02.18 22:16:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.02.18 22:16:27 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.02.18 22:16:27 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.02.18 22:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.02.18 21:18:12 | 000,336,896 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLMA0.DLL
[2011.02.18 21:15:24 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2011.02.18 20:16:47 | 000,573,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp50.dll
[2011.02.18 20:15:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\F-Secure
[2011.02.18 20:12:36 | 000,000,000 | ---D | C] -- C:\ProgramData\fssg
[2011.02.18 20:11:42 | 000,000,000 | ---D | C] -- C:\ProgramData\f-secure
[2011.02.17 10:46:18 | 006,952,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\NETw5s64.sys
[2011.02.17 10:46:18 | 002,747,904 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\NETw5r64.dll
[2011.02.17 10:46:18 | 000,787,456 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\NETw5c64.dll
[2011.02.17 10:45:05 | 000,592,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipcoin80.dll
[2011.02.17 10:36:11 | 000,501,536 | ---- | C] (Marvell) -- C:\Windows\SysNative\yk62x64.dll
[2011.02.17 10:36:11 | 000,402,720 | ---- | C] (Marvell) -- C:\Windows\SysNative\drivers\yk62x64.sys
[2011.02.17 10:35:15 | 000,541,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvuhda6.exe
[2011.02.17 10:35:15 | 000,084,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2011.02.17 10:35:15 | 000,062,976 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\nvapo64v.dll
[2011.02.17 10:35:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2011.02.17 10:34:20 | 000,036,616 | ---- | C] (IVT Corporation.) -- C:\Windows\SysNative\drivers\btcusb.sys
[2011.02.17 10:34:20 | 000,019,464 | ---- | C] (IVT Corporation.) -- C:\Windows\SysNative\btinstall.dll
[2011.02.17 10:32:33 | 000,132,648 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys
[2011.02.17 10:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2011.02.17 09:48:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2011.02.17 09:20:49 | 000,000,000 | ---D | C] -- C:\Users\????\AppData\Roaming\Uniblue
[2011.02.17 09:20:11 | 000,000,000 | ---D | C] -- C:\Users\?????AppData\Local\PackageAware
[2011.02.12 20:07:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PCSuite
[2011.02.12 20:07:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
[2011.02.12 20:07:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia
[2011.02.12 20:06:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2011.02.12 19:06:11 | 000,000,000 | ---D | C] -- C:\Users\????\AppData\Roaming\Apple Computer
[2011.02.12 19:06:11 | 000,000,000 | ---D | C] -- C:\Users\????\AppData\Local\Apple Computer
[2011.02.12 19:05:26 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011.02.10 07:58:01 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.02.10 07:58:00 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.02.10 07:57:59 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.02.10 07:57:59 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.02.10 07:57:59 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.02.10 07:57:59 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.02.10 07:57:59 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.02.10 07:57:59 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.02.10 07:57:59 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.02.10 07:57:59 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.02.10 07:57:59 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.02.10 07:57:59 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.02.10 07:57:51 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2011.02.10 07:57:51 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2011.02.10 07:57:50 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2011.02.10 07:57:49 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2011.02.10 07:57:49 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2011.02.10 07:57:49 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2011.02.10 07:57:49 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2011.02.10 07:57:49 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2011.02.10 07:57:48 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.02.10 07:57:46 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.02.10 07:57:46 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.02.10 07:57:42 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.02.10 07:57:42 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.02.10 07:57:42 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.02.10 07:57:39 | 005,510,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.02.10 07:57:39 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011.02.10 07:57:38 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.02.10 07:57:38 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.02.10 07:57:37 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.02.10 07:57:37 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.02.10 07:57:37 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.02.10 07:57:37 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.02.06 10:47:20 | 000,000,000 | ---D | C] -- C:\Users\?????\Neuer Ordner
 
========== Files - Modified Within 30 Days ==========
 
[2011.03.01 16:06:40 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.03.01 16:06:09 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2011.03.01 16:06:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.01 16:06:00 | 3195,318,272 | -HS- | M] () -- C:\hiberfil.sys
[2011.03.01 16:05:17 | 008,126,464 | ---- | M] () -- C:\Users????\ntuser.dat
[2011.03.01 16:05:09 | 006,240,578 | -H-- | M] () -- C:\Users\?????\AppData\Local\IconCache.db
[2011.03.01 15:31:03 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.01 15:31:03 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.01 15:30:40 | 001,512,234 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.03.01 15:30:40 | 000,659,310 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.03.01 15:30:40 | 000,620,546 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.03.01 15:30:40 | 000,131,890 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.03.01 15:30:40 | 000,108,106 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.03.01 15:28:00 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.02.27 22:03:36 | 000,524,288 | -HS- | M] () -- C:\Users\?????\ntuser.dat{e730be36-429e-11e0-ab3b-0024be3e1a50}.TMContainer00000000000000000002.regtrans-ms
[2011.02.27 22:03:36 | 000,524,288 | -HS- | M] () -- C:\Users\??????\ntuser.dat{e730be36-429e-11e0-ab3b-0024be3e1a50}.TMContainer00000000000000000001.regtrans-ms
[2011.02.27 22:03:36 | 000,065,536 | -HS- | M] () -- C:\Users\?????\ntuser.dat{e730be36-429e-11e0-ab3b-0024be3e1a50}.TM.blf
[2011.02.27 19:44:28 | 008,126,464 | ---- | M] () -- C:\Users\????\ntuser.bak
[2011.02.27 19:11:08 | 000,000,884 | ---- | M] () -- C:\Users\?????\Desktop\NTREGOPT.lnk
[2011.02.27 19:11:08 | 000,000,865 | ---- | M] () -- C:\Users\?????\Desktop\ERUNT.lnk
[2011.02.25 16:09:29 | 000,430,182 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.02.23 08:32:43 | 000,524,288 | -HS- | M] () -- C:\Users\?????\ntuser.dat{5a9c8cb4-3f19-11e0-a7fa-0024be3e1a50}.TMContainer00000000000000000002.regtrans-ms
[2011.02.23 08:32:43 | 000,524,288 | -HS- | M] () -- C:\Users\?????\ntuser.dat{5a9c8cb4-3f19-11e0-a7fa-0024be3e1a50}.TMContainer00000000000000000001.regtrans-ms
[2011.02.23 08:32:43 | 000,065,536 | -HS- | M] () -- C:\Users\?????\ntuser.dat{5a9c8cb4-3f19-11e0-a7fa-0024be3e1a50}.TM.blf
[2011.02.22 13:21:29 | 000,015,292 | ---- | M] () -- C:\Users\Public\Documents\cc_20110222_132120.reg
[2011.02.22 12:52:29 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.22 10:17:52 | 000,001,024 | ---- | M] () -- C:\Windows\SysNative\AutoPartNt.let
[2011.02.22 10:16:34 | 003,704,088 | ---- | M] (Acronis) -- C:\Windows\SysNative\AutoPartNt.exe
[2011.02.19 13:38:20 | 000,001,289 | ---- | M] () -- C:\Users\?????\Desktop\Acronis*True*Image*Home.lnk
[2011.02.18 20:21:45 | 000,042,664 | ---- | M] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2011.02.18 20:16:51 | 001,549,124 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.18 20:15:34 | 000,573,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp50.dll
[2011.02.17 22:06:09 | 000,524,288 | -HS- | M] () -- C:\Users\?????\ntuser.dat{5a7bad10-3abc-11e0-9fde-00264370aba7}.TMContainer00000000000000000002.regtrans-ms
[2011.02.17 22:06:09 | 000,524,288 | -HS- | M] () -- C:\Users\?????\ntuser.dat{5a7bad10-3abc-11e0-9fde-00264370aba7}.TMContainer00000000000000000001.regtrans-ms
[2011.02.17 22:06:09 | 000,065,536 | -HS- | M] () -- C:\Users\??????\ntuser.dat{5a7bad10-3abc-11e0-9fde-00264370aba7}.TM.blf
[2011.02.17 15:42:49 | 000,524,288 | -HS- | M] () -- C:\Users\??????\ntuser.dat{a5d8b5eb-3aa0-11e0-9191-0024be3e1a50}.TMContainer00000000000000000002.regtrans-ms
[2011.02.17 15:42:49 | 000,524,288 | -HS- | M] () -- C:\Users\?????\ntuser.dat{a5d8b5eb-
3aa0-11e0-9191-0024be3e1a50}.TMContainer00000000000000000001.regtrans-ms
[2011.02.17 15:42:49 | 000,065,536 | -HS- | M] () -- C:\Users\?????\ntuser.dat{a5d8b5eb-3aa0-11e0-9191-0024be3e1a50}.TM.blf
[2011.02.17 13:19:14 | 000,524,288 | -HS- | M] () -- C:\Users\?????\ntuser.dat{a3571dff-3a79-11e0-8fbb-00264370aba7}.TMContainer00000000000000000002.regtrans-ms
[2011.02.17 13:19:14 | 000,524,288 | -HS- | M] () -- C:\Users\?????\ntuser.dat{a3571dff-3a79-11e0-8fbb-00264370aba7}.TMContainer00000000000000000001.regtrans-ms
[2011.02.17 13:19:14 | 000,065,536 | -HS- | M] () -- C:\Users\??????\ntuser.dat{a3571dff-3a79-11e0-8fbb-00264370aba7}.TM.blf
[2011.02.17 10:46:18 | 006,952,960 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\NETw5s64.sys
[2011.02.17 10:46:18 | 002,747,904 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\NETw5r64.dll
[2011.02.17 10:46:18 | 000,787,456 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\NETw5c64.dll
[2011.02.17 10:45:05 | 000,592,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ipcoin80.dll
[2011.02.17 10:36:11 | 000,501,536 | ---- | M] (Marvell) -- C:\Windows\SysNative\yk62x64.dll
[2011.02.17 10:36:11 | 000,402,720 | ---- | M] (Marvell) -- C:\Windows\SysNative\drivers\yk62x64.sys
[2011.02.17 10:35:15 | 000,541,216 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NVUNINST.EXE
[2011.02.17 10:35:15 | 000,541,216 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvuhda6.exe
[2011.02.17 10:35:15 | 000,171,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcohda6.dll
[2011.02.17 10:35:15 | 000,084,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2011.02.17 10:35:15 | 000,062,976 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\nvapo64v.dll
[2011.02.17 10:35:15 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2011.02.17 10:35:15 | 000,001,481 | ---- | M] () -- C:\Windows\SysNative\nvhda.nvu
[2011.02.17 10:34:20 | 000,036,616 | ---- | M] (IVT Corporation.) -- C:\Windows\SysNative\drivers\btcusb.sys
[2011.02.17 10:34:20 | 000,019,464 | ---- | M] (IVT Corporation.) -- C:\Windows\SysNative\btinstall.dll
[2011.02.17 10:32:33 | 000,132,648 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys
[2011.02.17 09:33:51 | 000,524,288 | -HS- | M] () -- C:\Users\?????\ntuser.dat{6d71d8e4-3a6b-11e0-8b4d-00264370aba7}.TMContainer00000000000000000002.regtrans-ms
[2011.02.17 09:33:51 | 000,524,288 | -HS- | M] () -- C:\Users\??????\ntuser.dat{6d71d8e4-3a6b-11e0-8b4d-00264370aba7}.TMContainer00000000000000000001.regtrans-ms
[2011.02.17 09:33:51 | 000,065,536 | -HS- | M] () -- C:\Users\?????\ntuser.dat{6d71d8e4-3a6b-11e0-8b4d-00264370aba7}.TM.blf
[2011.02.13 14:02:23 | 000,050,688 | ---- | M] () -- C:\Windows\SysNative\KCDSMSNO.DLL
[2011.02.10 13:49:56 | 002,386,416 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.02.08 13:55:21 | 000,016,432 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe
 
========== Files Created - No Company Name ==========
 
[2011.02.27 19:46:00 | 000,524,288 | -HS- | C] () -- C:\Users\??????\ntuser.dat{e730be36-429e-11e0-ab3b-0024be3e1a50}.TMContainer00000000000000000002.regtrans-ms
[2011.02.27 19:46:00 | 000,524,288 | -HS- | C] () -- C:\Users\?????\ntuser.dat{e730be36-429e-11e0-ab3b-0024be3e1a50}.TMContainer00000000000000000001.regtrans-ms
[2011.02.27 19:46:00 | 000,065,536 | -HS- | C] () -- C:\Users\?????\ntuser.dat{e730be36-429e-11e0-ab3b-0024be3e1a50}.TM.blf
[2011.02.27 19:11:08 | 000,000,884 | ---- | C] () -- C:\Users\?????\Desktop\NTREGOPT.lnk
[2011.02.27 19:11:08 | 000,000,865 | ---- | C] () -- C:\Users\?????\Desktop\ERUNT.lnk
[2011.02.24 11:43:12 | 000,002,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO-Support für Übertragungen.lnk
[2011.02.24 10:29:13 | 000,001,039 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2011.02.23 08:46:56 | 006,240,578 | -H-- | C] () -- C:\Users\?????\AppData\Local\IconCache.db
[2011.02.23 08:25:33 | 000,524,288 | -HS- | C] () -- C:\Users\?????\ntuser.dat{5a9c8cb4-3f19-11e0-a7fa-0024be3e1a50}.TMContainer00000000000000000002.regtrans-ms
[2011.02.23 08:25:33 | 000,524,288 | -HS- | C] () -- C:\Users\?????\ntuser.dat{5a9c8cb4-3f19-11e0-a7fa-0024be3e1a50}.TMContainer00000000000000000001.regtrans-ms
[2011.02.23 08:25:33 | 000,065,536 | -HS- | C] () -- C:\Users\?????\ntuser.dat{5a9c8cb4-3f19-11e0-a7fa-0024be3e1a50}.TM.blf
[2011.02.22 13:21:26 | 000,015,292 | ---- | C] () -- C:\Users\Public\Documents\cc_20110222_132120.reg
[2011.02.22 12:52:29 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.19 13:38:20 | 000,001,289 | ---- | C] () -- C:\Users\?????\Desktop\Acronis*True*Image*Home.lnk
[2011.02.18 20:17:22 | 000,042,664 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2011.02.17 18:47:28 | 000,524,288 | -HS- | C] () -- C:\Users\?????\ntuser.dat{5a7bad10-3abc-11e0-9fde-00264370aba7}.TMContainer00000000000000000002.regtrans-ms
[2011.02.17 18:47:28 | 000,524,288 | -HS- | C] () -- C:\Users\??????\ntuser.dat{5a7bad10-3abc-11e0-9fde-00264370aba7}.TMContainer00000000000000000001.regtrans-ms
[2011.02.17 18:47:28 | 000,065,536 | -HS- | C] () -- C:\Users\??????\ntuser.dat{5a7bad10-3abc-11e0-9fde-00264370aba7}.TM.blf
[2011.02.17 15:37:49 | 000,524,288 | -HS- | C] () -- C:\Users\Nilgün\ntuser.dat{a5d8b5eb-3aa0-11e0-9191-0024be3e1a50}.TMContainer00000000000000000002.regtrans-ms
[2011.02.17 15:37:49 | 000,524,288 | -HS- | C] () -- C:\Users\?????\ntuser.dat{a5d8b5eb-3aa0-11e0-9191-0024be3e1a50}.TMContainer00000000000000000001.regtrans-ms
[2011.02.17 15:37:49 | 000,065,536 | -HS- | C] () -- C:\Users\?????\ntuser.dat{a5d8b5eb-3aa0-11e0-9191-0024be3e1a50}.TM.blf
[2011.02.17 11:03:56 | 000,524,288 | -HS- | C] () -- C:\Users\??????\ntuser.dat{a3571dff-3a79-11e0-8fbb-00264370aba7}.TMContainer00000000000000000002.regtrans-ms
[2011.02.17 11:03:56 | 000,524,288 | -HS- | C] () -- C:\Users\?????\ntuser.dat{a3571dff-3a79-11e0-8fbb-00264370aba7}.TMContainer00000000000000000001.regtrans-ms
[2011.02.17 11:03:56 | 000,065,536 | -HS- | C] () -- C:\Users\?????\ntuser.dat{a3571dff-3a79-11e0-8fbb-00264370aba7}.TM.blf
[2011.02.17 10:35:15 | 000,001,481 | ---- | C] () -- C:\Windows\SysNative\nvhda.nvu
[2011.02.17 09:05:44 | 000,524,288 | -HS- | C] () -- C:\Users\?????\ntuser.dat{6d71d8e4-3a6b-11e0-8b4d-00264370aba7}.TMContainer00000000000000000002.regtrans-ms
[2011.02.17 09:05:44 | 000,524,288 | -HS- | C] () -- C:\Users\?????\ntuser.dat{6d71d8e4-3a6b-11e0-8b4d-00264370aba7}.TMContainer00000000000000000001.regtrans-ms
[2011.02.17 09:05:44 | 000,065,536 | -HS- | C] () -- C:\Users\?????\ntuser.dat{6d71d8e4-3a6b-11e0-8b4d-00264370aba7}.TM.blf
[2011.02.13 14:02:23 | 000,050,688 | ---- | C] () -- C:\Windows\SysNative\KCDSMSNO.DLL
[2010.10.17 13:37:43 | 001,549,124 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.08.27 11:33:50 | 000,000,025 | ---- | C] () -- C:\Windows\CDEC66SeriesEuro.ini
[2010.07.11 08:06:25 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\unM9205.exe
[2010.07.11 08:06:25 | 000,021,201 | ---- | C] () -- C:\Windows\SysWow64\rm9205.exe
[2010.07.01 09:59:51 | 000,004,608 | ---- | C] () -- C:\Users\?????\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.02 10:31:29 | 000,000,495 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010.03.08 21:34:17 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml
[2010.02.21 03:48:22 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.01.17 14:18:32 | 000,000,127 | ---- | C] () -- C:\Users\?????\AppData\Roaming\default.rss
[2010.01.17 14:16:55 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.01.17 13:34:13 | 000,000,039 | ---- | C] () -- C:\Windows\Irremote.ini
[2010.01.14 10:01:21 | 000,000,017 | ---- | C] () -- C:\Users\?????\AppData\Local\resmon.resmoncfg
[2010.01.06 16:37:49 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Profiles
[2010.01.06 16:37:49 | 000,000,268 | RH-- | C] () -- C:\Users\?????\AppData\Roaming\Printer Icons
[2010.01.06 16:37:49 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010.01.06 16:37:49 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Resources
[2009.12.25 10:58:44 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.12.16 18:38:33 | 000,123,440 | ---- | C] () -- C:\Users\?????\AppData\Local\GDIPFONTCACHEV1.DAT
[2009.09.06 10:23:26 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2009.09.06 10:07:13 | 000,002,835 | ---- | C] () -- C:\Windows\SysWow64\McOEMAppRules.dat
[2009.08.16 09:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:35:42 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2009.07.14 03:34:57 | 000,000,510 | ---- | C] () -- C:\Windows\win.ini
[2009.07.14 03:34:57 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.05.29 14:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.05.29 14:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2007.02.05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
 
========== LOP Check ==========
 
[2010.07.11 21:19:38 | 000,000,000 | -HSD | M] -- C:\Users\?????\AppData\Roaming\.#
[2011.01.07 22:51:07 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\Acronis
[2009.12.16 19:31:04 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\BitDefender
[2010.06.16 07:52:00 | 000,000,000 | ---D | M] -- C:\Users\??????\AppData\Roaming\Canon
[2010.02.25 19:48:14 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\DAEMON Tools Lite
[2010.02.09 20:20:48 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\DAEMON Tools Pro
[2010.07.11 08:27:49 | 000,000,000 | ---D | M] -- C:\Users?????\AppData\Roaming\DriverFinder
[2010.02.26 19:38:03 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\Farm Mania
[2010.08.08 11:32:57 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\Lingoes
[2010.01.06 16:54:10 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\Nikon
[2010.06.01 11:54:08 | 000,000,000 | ---D | M] -- C:\Users?????\AppData\Roaming\Nokia
[2010.06.01 11:54:04 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\PC Suite
[2011.02.25 22:18:16 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\PCFix
[2011.02.24 11:30:28 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\Protector Suite
[2011.02.21 09:17:07 | 000,000,000 | ---D | M] -- C:\Users\??????\AppData\Roaming\QuickScan
[2010.03.27 17:18:53 | 000,000,000 | ---D | M] -- C:\Users\???????\AppData\Roaming\Spesoft Audio Converter
[2010.02.09 20:34:44 | 000,000,000 | ---D | M] -- C:\Users\??????\AppData\Roaming\TuneUp Software
[2011.02.28 18:30:09 | 000,000,000 | ---D | M] -- C:\Users\??????\AppData\Roaming\Uniblue
[2011.02.23 08:41:45 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\Win7codecs
[2010.02.26 19:37:50 | 000,000,000 | ---D | M] -- C:\Users\?????\AppData\Roaming\Zylom
[2011.02.08 09:16:30 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:456A69E6

< End of report >
--- --- ---



Hoffe das bringt was.

cosinus 01.03.2011 20:50
Da fehlen Logfiles. Nochmal sag ich es nicht, dass du die Anleitung richtig lesen und umsetzen sollst. :balla:

T.C 1 01.03.2011 21:22
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5919

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

01.03.2011 21:15:35
mbam-log-2011-03-01 (21-15-35).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 167718
Laufzeit: 3 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

T.C 1 01.03.2011 21:33
OTL Extras logfile created on: 01.03.2011 16:01:27 - Run 1
OTL by OldTimer - Version 3.2.22.1 Folder = C:\Users\?????\Desktop\MFTools
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
10,00 Gb Paging File | 8,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454,83 Gb Total Space | 356,94 Gb Free Space | 78,48% Space Free | Partition Type: NTFS

Computer Name: NILGÜN-VAIO | User Name: ????? | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series" = Canon MP560 series MP Drivers
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java(TM) 6 Update 14 (64-bit)
"{3B4D3734-1C75-40bb-8C73-D6B00ECFF5C2}" = O&O DiskImage Express
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID-Anmelde-Assistent
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{C74A84EC-7C5F-4C36-A4A6-381E516D643B}" = Microsoft IntelliPoint 7.0
"{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}" = Dolby Control Center
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Windows-Treiberpaket - Nokia Modem (10/07/2010 4.6)
"CCleaner" = CCleaner
"E5372C32E8562C76C24DBA6525002B1031495F34" = Windows-Treiberpaket - Nokia Modem (06/09/2010 7.01.0.8)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08C7A49D-2B12-46F6-8B41-26D3B0D1C01F}" = Visual Studio C++ 9.0 Runtime
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0A5F02E5-1A52-4F85-892C-A35227641C75}" = VAIO Content Metadata Intelligent Analyzing Manager
"{0F55D046-3367-4C93-A419-4D17EFDC496C}" = Malen nach Zahlen 2
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{15382D89-6EF6-4D21-9484-B500F2B10E46}" = PhotoMail Maker
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236135FC-78F2-44e7-883D-1D5671C8F4C7}" = JMicron JMB368 CF Host Controller Driver
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Einstellungen für VAIO-Inhaltsüberwachung
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216017F0}" = Java(TM) 6 Update 17
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2BE51320-174A-44EC-8041-50E35E091283}" = VAIO Content Metadata Intelligent Analyzing Manager
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{3B1168DE-1F8C-471C-AC49-0CA52F096170}" = VAIO Content Metadata Intelligent Network Service Manager
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3A1CF5-A2A0-4D80-8808-609C87FB33FE}_is1" = Bildschutz Pro 3.01
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{3F9FB449-93DB-4C47-BB5B-7334C4D1736E}" = SD Formatter
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{45D4F727-43B5-49CD-B474-B9866A8F4FB8}" = Nokia Map Loader
"{48E91AD2-2A80-4E70-98E6-450A189F6048}" = VAIO Movie Story
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{51BEF30C-58E4-490F-BA40-A2F12AB8B5F9}" = VAIO Content Metadata Manager Settings
"{51CFD8DC-5C66-42ec-9598-72E28FD62ED5}" = MusicStation
"{52210D57-0B1F-4681-90DD-8659DF4BCC40}" = Moorhuhn Remake
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{5511C07D-A83C-45AD-92B6-42DF99729A3C}" = Adobe Photoshop Elements 7.0
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57AABF73-E17F-4212-A103-13A9794F0869}" = VAIO Content Metadata XML Interface Library
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F2D882B-A663-4EB5-9851-48CC6C75FD2D}" = VAIO Content Metadata Intelligent Network Service Manager
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7395DD51-0D1A-47A7-9993-742073ECF4CE}" = VAIO Content Metadata Manager Settings
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{7A512C74-7780-43A1-93DA-29C23D0DF374}" = VAIO Content Metadata XML Interface Library
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7E8DE539-B044-48B3-BC76-4F0A089ABE2F}" = VAIO Content Metadata Intelligent Analyzing Manager
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8466123B-2CBE-4809-8FAF-94D1F76BC4FE}" = AKVIS Chameleon
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F47B673-8D71-49E3-98B6-BCF547C82F57}" = Click to Disc
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{949419DF-F4AF-4693-B60A-522B24F233C6}" = VAIO Content Metadata XML Interface Library
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{96b3347a-062c-4a89-85cd-32e7fd4ea3c3}" = Nero 9
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D912275-85FD-45F6-9AF3-388A0F8AADB2}" = VAIO Content Metadata Intelligent Network Service Manager
"{9E39EA0D-38CD-4739-9E28-DEA4A1155522}" = Sony Home Network Library
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A568DFBD-4A04-484E-86BB-165AA6C53E2B}" = VAIO Content Monitoring Settings
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Funktion Einstellungen
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.2 - Deutsch
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor



Falls das gemeint war muß ich mich wohl entschuldigen.Habe es missverstanden (es sollen keine Hijack this Log Files gepostet werden ,die Anderen sollen wohl hier rein.)

MfG
Ayhan

cosinus 01.03.2011 22:02
Zitat:
Art des Suchlaufs: Quick-Scan
Bitte routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

T.C 1 02.03.2011 19:17
Von eben mit Fund (schon entfernt):Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5934

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

02.03.2011 18:59:54
mbam-log-2011-03-02 (18-59-54).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 433623
Laufzeit: 1 Stunde(n), 23 Minute(n), 10 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\program files (x86)\win7codecs\Tools\settings32.exe (Trojan.Clicker) -> Quarantined and deleted successfully.


ältere:Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5919

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

01.03.2011 21:15:35
mbam-log-2011-03-01 (21-15-35).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 167718
Laufzeit: 3 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5919

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

01.03.2011 21:01:47
mbam-log-2011-03-01 (21-01-47).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 167648
Laufzeit: 2 Minute(n), 30 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)



Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5895

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

27.02.2011 19:54:06
mbam-log-2011-02-27 (19-54-06).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 167423
Laufzeit: 3 Minute(n), 27 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

habe auch eine log File von hijack this mit (sehr selten )funktionierendem und eine Log File mit jetzigem Internet Problem .Würden die vielleicht was bringen??
Danke

cosinus 02.03.2011 19:45
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
http://saved.im/mtm0nzyzmzd5/cofi.jpg
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

T.C 1 02.03.2011 20:20
Combofix Logfile:
Code:
ComboFix 11-03-02.01 - Nilgün 02.03.2011  20:03:34.1.2 - x64
ausgeführt von:: c:\users\Nilgün\Desktop\cofi.exe
.

((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files (x86)\AutocompletePro
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome.manifest
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\browserOverlay.xul
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\options.js
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\options.xul
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\utils.js
c:\program files (x86)\AutocompletePro\support@predictad.com\defaults\preferences\predictad.js
c:\program files (x86)\AutocompletePro\support@predictad.com\install.rdf
c:\program files (x86)\AutocompletePro\unins000.dat
c:\program files (x86)\AutocompletePro\unins000.exe
c:\users\Nilgün\AppData\Roaming\.#
c:\windows\system32\twunk_32.exe
c:\windows\SysWow64\twunk_32.exe

.
(((((((((((((((((((((((  Dateien erstellt von 2011-02-02 bis 2011-03-02  ))))))))))))))))))))))))))))))
.

2011-03-02 19:08 . 2011-03-02 19:08        --------        d-----w-        c:\users\Default\AppData\Local\temp
2011-03-01 14:18 . 2011-02-11 07:30        7947600        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{BE0F4345-DE18-45EE-9FD7-181ED0593EBD}\mpengine.dll
2011-02-27 18:11 . 2011-02-27 18:11        --------        d-----w-        c:\program files (x86)\ERUNT
2011-02-25 21:16 . 2011-02-25 21:18        --------        d-----w-        c:\users\Nilgün\AppData\Roaming\PCFix
2011-02-24 10:30 . 2011-02-24 10:30        --------        d-----w-        c:\users\Nilgün\AppData\Roaming\Protector Suite
2011-02-24 10:15 . 2010-01-25 07:37        504832        ----a-w-        c:\windows\system32\imapi2.dll
2011-02-24 10:15 . 2010-01-25 07:11        392192        ----a-w-        c:\windows\SysWow64\imapi2.dll
2011-02-24 10:00 . 2011-02-24 10:00        --------        d-----w-        C:\Click to Disc
2011-02-24 09:27 . 2011-02-24 14:11        --------        d-----w-        C:\Update
2011-02-24 08:23 . 2011-02-24 09:29        --------        d-----w-        c:\users\Nilgün\Mozila Fav
2011-02-23 10:50 . 2010-09-14 06:45        367104        ----a-w-        c:\windows\system32\wcncsvc.dll
2011-02-23 10:50 . 2010-09-14 06:07        276992        ----a-w-        c:\windows\SysWow64\wcncsvc.dll
2011-02-23 09:03 . 2011-02-23 09:03        --------        d-----w-        c:\program files\OO Software
2011-02-23 07:55 . 2011-02-23 08:06        --------        d-----w-        c:\program files\PC Beschleunigen
2011-02-23 06:42 . 2011-01-07 08:07        662528        ----a-w-        c:\windows\system32\XpsPrint.dll
2011-02-23 06:42 . 2011-01-07 07:31        442880        ----a-w-        c:\windows\SysWow64\XpsPrint.dll
2011-02-23 06:42 . 2011-01-07 08:07        475648        ----a-w-        c:\windows\system32\XpsGdiConverter.dll
2011-02-23 06:42 . 2011-01-07 07:31        288256        ----a-w-        c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-22 11:55 . 2011-02-22 11:55        --------        d-----w-        c:\users\Nilgün\AppData\Roaming\Malwarebytes
2011-02-22 11:52 . 2010-12-20 17:09        38224        ----a-w-        c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-02-22 11:52 . 2011-02-22 11:52        --------        d-----w-        c:\programdata\Malwarebytes
2011-02-22 11:52 . 2011-03-02 17:59        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2011-02-22 11:52 . 2010-12-20 17:08        24152        ----a-w-        c:\windows\system32\drivers\mbam.sys
2011-02-22 09:49 . 2011-02-24 08:28        --------        d-----w-        c:\users\Nilgün\Prog
2011-02-21 10:41 . 2011-03-01 16:20        --------        d-----w-        c:\programdata\Spybot - Search & Destroy
2011-02-21 10:41 . 2011-02-23 07:41        --------        d-----w-        c:\program files (x86)\Spybot - Search & Destroy
2011-02-21 08:16 . 2011-02-21 08:17        --------        d-----w-        c:\users\Nilgün\AppData\Roaming\QuickScan
2011-02-18 21:20 . 2011-02-18 21:20        --------        d-----w-        c:\users\Nilgün\AppData\Roaming\Avira
2011-02-18 21:16 . 2011-01-10 13:23        83120        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2011-02-18 21:16 . 2011-01-10 13:23        116568        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2011-02-18 21:16 . 2011-02-18 21:16        --------        d-----w-        c:\programdata\Avira
2011-02-18 20:18 . 2010-04-24 04:00        336896        ----a-w-        c:\windows\system32\CNMLMA0.DLL
2011-02-18 20:15 . 2009-10-10 03:17        14336        ----a-w-        c:\windows\system32\drivers\sffp_sd.sys
2011-02-18 20:15 . 2009-10-10 02:41        109056        ----a-w-        c:\windows\system32\drivers\sdbus.sys
2011-02-18 19:17 . 2011-02-18 19:21        42664        ----a-w-        c:\windows\SysWow64\drivers\fsbts.sys
2011-02-18 19:16 . 2011-02-18 19:15        573608        ----a-w-        c:\windows\SysWow64\msvcp50.dll
2011-02-18 19:15 . 2011-02-19 07:38        --------        d-----w-        c:\program files (x86)\F-Secure
2011-02-18 19:12 . 2011-02-18 19:15        --------        d-----w-        c:\programdata\fssg
2011-02-18 19:11 . 2011-02-18 19:16        --------        d-----w-        c:\programdata\f-secure
2011-02-17 09:46 . 2011-02-17 09:46        787456        ----a-w-        c:\windows\system32\NETw5c64.dll
2011-02-17 09:46 . 2011-02-17 09:46        6952960        ----a-w-        c:\windows\system32\drivers\NETw5s64.sys
2011-02-17 09:46 . 2011-02-17 09:46        2747904        ----a-w-        c:\windows\system32\NETw5r64.dll
2011-02-17 09:45 . 2011-02-17 09:45        592272        ----a-w-        c:\windows\system32\ipcoin80.dll
2011-02-17 09:36 . 2011-02-17 09:36        501536        ----a-w-        c:\windows\system32\yk62x64.dll
2011-02-17 09:36 . 2011-02-17 09:36        402720        ----a-w-        c:\windows\system32\drivers\yk62x64.sys
2011-02-17 09:35 . 2011-02-17 09:35        84512        ----a-w-        c:\windows\system32\drivers\nvhda64v.sys
2011-02-17 09:35 . 2011-02-17 09:35        62976        ----a-w-        c:\windows\system32\nvapo64v.dll
2011-02-17 09:35 . 2011-02-17 09:35        541216        ----a-w-        c:\windows\system32\nvuhda6.exe
2011-02-17 09:35 . 2011-02-17 09:35        22528        ----a-w-        c:\windows\system32\nvhdap64.dll
2011-02-17 09:34 . 2011-02-17 09:34        36616        ----a-w-        c:\windows\system32\drivers\btcusb.sys
2011-02-17 09:34 . 2011-02-17 09:34        19464        ----a-w-        c:\windows\system32\btinstall.dll
2011-02-17 09:32 . 2011-02-17 09:32        132648        ----a-w-        c:\windows\system32\drivers\btwavdt.sys
2011-02-17 09:29 . 2011-02-17 09:29        --------        d-----w-        c:\programdata\Uniblue
2011-02-17 08:20 . 2011-02-28 17:30        --------        d-----w-        c:\users\Nilgün\AppData\Roaming\Uniblue
2011-02-17 08:20 . 2011-02-17 08:20        --------        d-----w-        c:\users\Nilgün\AppData\Local\PackageAware
2011-02-13 13:02 . 2011-02-13 13:02        50688        ----a-w-        c:\windows\system32\KCDSMSNO.DLL
2011-02-12 19:07 . 2011-02-12 19:07        --------        d-----w-        c:\program files (x86)\Common Files\PCSuite
2011-02-12 19:07 . 2011-02-12 19:07        --------        d-----w-        c:\program files (x86)\Common Files\Nokia
2011-02-12 19:06 . 2011-02-12 19:06        --------        d-----w-        c:\program files (x86)\PC Connectivity Solution
2011-02-12 18:06 . 2011-02-12 18:10        --------        d-----w-        c:\users\Nilgün\AppData\Roaming\Apple Computer
2011-02-12 18:06 . 2011-02-12 18:06        --------        d-----w-        c:\users\Nilgün\AppData\Local\Apple Computer
2011-02-12 18:05 . 2011-02-12 18:05        --------        d-----w-        c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-02-10 06:58 . 2010-12-18 06:17        696592        ----a-w-        c:\program files\Internet Explorer\iexplore.exe
2011-02-10 06:58 . 2010-12-18 06:11        1013248        ----a-w-        c:\program files\Internet Explorer\iedvtool.dll
2011-02-10 06:58 . 2010-12-18 05:33        673040        ----a-w-        c:\program files (x86)\Internet Explorer\iexplore.exe
2011-02-10 06:58 . 2010-12-18 05:29        860160        ----a-w-        c:\program files (x86)\Internet Explorer\iedvtool.dll
2011-02-06 09:47 . 2011-02-06 09:47        --------        d-----w-        c:\users\Nilgün\Neuer Ordner

.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-22 09:16 . 2009-12-22 10:14        3704088        ----a-w-        c:\windows\system32\AutoPartNt.exe
2011-02-17 09:35 . 2009-08-18 02:22        171520        ----a-w-        c:\windows\system32\nvcohda6.dll
2011-02-17 09:35 . 2009-08-17 17:24        541216        ----a-w-        c:\windows\system32\NVUNINST.EXE
2011-02-08 12:55 . 2009-12-17 19:38        16432        ----a-w-        c:\windows\system32\lsdelete.exe
2011-02-02 16:11 . 2009-12-17 15:14        270720        ------w-        c:\windows\system32\MpSigStub.exe
2010-12-14 17:51 . 2010-12-14 17:51        51712        ----a-w-        c:\windows\system32\drivers\usbaapl64.sys
2010-12-14 17:51 . 2010-12-14 17:51        4184352        ----a-w-        c:\windows\system32\usbaaplrc.dll
2010-12-12 19:59 . 2010-12-12 19:59        15256        ----a-w-        c:\users\Nilgün\AppData\Roaming\Microsoft\IdentityCRL\production\ppcrlconfig.dll
2010-12-12 19:59 . 2010-12-12 19:59        15256        ----a-w-        c:\users\Nilgün\AppData\Roaming\Microsoft\IdentityCRL\production\ppcrlconfig.dll
.

((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{e7f88e02-0c78-48a1-86d2-82d8865de2df}"= "c:\program files (x86)\Oryte_Games_1.9\tbOry2.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{e7f88e02-0c78-48a1-86d2-82d8865de2df}]

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{e7f88e02-0c78-48a1-86d2-82d8865de2df}]
2010-10-18 10:26        3908192        ----a-w-        c:\program files (x86)\Oryte_Games_1.9\tbOry2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{e7f88e02-0c78-48a1-86d2-82d8865de2df}"= "c:\program files (x86)\Oryte_Games_1.9\tbOry2.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{e7f88e02-0c78-48a1-86d2-82d8865de2df}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail"="c:\program files (x86)\IncrediMail\bin\IncMail.exe" [2009-12-22 251336]
"Lingoes"="c:\program files (x86)\Lingoes\Translator2\Lingoes.exe" [2010-07-23 2252800]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-12-21 1483264]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2009-08-28 5078416]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-01-10 281768]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe"
"MarketingTools"=c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-06 133104]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-06-26 362992]
R2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-07-16 411496]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-08-03 35104]
R3 JMCR_CFS;JMCR_CFS;c:\windows\system32\DRIVERS\jmcr_cfs.sys [2009-07-31 73128]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-05 5435904]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-06-26 313840]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-07-27 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-07-27 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-07-27 427304]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-07-27 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-07-27 91432]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-12-14 51712]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-06-26 468264]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-06-26 357672]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-06-17 110888]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-04-09 1223024]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-07-06 69152]
S0 oodisr;O&O DiskImage Snapshot/Restore Driver;c:\windows\system32\DRIVERS\oodisr.sys [2009-10-24 117328]
S0 oodisrh;oodisrh;c:\windows\system32\DRIVERS\oodisrh.sys [2009-10-24 40016]
S0 oodivd;O&O DiskImage Virtual Devices Driver;c:\windows\system32\DRIVERS\oodivd.sys [2009-10-24 210512]
S0 oodivdh;oodivdh;c:\windows\system32\DRIVERS\oodivdh.sys [2009-10-24 42576]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-08-12 55856]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-09 834544]
S0 tdrpman251;Acronis Try&Decide and Restore Points filter (build 251);c:\windows\system32\DRIVERS\tdrpm251.sys [2009-12-18 1455648]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-08 169312]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2009-12-18 2326912]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-01-10 135336]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-03-01 1405384]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-07-22 642920]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2009-08-12 522240]
S2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2009-12-18 240672]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2011-02-17 6952960]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-02-17 84512]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64k.sys [2009-05-28 33160]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2009-06-11 11392]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2011-02-17 402720]

.
Inhalt des "geplante Tasks" Ordners

2011-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-06 09:06]

2011-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-06 09:06]
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-28 2314120]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-29 16335904]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-24 7938080]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-08-28 357936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com/?searchsource=10&ctid=ct2476266
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Add animation to IncrediMail Style Box
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Nilgün\AppData\Roaming\Mozilla\Firefox\Profiles\yjism3e0.default\
FF - prefs.js: browser.search.selectedEngine - MyStart Search
FF - prefs.js: browser.startup.homepage - hxxp://www.internetcologne.de/
FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar_im2_test_v2&search=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Feedback: testpilot@labs.mozilla.com - %profile%\extensions\testpilot@labs.mozilla.com
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files (x86)\Nokia\Nokia PC Suite 7\bkmrksync
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

Notify-VESWinlogon - VESWinlogon.dll
SafeBoot-mcmscsvc
SafeBoot-MCODS
WebBrowser-{E7F88E02-0C78-48A1-86D2-82D8865DE2DF} - (no file)
AddRemove-AutocompletePro3_is1 - c:\program files (x86)\AutocompletePro\unins000.exe
AddRemove-{C03434E6-C4D3-4045-95A1-31301675E404} - c:\windows\system32\unM9205.exe



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Lavasoft Kernexplorer]
"ImagePath"="\??\c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10a.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10a.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\progra~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\program files (x86)\IncrediMail\bin\IMApp.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-03-02  20:14:53 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-03-02 19:14

Vor Suchlauf: 13 Verzeichnis(se), 381.926.424.576 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 381.754.519.552 Bytes frei

- - End Of File - - 3F65FC94D762277AB768A13A925B0AE7
--- --- ---

cosinus 02.03.2011 20:49
Bitte nun Logs mit GMER und mbrcheck erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg

Anleitung zu mbrcheck:
Downloade Dir MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur wenige Sekunden.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes

T.C 1 02.03.2011 21:13
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Sony Corporation
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: Sony Corporation
System Product Name: VGN-AW41JF_H
Logical Drives Mask: 0x000000bc

Kernel Drivers (total 173):
0x02E55000 \SystemRoot\system32\ntoskrnl.exe
0x02E0C000 \SystemRoot\system32\hal.dll
0x00BAF000 \SystemRoot\system32\kdcom.dll
0x00CDE000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00D22000 \SystemRoot\system32\PSHED.dll
0x00D36000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00E2E000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00ED2000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x01041000 \SystemRoot\System32\Drivers\spsl.sys
0x01167000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x01170000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x0119F000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x011F6000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x01000000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x0100D000 \SystemRoot\system32\DRIVERS\pci.sys
0x00EE1000 \SystemRoot\System32\drivers\partmgr.sys
0x00EF6000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00EFF000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00F0B000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00F20000 \SystemRoot\System32\drivers\volmgrx.sys
0x00F7C000 \SystemRoot\System32\drivers\mountmgr.sys
0x01280000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x0139C000 \SystemRoot\system32\DRIVERS\atapi.sys
0x013A5000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x013CF000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x01200000 \SystemRoot\system32\drivers\fltmgr.sys
0x0124C000 \SystemRoot\system32\drivers\fileinfo.sys
0x01260000 \SystemRoot\system32\DRIVERS\Lbd.sys
0x013DA000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x0143F000 \SystemRoot\System32\Drivers\Ntfs.sys
0x00F96000 \SystemRoot\System32\Drivers\msrpc.sys
0x015E2000 \SystemRoot\System32\Drivers\ksecdd.sys
0x0166B000 \SystemRoot\System32\Drivers\cng.sys
0x016DE000 \SystemRoot\System32\drivers\pcw.sys
0x016EF000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x016F9000 \SystemRoot\system32\drivers\ndis.sys
0x01600000 \SystemRoot\system32\drivers\NETIO.SYS
0x01400000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01828000 \SystemRoot\system32\DRIVERS\timntr.sys
0x0190D000 \SystemRoot\system32\DRIVERS\oodisrh.sys
0x0191C000 \SystemRoot\system32\DRIVERS\oodivdh.sys
0x0192C000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x01A34000 \SystemRoot\system32\DRIVERS\tdrpm251.sys
0x01B9A000 \SystemRoot\System32\Drivers\spldr.sys
0x01BA2000 \SystemRoot\system32\DRIVERS\snapman.sys
0x01978000 \SystemRoot\System32\drivers\rdyboost.sys
0x01A00000 \SystemRoot\system32\DRIVERS\oodisr.sys
0x019B2000 \SystemRoot\system32\DRIVERS\oodivd.sys
0x01A20000 \SystemRoot\System32\Drivers\mup.sys
0x01BE1000 \SystemRoot\System32\drivers\hwpolicy.sys
0x00D94000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01BEA000 \SystemRoot\system32\DRIVERS\disk.sys
0x00DCE000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x02F73000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x02F9D000 \SystemRoot\System32\Drivers\Null.SYS
0x02FA6000 \SystemRoot\System32\Drivers\Beep.SYS
0x02FAD000 \SystemRoot\System32\drivers\vga.sys
0x02FBB000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x02FE0000 \SystemRoot\System32\drivers\watchdog.sys
0x02FF0000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x02E00000 \SystemRoot\system32\drivers\rdpencdd.sys
0x02E09000 \SystemRoot\system32\drivers\rdprefmp.sys
0x02E12000 \SystemRoot\System32\Drivers\Msfs.SYS
0x02E1D000 \SystemRoot\System32\Drivers\Npfs.SYS
0x03E02000 \SystemRoot\System32\drivers\tcpip.sys
0x0408A000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x040D4000 \SystemRoot\System32\Drivers\Mpfp.sys
0x04111000 \SystemRoot\System32\Drivers\TDI.SYS
0x0411E000 \SystemRoot\system32\DRIVERS\tdx.sys
0x0413C000 \SystemRoot\system32\DRIVERS\ipfltdrv.sys
0x0415A000 \SystemRoot\system32\drivers\afd.sys
0x04000000 \SystemRoot\System32\DRIVERS\netbt.sys
0x04045000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x0404E000 \SystemRoot\system32\DRIVERS\pacer.sys
0x04074000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x041E4000 \SystemRoot\system32\DRIVERS\netbios.sys
0x01800000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x02E2E000 \SystemRoot\system32\DRIVERS\termdd.sys
0x042C2000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x04313000 \SystemRoot\system32\drivers\nsiproxy.sys
0x0431F000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x0432A000 \SystemRoot\system32\drivers\mfehidk.sys
0x04374000 \SystemRoot\System32\drivers\discache.sys
0x04383000 \SystemRoot\System32\Drivers\dfsc.sys
0x043A1000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x043B2000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x04A75000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x0557C000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x0446B000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x0455F000 \SystemRoot\System32\drivers\dxgmms1.sys
0x045A5000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x04400000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x04456000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x045B2000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x0557E000 \SystemRoot\system32\DRIVERS\yk62x64.sys
0x05834000 \SystemRoot\system32\DRIVERS\NETw5s64.sys
0x05EE1000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x05EEE000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0x05F2C000 \SystemRoot\system32\DRIVERS\risdsn64.sys
0x05F44000 \SystemRoot\system32\DRIVERS\rimssn64.sys
0x05F62000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x05F80000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x05F8F000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x05FD8000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x05FDA000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x05FE9000 \SystemRoot\system32\DRIVERS\SFEP.sys
0x04A00000 \SystemRoot\System32\Drivers\avrcrxd4.SYS
0x05800000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x05816000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x0581B000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x045D6000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x04A45000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x05FEC000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x04200000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x055E3000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x0422F000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04250000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x05FF8000 \SystemRoot\system32\DRIVERS\swenum.sys
0x0426A000 \SystemRoot\system32\DRIVERS\ks.sys
0x045EC000 \SystemRoot\system32\DRIVERS\circlass.sys
0x042AD000 \SystemRoot\system32\DRIVERS\umbus.sys
0x062D3000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x0632D000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x08210000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x06342000 \SystemRoot\system32\drivers\portcls.sys
0x083CC000 \SystemRoot\system32\drivers\drmk.sys
0x083EE000 \SystemRoot\system32\drivers\ksthunk.sys
0x0637F000 \SystemRoot\system32\drivers\nvhda64v.sys
0x08200000 \SystemRoot\System32\Drivers\crashdmp.sys
0x02E42000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x06397000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x063AA000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x063C7000 \SystemRoot\System32\Drivers\usbvideo.sys
0x083F4000 \SystemRoot\system32\DRIVERS\ArcSoftKsUFilter.sys
0x06200000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x0620E000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x06227000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x06230000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x0623D000 \SystemRoot\system32\DRIVERS\point64k.sys
0x00060000 \SystemRoot\System32\win32k.sys
0x0624B000 \SystemRoot\System32\drivers\Dxapi.sys
0x06257000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00590000 \SystemRoot\System32\TSDDD.dll
0x00750000 \SystemRoot\System32\cdd.dll
0x00930000 \SystemRoot\System32\ATMFD.DLL
0x06265000 \SystemRoot\system32\drivers\luafv.sys
0x06288000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x062A5000 \SystemRoot\system32\drivers\WudfPf.sys
0x043D4000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x09A19000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x09A6C000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x09A7F000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x09A97000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x09AA1000 \SystemRoot\system32\drivers\HTTP.sys
0x09B69000 \SystemRoot\system32\DRIVERS\bowser.sys
0x09B87000 \SystemRoot\System32\drivers\mpsdrv.sys
0x09B9F000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x09E98000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x09EE6000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x09F09000 \SystemRoot\system32\DRIVERS\afcdp.sys
0x09F46000 \SystemRoot\system32\drivers\peauth.sys
0x09FEC000 \SystemRoot\System32\Drivers\secdrv.SYS
0x09E00000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x09E2D000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0C877000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0C8DE000 \SystemRoot\System32\DRIVERS\srv.sys
0x0C974000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x0C9A5000 \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
0x0C9AC000 \??\C:\Windows\system32\Drivers\PROCEXP113.SYS
0x76EC0000 \Windows\System32\ntdll.dll
0x47C60000 \Windows\System32\smss.exe
0xFF1E0000 \Windows\System32\apisetschema.dll

Processes (total 78):
0 System Idle Process
4 System
520 C:\Windows\System32\smss.exe
872 csrss.exe
936 C:\Windows\System32\wininit.exe
952 csrss.exe
984 C:\Windows\System32\services.exe
1008 C:\Windows\System32\lsass.exe
1016 C:\Windows\System32\lsm.exe
856 C:\Windows\System32\svchost.exe
1036 C:\Windows\System32\svchost.exe
1100 C:\Windows\System32\svchost.exe
1132 C:\Windows\System32\svchost.exe
1164 C:\Windows\System32\svchost.exe
1272 C:\Windows\System32\svchost.exe
1328 C:\Windows\System32\winlogon.exe
1416 C:\Windows\System32\svchost.exe
1440 C:\Windows\System32\svchost.exe
1620 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
1776 C:\Windows\System32\spoolsv.exe
1808 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
1832 C:\Windows\System32\svchost.exe
1932 C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
1988 C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
1368 C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
1732 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
1888 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
2040 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
1532 C:\Windows\System32\svchost.exe
2092 C:\PROGRA~2\COMMON~1\McAfee\McProxy\McProxy.exe
2224 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
2348 C:\Windows\System32\taskhost.exe
2440 C:\Windows\System32\dwm.exe
2488 C:\Windows\explorer.exe
2496 C:\Windows\System32\svchost.exe
2720 C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
2732 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
2796 C:\Windows\System32\conhost.exe
3008 C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
1584 C:\Windows\System32\taskeng.exe
2460 C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
2584 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
2780 C:\Program Files\Microsoft IntelliPoint\ipoint.exe
2924 C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2520 C:\Program Files (x86)\Lingoes\Translator2\Lingoes.exe
3064 C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
3132 C:\Program Files (x86)\IncrediMail\bin\IMApp.exe
3204 C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
3212 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
3396 dllhost.exe
3404 C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
3520 C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
3820 C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
3848 C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
3904 C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
3928 C:\Windows\System32\svchost.exe
3996 C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
4004 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
4084 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
3864 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
3856 unsecapp.exe
4192 WmiPrvSE.exe
4324 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
5064 C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
4388 C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
4420 C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
4540 C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
4576 C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
4772 C:\Windows\System32\SearchIndexer.exe
2148 WUDFHost.exe
3244 C:\Program Files\Windows Media Player\wmpnetwk.exe
5740 C:\Windows\System32\svchost.exe
1696 C:\Windows\System32\svchost.exe
5420 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
3828 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
3032 C:\Windows\System32\audiodg.exe
2536 C:\Users\Nilgün\Desktop\MBRCheck.exe
3264 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`bbd00000 (NTFS)

PhysicalDrive0 Model Number: TOSHIBAMK5055GSX, Rev: FG001A

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!

cosinus 02.03.2011 21:27
Der MBR ist ok. Läuft GMER noch?

T.C 1 03.03.2011 16:06
GMER Logfile:
Code:
GMER 1.0.15.15530 - hxxp://www.gmer.net
Rootkit scan 2011-03-03 16:03:44
Windows 6.1.7600 
Running: ll8itibt.exe


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00214fbccff2                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0024337517dd                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264370aba7                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264370aba7@0022659515b1                            0x5E 0xC2 0xE3 0x0A ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1                                                                  771343423
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2                                                                  285507792
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0                                                                  1
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                   
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                0
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x12 0x1C 0x05 0x32 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                C:\Program Files (x86)\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                         
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                    0xC5 0x05 0xC6 0xED ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                     
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0xFE 0xA6 0xED 0xF7 ...
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00214fbccff2 (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0024337517dd (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264370aba7 (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264370aba7@0022659515b1                                0x5E 0xC2 0xE3 0x0A ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)               
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                    0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                    0
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x12 0x1C 0x05 0x32 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                    C:\Program Files (x86)\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)     
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                        0xC5 0x05 0xC6 0xED ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) 
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0xFE 0xA6 0xED 0xF7 ...

---- EOF - GMER 1.0.15 ----
--- --- ---
GMER Logfile:
Code:
GMER 1.0.15.15530 - hxxp://www.gmer.net
Rootkit scan 2011-03-03 16:03:44
Windows 6.1.7600 
Running: ll8itibt.exe


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00214fbccff2                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0024337517dd                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264370aba7                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264370aba7@0022659515b1                            0x5E 0xC2 0xE3 0x0A ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1                                                                  771343423
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2                                                                  285507792
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0                                                                  1
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                   
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                0
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x12 0x1C 0x05 0x32 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                C:\Program Files (x86)\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                         
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                    0xC5 0x05 0xC6 0xED ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                     
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0xFE 0xA6 0xED 0xF7 ...
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00214fbccff2 (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0024337517dd (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264370aba7 (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264370aba7@0022659515b1                                0x5E 0xC2 0xE3 0x0A ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)               
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                    0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                    0
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x12 0x1C 0x05 0x32 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                    C:\Program Files (x86)\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)     
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                        0xC5 0x05 0xC6 0xED ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) 
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0xFE 0xA6 0xED 0xF7 ...

---- EOF - GMER 1.0.15 ----
--- --- ---
GMER Logfile:
Code:
GMER 1.0.15.15530 - hxxp://www.gmer.net
Rootkit scan 2011-03-03 16:03:44
Windows 6.1.7600 
Running: ll8itibt.exe


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00214fbccff2                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0024337517dd                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264370aba7                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264370aba7@0022659515b1                            0x5E 0xC2 0xE3 0x0A ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1                                                                  771343423
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2                                                                  285507792
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0                                                                  1
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                   
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                0
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x12 0x1C 0x05 0x32 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                C:\Program Files (x86)\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                         
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                    0xC5 0x05 0xC6 0xED ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                     
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0xFE 0xA6 0xED 0xF7 ...
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00214fbccff2 (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0024337517dd (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264370aba7 (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264370aba7@0022659515b1                                0x5E 0xC2 0xE3 0x0A ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)               
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                    0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                    0
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x12 0x1C 0x05 0x32 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                    C:\Program Files (x86)\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)     
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                        0xC5 0x05 0xC6 0xED ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) 
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0xFE 0xA6 0xED 0xF7 ...

---- EOF - GMER 1.0.15 ----
--- --- ---
GMER Logfile:
Code:
GMER 1.0.15.15530 - hxxp://www.gmer.net
Rootkit scan 2011-03-03 16:03:44
Windows 6.1.7600 
Running: ll8itibt.exe


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00214fbccff2                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0024337517dd                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264370aba7                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264370aba7@0022659515b1                            0x5E 0xC2 0xE3 0x0A ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1                                                                  771343423
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2                                                                  285507792
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0                                                                  1
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                   
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                0
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x12 0x1C 0x05 0x32 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                C:\Program Files (x86)\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                         
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                    0xC5 0x05 0xC6 0xED ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                     
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0xFE 0xA6 0xED 0xF7 ...
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00214fbccff2 (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0024337517dd (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264370aba7 (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264370aba7@0022659515b1                                0x5E 0xC2 0xE3 0x0A ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)               
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                    0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                    0
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x12 0x1C 0x05 0x32 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                    C:\Program Files (x86)\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)     
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                        0xC5 0x05 0xC6 0xED ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) 
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0xFE 0xA6 0xED 0xF7 ...

---- EOF - GMER 1.0.15 ----
--- --- ---
GMER Logfile:
Code:
GMER 1.0.15.15530 - hxxp://www.gmer.net
Rootkit scan 2011-03-03 16:03:44
Windows 6.1.7600 
Running: ll8itibt.exe


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00214fbccff2                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0024337517dd                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264370aba7                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264370aba7@0022659515b1                            0x5E 0xC2 0xE3 0x0A ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1                                                                  771343423
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2                                                                  285507792
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0                                                                  1
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                   
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                0
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x12 0x1C 0x05 0x32 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                C:\Program Files (x86)\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                         
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                    0xC5 0x05 0xC6 0xED ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                     
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0xFE 0xA6 0xED 0xF7 ...
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00214fbccff2 (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0024337517dd (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264370aba7 (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264370aba7@0022659515b1                                0x5E 0xC2 0xE3 0x0A ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)               
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                    0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                    0
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x12 0x1C 0x05 0x32 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                    C:\Program Files (x86)\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)     
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                        0xC5 0x05 0xC6 0xED ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) 
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0xFE 0xA6 0xED 0xF7 ...

---- EOF - GMER 1.0.15 ----
--- --- ---
GMER Logfile:
Code:
GMER 1.0.15.15530 - hxxp://www.gmer.net
Rootkit scan 2011-03-03 16:03:44
Windows 6.1.7600 
Running: ll8itibt.exe


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00214fbccff2                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0024337517dd                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264370aba7                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264370aba7@0022659515b1                            0x5E 0xC2 0xE3 0x0A ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1                                                                  771343423
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2                                                                  285507792
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0                                                                  1
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                   
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                0
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x12 0x1C 0x05 0x32 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                C:\Program Files (x86)\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                         
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                    0xC5 0x05 0xC6 0xED ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                     
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0xFE 0xA6 0xED 0xF7 ...
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00214fbccff2 (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0024337517dd (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264370aba7 (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264370aba7@0022659515b1                                0x5E 0xC2 0xE3 0x0A ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)               
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                    0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                    0
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x12 0x1C 0x05 0x32 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                    C:\Program Files (x86)\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)     
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                        0xC5 0x05 0xC6 0xED ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) 
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0xFE 0xA6 0xED 0xF7 ...

---- EOF - GMER 1.0.15 ----
--- --- ---
GMER Logfile:
Code:
GMER 1.0.15.15530 - hxxp://www.gmer.net
Rootkit scan 2011-03-03 16:03:44
Windows 6.1.7600 
Running: ll8itibt.exe


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00214fbccff2                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0024337517dd                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264370aba7                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264370aba7@0022659515b1                            0x5E 0xC2 0xE3 0x0A ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1                                                                  771343423
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2                                                                  285507792
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0                                                                  1
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                   
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                0
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x12 0x1C 0x05 0x32 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                C:\Program Files (x86)\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                         
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                    0xC5 0x05 0xC6 0xED ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                     
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0xFE 0xA6 0xED 0xF7 ...
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00214fbccff2 (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0024337517dd (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264370aba7 (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264370aba7@0022659515b1                                0x5E 0xC2 0xE3 0x0A ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)               
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                    0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                    0
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x12 0x1C 0x05 0x32 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                    C:\Program Files (x86)\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)     
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                        0xC5 0x05 0xC6 0xED ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) 
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0xFE 0xA6 0xED 0xF7 ...

---- EOF - GMER 1.0.15 ----
--- --- ---

cosinus 03.03.2011 16:09
Sieht ok aus, aber wieso 7x dasselbe Log? :wtf:
Noch Probleme oder andere Funde?

T.C 1 03.03.2011 16:16
Sorry ,keine Ahnung wie ich es sieben mal gepostet habe .Das besagte Problem ist immer noch vorhanden.Hoffe auf eine Lösung ohne c platt machen zu müssen.

cosinus 04.03.2011 12:31
Hast du den Router schon mal resettet bzw. mal stromlos gemacht und wieder an?
Sind noch andere Rechner in deinem Netz und ist bei denen die Internetverbindung auch so langsam?

T.C 1 04.03.2011 15:34
Router und Modem schon mehrmals vom Strom getrennt.Habe einen Rechner bei dem alles i.O. ist. Mit dem Laptop habe ich das Problem auch in anderen Netzen (bei Freunden usw.)

cosinus 04.03.2011 21:15
Ich würde erstmal versuchen rauszufinden, ob das nur unter Windows so ist, oder auch mit anderen Betriebssystemen.
Lad dir mal sowas wie Knoppix oder Ubuntu herunter, brenn die iso Datei per Imagebrennfunktion auf eine CD und boote den Rechner davon.
Teste dann mal ausgiebig die Internetverbindung unter Linux und berichte ob die Verindung dort normal schnell oder auch langsam ist.

T.C 1 04.03.2011 21:37
Habe gerade ubuntu gestaret und bin jetzt über Firefox im Netz.Im Vergleich zum Zustand mit Problem ist es eine andere Welt.War früher mal genauso wie jetzt.

cosinus 04.03.2011 21:54
Schau mal, ob du unter Windows mit diesem Tool was ändern kannst => http://www.chip.de/downloads/SG-TCP-..._31296373.html
Den oberen Schieberegler nach ganz rechts ziehen und Einstellungen übernehmen. Rechner dann neustarten und nochmal Internet testen.

T.C 1 04.03.2011 22:08
Habe ich gemacht.Keine Änderung.:killpc::killpc::killpc::killpc::killpc:

cosinus 04.03.2011 22:11
Hmm... :dummguck:
Was wurde denn am System installiert oder verändert, BEVOR das auftrat?
Schonmal den Netzwerkkartentreiber neu installiert?

T.C 1 04.03.2011 22:24
Das Letzte was ich vor dem Problem gemacht habe war ein I Phone von einem Freund am Lap Top zu entsperren un dieses Itunes installiert(wurde aber am nächsten Tag deinstalliert) . Wie und wo kann ich den Netzwerkkarten Treiber aktualisieren ?

cosinus 04.03.2011 22:26
Zitat:
Das Letzte was ich vor dem Problem gemacht habe war ein I Phone von einem Freund am Lap Top zu entsperren un dieses Itunes installiert
Das bitte mal genauer beschreiben. Hast du irgendein Programm dazu runtergeladen und ausgeführt?

T.C 1 05.03.2011 15:45
Ja ,wie gesagt zum Entsperren des besagten Handy´s muß man bei Apple das Prgramm I Tunes runterladen und Installieren.Ich glaube C wird wohl dran glauben:eek::eek::confused::confused:

T.C 1 07.03.2011 18:44
Hatt Jemand noch eine Idee :glaskugel oder muß ich das Ding morgen platt machen???:heulen:

cosinus 07.03.2011 19:03
Eine wirkliche Idee hab ich nicht. iTunes mal deinstalliert? :dummguck:

T.C 1 07.03.2011 19:12
Habe ich am gleichen Tag deinstalliert.Werde morgen Früh auf Werkseinstellung zurücksetzen:aufsmaul: Melde mich wenn alles gut gelaufen ist wieder.
Danke für Deine Mühen und Tips.

cosinus 07.03.2011 19:30
Wenn es noch nciht geholfen hat probier erstmal diesen Befehl: Start, Ausführen, das hier Eintippen und mit ok ausführen:

Code:
netsh winsock reset
Natürlich mit Adminrechten. Start den Rechner neu undteste die Verbindung nochmal.

T.C 1 07.03.2011 19:53
wieder keine Änderung. besten Dank

cosinus 07.03.2011 20:35
Sry du hast ja Win7 :o

1. Klick mit rechts auf einen freien Bereich auf dem Desktop und sag "Neu, Verknüpfung erstellen"
2. Tipp als Ziel cmd.exe ein und bestätige mit OK, eine neue Verknüpfung zur Konsole auf dem Desktop müsste sich nun befinden
3. Falls dem so ist, diese neue Verknüpfung rechtsklicken => Als Administrator ausführen => Sicherheitsabfrage ggf. bestätigen => schwarze Eingabeaufforderung öffnet sich
4. Tipp dort ein: netsh winsock reset catalog und bestätige mit enter.
5. Noch einen Befehl eintippen => netsh int ip reset reset.log (enter)
6. Rechner neustarten
7. Bescheid geben ob :) oder :killpc:

T.C 1 08.03.2011 07:42
Wenn ich auf dem Desk. rechts-neu-verknüpfung klicke erscheint nichts wo ich was als ziel eintippen kann:confused::confused:

T.C 1 08.03.2011 08:00
Habe über suchen cmd.exe gefunden und auf dem Desk. eine verknüpfung erstellt.Alles wie beschrieben ausgeführt und Neustart ausgeführt. Leider wieder ohme Erfolg

cosinus 08.03.2011 09:57
Bist du per WLAN oder per Netzwerkkabel am Router dran? Ist das ein Sony VAIO?
Probier mal von der herstellerseite neue treiber herunterzuladen und zu installieren. Evtl. bringt der neue Treiber oder die neue Treiberinstallation den Durchbruch.

T.C 1 10.03.2011 10:12
Habe C platt gemacht und neu installiert.Alles wieder i.O.
Habe nur das Problem das ich bei einigen Programmen keine Installations Cd finden kann.Hatte meine Platte mit True Image auf eine Externe Festp. geklont.Kann man eigentlich von diesem Klon einzelne Prog. zurück Installieren?
Wie gesagt ,mir fehlen ein paar Cd ´s mit Seriennummer unsw.Könnte dan auf die Installierten zurückgreifen.Falls das natürlich geht.
Danke für Deine Unterstützung

cosinus 10.03.2011 13:01
Um welche Programme gehts da genau?
Aus dem Image kann man natürlich einzelne Dateien und Ordner herausfischen, die bringen dir aber nichts, weil du zum Installieren dieser Programme die Setups brauchst.


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:09 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131