| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: WoW Account gehackt, habe ich einen Trojaner?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.07.2011, 22:49
| #1 |
| |  WoW Account gehackt, habe ich einen Trojaner? Hallo, gestern wurde mein WoW Account gehackt, da ich schon lange nicht mehr Spiele ist es mir nur durch einen Zufall aufgefallen und zwar das ich eine Email bekam das mein kostenpflichtiger Charaktertransfer abgeschlossen sei.. ich war natürlich verwundert habe mich sofort im Account eingeloggt und alle Passwörter geändert auch die von meinen Email Postfächern und sofort mit Blizzard Kontakt aufgenommen und alles geklärt.. ging alles reibungslos da ich es so "schnell" gemerkt habe. Naja jetzt habe ich meine Virenprogramme gelöscht und mir erstmal Trend Micro Titanium gekauft und noch ein paar ander Programme durchlaufen lassen, wie hier im Forum beschrieben (zB ein paar Online Scanner, die alle nichts gefunden haben) und gerade läuft noch Malewarebytes Anti-Maleware durch. Meine Frage ist jetzt, habe ich einen Trojaner? Oder wie kommen die an meine Accountdaten? Und vorallem wie merke ich ob ich einen Trojaner habe und ob der noch aktiv ist? Ich weiß nicht genau wie ich jetzt vorgehen soll und wäre über Hilfe sehr dankbar! Gruß, Timo **EDIT** Ich habe wie hier im Forum beschrieben auch Secunia PSI installiert und alles geupdatet und SUPERAntiSpyware läuft jetzt auch. Hier noch der log von MBAM: Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Datenbank Version: 7322 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 30.07.2011 00:37:25 mbam-log-2011-07-30 (00-37-15).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|) Durchsuchte Objekte: 610327 Laufzeit: 1 Stunde(n), 39 Minute(n), 41 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 1 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\Users\Timo\AppData\Roaming\updater\Defender.exe (Trojan.MSIL.ND3) -> No action taken. Geändert von MucK2011 (29.07.2011 um 23:49 Uhr) |
|
30.07.2011, 09:04
| #2 | ||
| /// Helfer-Team    | WoW Account gehackt, habe ich einen Trojaner? Hallo und Herzlich Willkommen!
__________________ Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]: Zitat:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen! 1. Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
2. Ich würde gerne noch all deine installierten Programme sehen: Lade dir das Tool Ccleaner herunter → Download installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..." wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein Zitat:
kira
__________________ |
|
30.07.2011, 12:02
| #3 |
| | WoW Account gehackt, habe ich einen Trojaner? 1.
__________________Systemscan mit OTL - OTL.txt Code:
ATTFilter OTL logfile created on: 30.07.2011 12:41:50 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = F:\Downloads\Antivirus Programme 2011\Anti Trojaner Board 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 6,17 Gb Available Physical Memory | 77,09% Memory free 16,00 Gb Paging File | 14,00 Gb Available in Paging File | 87,50% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 107,87 Gb Total Space | 35,97 Gb Free Space | 33,35% Space Free | Partition Type: NTFS Drive D: | 488,29 Gb Total Space | 236,93 Gb Free Space | 48,52% Space Free | Partition Type: NTFS Drive F: | 931,51 Gb Total Space | 189,75 Gb Free Space | 20,37% Space Free | Partition Type: NTFS Computer Name: MUCK | User Name: Timo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - F:\Downloads\Antivirus Programme 2011\Anti Trojaner Board\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Windows\SysWOW64\PnkBstrB.exe () PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Windows7FirewallControl\Windows7FirewallControl.exe (Sphinx Software) PRC - C:\Program Files (x86)\Windows7FirewallControl\Windows7FirewallService.exe (Sphinx Software) PRC - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation) PRC - C:\Windows\SysWOW64\lkads.exe (National Instruments Corporation) PRC - C:\Windows\SysWOW64\lktsrv.exe (National Instruments Corporation) PRC - C:\Windows\SysWOW64\nisvcloc.exe (National Instruments Corporation) PRC - C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe () PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe () PRC - C:\Program Files (x86)\RocketDock\RocketDock.exe () ========== Modules (SafeList) ========== MOD - F:\Downloads\Antivirus Programme 2011\Anti Trojaner Board\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com) SRV:64bit: - (Amsp) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (Trend Micro Inc.) SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (AEADIFilters) -- C:\Windows\SysNative\AEADISRV.EXE (Andrea Electronics Corporation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software) SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe () SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (Windows7FirewallService) -- C:\Program Files (x86)\Windows7FirewallControl\Windows7FirewallService.exe (Sphinx Software) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (NILM License Manager) -- C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe (Macrovision Corporation) SRV - (NIDomainService) -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation) SRV - (lkClassAds) -- C:\Windows\SysWOW64\lkads.exe (National Instruments Corporation) SRV - (lkTimeSync) -- C:\Windows\SysWOW64\lktsrv.exe (National Instruments Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (niSvcLoc) -- C:\Windows\SysWOW64\nisvcloc.exe (National Instruments Corporation) SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe () SRV - (LkCitadelServer) -- C:\Windows\SysWOW64\lkcitdl.exe (National Instruments, Inc.) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) ========== Driver Services (SafeList) ========== DRV:64bit: - (tmwfp) -- C:\Windows\SysNative\drivers\tmwfp.sys (Trend Micro Inc.) DRV:64bit: - (tmlwf) -- C:\Windows\SysNative\drivers\tmlwf.sys (Trend Micro Inc.) DRV:64bit: - (tmcomm) -- C:\Windows\SysNative\drivers\tmcomm.sys (Trend Micro Inc.) DRV:64bit: - (tmtdi) -- C:\Windows\SysNative\drivers\tmtdi.sys (Trend Micro Inc.) DRV:64bit: - (tmactmon) -- C:\Windows\SysNative\drivers\tmactmon.sys (Trend Micro Inc.) DRV:64bit: - (tmevtmgr) -- C:\Windows\SysNative\drivers\tmevtmgr.sys (Trend Micro Inc.) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (ESLWireAC) -- C:\Windows\SysNative\drivers\ESLWireACD.sys (<Turtle Entertainment>) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (mv61xx) -- C:\Windows\SysNative\drivers\mv61xx.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (PCWinSoft) -- C:\Windows\SysNative\drivers\scrcamhrdrv_x64.sys (Windows (R) Server 2003 DDK provider) DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys (Nokia) DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia) DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia) DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia) DRV:64bit: - (nmwcdnsux64) -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys (Nokia) DRV:64bit: - (nmwcdnsucx64) -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys (Nokia) DRV:64bit: - (ESLvnic1) -- C:\Windows\SysNative\drivers\ESLvnic.sys (Turtle Entertainment GmbH) DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys () DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys () DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (tap0901t) TAP-Win32 Adapter V9 (Tunngle) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (ADIHdAudAddService) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia) DRV:64bit: - (SPC530) -- C:\Windows\SysNative\drivers\SPC530.sys ( ) DRV:64bit: - (SPC530m) -- C:\Windows\SysNative\drivers\SPC530m.sys ( ) DRV:64bit: - (phaudlwr) -- C:\Windows\SysNative\drivers\phaudlwr.sys (Philips Applied Technologies) DRV:64bit: - (ENTECH64) -- C:\Windows\SysNative\drivers\Entech64.sys (EnTech Taiwan) DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys (TuneUp Software) DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D6 F1 D2 9A 56 4E CA 01 [binary data] IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "youtube.com" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..extensions.enabledItems: de-CH@dictionaries.addons.mozilla.org:2.0.2 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6 FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.2 FF - prefs.js..extensions.enabledItems: NPDyyno@dyyno.com:1.0.0.26 FF - prefs.js..extensions.enabledItems: {3EC9C995-8072-4fc0-953E-4F30620D17F3}:2.0.0.4 FF - prefs.js..extensions.enabledItems: {340c2bbc-ce74-4362-90b5-7c26312808ef}:1.7 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q=" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Timo\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Timo\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks) FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Timo\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1002170-0-npoctoshape.dll (Octoshape ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2011.07.28 16:22:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\firefoxextension\ [2011.07.28 20:52:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.07.30 01:00:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.30 01:00:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.07.30 01:00:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.30 01:00:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.07.30 01:00:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.07.30 01:00:46 | 000,000,000 | ---D | M] [2011.03.10 16:08:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Timo\AppData\Roaming\mozilla\Extensions [2011.03.10 16:08:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Timo\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011.07.29 23:16:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Timo\AppData\Roaming\mozilla\Firefox\Profiles\nqukr3fb.default\extensions [2011.07.16 13:36:33 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Timo\AppData\Roaming\mozilla\Firefox\Profiles\nqukr3fb.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011.03.12 21:02:56 | 000,000,000 | ---D | M] (Firefox Sync) -- C:\Users\Timo\AppData\Roaming\mozilla\Firefox\Profiles\nqukr3fb.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef} [2011.06.22 19:06:02 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Timo\AppData\Roaming\mozilla\Firefox\Profiles\nqukr3fb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.11.17 22:48:09 | 000,000,000 | ---D | M] (German Dictionary (Switzerland)) -- C:\Users\Timo\AppData\Roaming\mozilla\Firefox\Profiles\nqukr3fb.default\extensions\de-CH@dictionaries.addons.mozilla.org [2011.03.10 16:08:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Timo\AppData\Roaming\mozilla\Firefox\Profiles\y5yo03qj.default\extensions [2011.03.29 12:07:42 | 000,000,822 | ---- | M] () -- C:\Users\Timo\AppData\Roaming\Mozilla\Firefox\Profiles\nqukr3fb.default\searchplugins\icqplugin.xml [2011.07.30 00:58:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2010.12.23 14:00:15 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2011.07.30 00:58:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} File not found (No name found) -- [2011.07.28 16:22:01 | 000,000,000 | ---D | M] (Trend Micro Toolbar) -- C:\PROGRAM FILES\TREND MICRO\TITANIUM\UIFRAMEWORK\TOOLBAR\FIREFOXEXTENSION () (No name found) -- C:\USERS\TIMO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NQUKR3FB.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI () (No name found) -- C:\USERS\TIMO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NQUKR3FB.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\TIMO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NQUKR3FB.DEFAULT\EXTENSIONS\EXTENSION@CIUVO.COM.XPI () (No name found) -- C:\USERS\TIMO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NQUKR3FB.DEFAULT\EXTENSIONS\FINDER@MEINGUTSCHEINCODE.DE.XPI () (No name found) -- C:\USERS\TIMO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NQUKR3FB.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI [2011.06.26 17:02:34 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2009.10.19 19:59:44 | 000,047,104 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files (x86)\mozilla firefox\components\FFComm.dll [2011.07.30 00:58:38 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2008.12.10 15:49:34 | 000,023,040 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv86win32.dll [2009.10.07 17:11:28 | 000,025,088 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv90win32.dll [2010.07.12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2009.09.21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\crawlersrch.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.07.28 18:53:06 | 000,433,611 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 orbitservice.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 14914 more lines... O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Programme\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1079\TmIEPlg.dll (Trend Micro Inc.) O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Programme\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.) O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Programme\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1079\TmIEPlg32.dll (Trend Micro Inc.) O2 - BHO: (no name) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - No CLSID value found. O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Programme\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Programme\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.) O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Programme\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.) O4:64bit: - HKLM..\Run: [SoundMAX] C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.) O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.) O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.) O4 - HKLM..\Run: [Windows7FirewallControl] C:\Program Files (x86)\Windows7FirewallControl\Windows7FirewallControl.exe (Sphinx Software) O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Programme\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.) O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Programme\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1079\TmIEPlg.dll (Trend Micro Inc.) O18:64bit: - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - Reg Error: Key error. File not found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Programme\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.) O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Programme\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1079\TmIEPlg32.dll (Trend Micro Inc.) O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Programme\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.) O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Programme\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation) O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{9d2146a0-d1ec-11de-8c08-00ff01000001}\Shell - "" = AutoRun O33 - MountPoints2\{9d2146a0-d1ec-11de-8c08-00ff01000001}\Shell\AutoRun\command - "" = N:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.07.30 01:07:18 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011.07.30 01:02:37 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\SUPERAntiSpyware.com [2011.07.30 01:02:37 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2011.07.30 01:02:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2011.07.30 01:02:33 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE [2011.07.30 01:02:31 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2011.07.30 01:00:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011.07.30 01:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2011.07.30 00:58:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011.07.30 00:58:42 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.07.30 00:58:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.07.30 00:58:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.07.30 00:45:53 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Secunia PSI [2011.07.30 00:45:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia [2011.07.29 22:40:51 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Malwarebytes [2011.07.29 22:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.07.29 22:40:42 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.07.29 20:30:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2011.07.28 22:42:24 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\TVgenial [2011.07.28 22:42:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TVgenial [2011.07.28 22:42:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TVgenial [2011.07.28 22:42:02 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\updater [2011.07.28 17:14:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011.07.28 16:32:11 | 000,339,536 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmwfp.sys [2011.07.28 16:32:11 | 000,194,640 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmlwf.sys [2011.07.28 16:23:04 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security [2011.07.28 16:22:34 | 000,105,552 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmtdi.sys [2011.07.28 16:22:29 | 000,144,464 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmcomm.sys [2011.07.28 16:22:29 | 000,090,704 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmactmon.sys [2011.07.28 16:22:29 | 000,067,664 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmevtmgr.sys [2011.07.28 16:20:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro [2011.07.28 16:19:56 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2011.07.28 15:35:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Crawler [2011.07.28 13:54:28 | 000,000,000 | ---D | C] -- C:\Users\Timo\Documents\Anti-Malware [2011.07.27 19:55:59 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\CyberLink [2011.07.27 12:45:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [2011.07.27 12:45:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2011.07.27 12:45:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2011.07.27 12:44:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2011.07.27 12:43:59 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2011.07.27 12:43:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework [2011.07.27 12:43:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2011.07.27 12:43:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2011.07.27 12:42:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2011.07.27 12:42:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2011.07.27 12:42:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2011.07.27 12:42:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2011.07.27 12:41:59 | 000,000,000 | RH-D | C] -- C:\MSOCache [2011.07.26 22:59:41 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\TuneUp Software [2011.07.26 22:59:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2011 [2011.07.26 22:09:48 | 000,000,000 | ---D | C] -- C:\Users\Timo\Documents\Anno 1404 [2011.07.26 21:04:31 | 000,000,000 | ---D | C] -- C:\Users\Timo\Documents\ANNO 1404 Venedig [2011.07.18 17:25:59 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2011.07.18 17:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe [2011.07.18 17:21:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player [2011.07.15 20:10:55 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2011.07.15 20:10:26 | 006,300,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2011.07.15 20:10:26 | 003,040,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2011.07.15 20:10:26 | 002,560,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2011.07.15 20:10:26 | 000,739,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll [2011.07.15 20:10:26 | 000,117,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2011.07.15 20:10:26 | 000,061,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2011.07.15 20:10:21 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2011.07.15 20:09:59 | 022,286,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2011.07.15 20:09:59 | 018,583,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2011.07.15 20:09:59 | 016,456,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2011.07.15 20:09:59 | 015,223,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2011.07.15 20:09:59 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2011.07.15 20:09:59 | 011,992,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2011.07.15 20:09:59 | 008,863,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2011.07.15 20:09:59 | 007,123,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2011.07.15 20:09:59 | 006,555,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2011.07.15 20:09:59 | 005,301,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2011.07.15 20:09:59 | 002,943,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2011.07.15 20:09:59 | 002,804,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2011.07.15 20:09:59 | 002,644,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2011.07.15 20:09:59 | 002,335,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2011.07.15 20:09:59 | 002,212,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2011.07.15 20:09:59 | 002,082,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2011.07.15 20:09:59 | 001,496,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420150.dll [2011.07.15 20:09:59 | 001,427,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642090.dll [2011.07.15 20:09:59 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011.07.15 20:09:59 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2011.07.15 20:09:59 | 000,012,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd [2011.07.15 20:09:03 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2011.07.14 22:53:33 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Funcom [2011.07.13 11:29:05 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2011.07.13 11:29:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2011.07.13 11:29:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2011.07.13 11:29:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2011.07.13 11:29:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2011.07.13 11:29:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2011.07.13 11:29:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2011.07.13 11:29:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2011.07.13 11:29:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2011.07.13 11:29:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2011.07.13 11:29:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2011.07.13 11:29:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2011.07.13 11:29:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2011.07.13 11:29:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2011.07.13 11:29:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2011.07.13 11:29:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2011.07.13 11:29:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2011.07.13 11:29:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2011.07.13 11:29:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2011.07.13 11:28:58 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2011.07.13 11:28:58 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2011.07.13 11:28:58 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2011.07.13 11:28:58 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2011.07.13 11:28:58 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2011.07.13 11:28:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2011.07.13 11:28:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2011.07.13 11:28:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2011.07.13 11:28:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2011.07.13 11:28:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2011.07.13 11:28:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2011.07.13 11:28:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2011.07.07 17:34:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VHPD [2011.07.07 17:34:17 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smart Shutdown Manager [2011.07.06 15:15:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius Professional [2011.07.03 21:38:19 | 000,000,000 | ---D | C] -- C:\Users\Timo\Documents\Bewerbungen [2011.07.03 21:30:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock [2011.07.03 21:30:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RocketDock [2011.07.02 00:00:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari [2011.07.01 22:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Left 4 Dead 2 [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.07.30 12:43:36 | 001,567,132 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.07.30 12:43:36 | 000,679,318 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.07.30 12:43:36 | 000,638,894 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.07.30 12:43:36 | 000,139,326 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.07.30 12:43:36 | 000,114,812 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.07.30 12:42:38 | 000,020,480 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.07.30 12:42:38 | 000,020,480 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.07.30 12:37:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.07.30 12:37:30 | 2146,738,175 | -HS- | M] () -- C:\hiberfil.sys [2011.07.30 00:58:37 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011.07.30 00:58:37 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.07.30 00:58:37 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.07.30 00:58:37 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.07.29 20:30:50 | 000,403,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011.07.28 18:53:06 | 000,433,611 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011.07.28 17:39:48 | 000,436,383 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.bak [2011.07.28 17:38:01 | 000,436,383 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110728-173948.backup [2011.07.28 16:19:11 | 000,339,536 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmwfp.sys [2011.07.28 16:19:11 | 000,194,640 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmlwf.sys [2011.07.28 16:19:11 | 000,144,464 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmcomm.sys [2011.07.28 16:19:11 | 000,105,552 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmtdi.sys [2011.07.28 16:19:11 | 000,090,704 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmactmon.sys [2011.07.28 16:19:11 | 000,067,664 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmevtmgr.sys [2011.07.27 21:00:49 | 005,029,840 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.07.26 23:12:57 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat [2011.07.15 17:11:06 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2011.07.15 17:01:14 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2011.07.15 17:01:12 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2011.07.15 17:01:10 | 000,036,160 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll [2011.07.15 17:01:04 | 000,029,504 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll [2011.07.15 15:35:04 | 000,000,529 | ---- | M] () -- C:\Windows\eReg.dat [2011.07.12 20:37:42 | 000,042,287 | ---- | M] () -- C:\Users\Timo\Documents\schufa-auskunft.pdf [2011.07.06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.07.26 22:59:47 | 000,002,201 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk [2011.07.18 17:23:32 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk [2011.07.18 17:21:51 | 000,001,169 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk [2011.07.18 17:21:30 | 000,001,262 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk [2011.07.18 17:19:40 | 000,001,353 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk [2011.07.18 17:19:33 | 000,001,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk [2011.07.18 17:19:08 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2011.07.15 20:09:59 | 000,007,384 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2011.07.15 15:35:04 | 000,000,529 | ---- | C] () -- C:\Windows\eReg.dat [2011.07.12 20:37:42 | 000,042,287 | ---- | C] () -- C:\Users\Timo\Documents\schufa-auskunft.pdf [2011.06.20 10:39:49 | 000,000,092 | ---- | C] () -- C:\Users\Timo\AppData\Local\fusioncache.dat [2011.06.19 21:28:40 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat [2011.06.19 21:15:04 | 002,337,865 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.03.16 20:42:04 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe [2011.03.13 14:34:24 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.03.13 14:33:47 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.02.18 22:36:45 | 000,079,108 | ---- | C] () -- C:\ProgramData\bdinstall.bin [2011.02.13 14:51:35 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll [2011.02.13 14:51:35 | 000,014,392 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2011.02.13 14:51:33 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2011.02.13 14:51:33 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys [2010.10.12 19:30:59 | 000,064,971 | ---- | C] () -- C:\Users\Timo\AppData\Roaming\Timo3SQLite3.dll [2010.07.11 23:35:16 | 000,000,001 | ---- | C] () -- C:\Users\Timo\AppData\Local\ddinstall.bin [2010.07.09 21:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2010.06.30 01:05:16 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010.06.01 18:00:33 | 000,007,601 | ---- | C] () -- C:\Users\Timo\AppData\Local\resmon.resmoncfg [2010.05.29 13:25:13 | 000,019,456 | ---- | C] () -- C:\Users\Timo\AppData\Local\WebpageIcons.db [2010.05.23 20:04:14 | 000,008,192 | ---- | C] () -- C:\Users\Timo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.05.18 01:47:52 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010.05.08 21:11:02 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini [2010.05.08 17:25:45 | 000,000,190 | ---- | C] () -- C:\Windows\IfoEdit.INI [2010.03.15 17:38:16 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2010.03.11 16:34:06 | 000,000,025 | ---- | C] () -- C:\Users\Timo\AppData\Roaming\bdfvconp.ini [2010.03.10 22:37:05 | 000,070,740 | ---- | C] () -- C:\Windows\War3Unin.dat [2010.02.18 00:12:07 | 000,001,873 | ---- | C] () -- C:\Windows\RBSystem.ini [2010.02.18 00:12:05 | 000,397,312 | ---- | C] () -- C:\Windows\esi_kl01.dat [2010.02.18 00:12:03 | 000,655,360 | ---- | C] () -- C:\Windows\SysWow64\dslang32.dll [2010.02.18 00:12:03 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\ldf251.dll [2010.02.18 00:10:38 | 000,000,793 | ---- | C] () -- C:\Windows\ESIDATA.ini [2010.02.17 23:19:29 | 000,004,940 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe [2010.02.17 23:05:14 | 000,000,064 | ---- | C] () -- C:\Windows\sysdat.dll [2009.12.07 17:33:02 | 000,000,382 | ---- | C] () -- C:\ProgramData\Setting.dat [2009.12.07 17:33:02 | 000,000,022 | ---- | C] () -- C:\Users\Timo\AppData\Roaming\UserFlag.ini [2009.12.07 12:04:21 | 001,053,056 | ---- | C] () -- C:\Windows\SysWow64\drivers\CAMTHWDM.sys [2009.11.24 23:32:18 | 001,561,898 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009.11.13 19:33:43 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2009.11.13 19:19:53 | 000,626,688 | ---- | C] () -- C:\Windows\SysWow64\xvid.dll [2009.10.25 20:24:44 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll [2009.10.17 16:05:42 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2009.10.16 13:35:32 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2009.08.16 10:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2009.05.29 15:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2009.05.29 15:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2005.05.29 03:45:43 | 000,647,168 | ---- | C] () -- C:\Windows\SysWow64\pqdvdb.dll [2005.04.08 04:16:43 | 000,038,228 | -H-- | C] () -- C:\Users\Timo\AppData\Roaming\Timolog.dat ========== Files - Unicode (All) ========== [2011.02.24 14:59:19 | 000,000,000 | ---- | M] ()(C:\Windows\SysNative\?????) -- C:\Windows\SysNative\獷楬汢捯污 [2011.02.24 14:58:18 | 000,000,000 | ---- | C] ()(C:\Windows\SysNative\?????) -- C:\Windows\SysNative\獷楬汢捯污 ========== Alternate Data Streams ========== @Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:820563D3 < End of report > |
|
30.07.2011, 12:03
| #4 |
| | WoW Account gehackt, habe ich einen Trojaner? 1. Systemscan mit OTL - Extras.txt Code:
ATTFilter OTL Extras logfile created on: 30.07.2011 12:41:50 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = F:\Downloads\Antivirus Programme 2011\Anti Trojaner Board
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,17 Gb Available Physical Memory | 77,09% Memory free
16,00 Gb Paging File | 14,00 Gb Available in Paging File | 87,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 107,87 Gb Total Space | 35,97 Gb Free Space | 33,35% Space Free | Partition Type: NTFS
Drive D: | 488,29 Gb Total Space | 236,93 Gb Free Space | 48,52% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 189,75 Gb Free Space | 20,37% Space Free | Partition Type: NTFS
Computer Name: MUCK | User Name: Timo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Disabled:Spybot-S&D 2 Scanner Service
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Disabled:Spybot-S&D 2 Scanner Service
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{21903252-3854-48D6-8F0C-F648CFA818C9}" = NI Help Assistant (64bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4EBBC187-6988-4B10-A846-E1DBD2AD2B8D}" = NI Math Kernel Libraries (64-bit)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{65CBBF0F-F891-4F33-860C-C75E963653A2}" = NI TDMS (64-bit)
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{79E44BF5-C355-4A5D-8F9F-25F53ACF794E}" = NI VC2008MSMs x64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-1000-0000000FF1CE}_Office14.PROPLUS_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0043-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Maximum Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro™ Titanium™ Maximum Security
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CA7DAF6F-D5F4-46FD-A824-7E0B472C3211}" = NI USI 1.7.0 64-Bit
"{CCC79B52-19CF-4A50-BE60-AEE3DE96B3EA}" = NI Web Pipeline 2.0.1 64-bit support
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D0F9AD6F-2C2A-44A8-8961-F21B5356E050}" = NI Logos64 XT Support
"{D8C0E5E1-3B66-465D-8F9B-F591F5CDA726}" = NI Trace Engine (64-bit)
"{E68686D1-A5BB-467A-8DE7-A01166722607}" = NI VC2005MSMs x64
"{EC90795D-968C-4BCA-B958-27B111F3B3F6}" = NI Logos64 5.1
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"B31F51CEC37CADDD795736ABBB212C18FD2969A3" = Windows-Treiberpaket - Philips CL (phaudlwr) MEDIA (05/07/2008 1.0.5.12)
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"ESL Wire_is1" = ESL Wire 1.9.6
"F83654168F2669A249A823C6255ACB1405E1E04E" = Windows-Treiberpaket - Philips (SPC530) Image (05/21/2008 1.01.3.6650)
"FA64675F2B582DB559A1BE34C9F1F0208D44A7FE" = Windows-Treiberpaket - Philips USB (05/21/2008 1.01.3.6650)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"TeamSpeak 3 Client" = TeamSpeak 3 Client
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05046BCC-5E64-4A85-8615-D84DE4C1D865}" = NI VC2005MSMs x86
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07A99739-82EE-4537-AF2E-1607015D9992}" = NI Service Locator
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0A35B15C-9CCD-4C0C-BD5B-34ABF8C95813}_is1" = ICQ 7.5 Build #5242 Banner Remover 1.1
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0DFF0C5C-D82D-4C11-91AB-86411792D081}" = NI Uninstaller
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{0FD812C9-3BBE-4CC5-A43C-B7304E3EC581}" = NI Web Pipeline 2.0.1
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1A7B6479-D7F4-49A4-A51C-43ECF3991AD8}_is1" = Driver Genius Professional 10.0.0.761
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1B06E3AF-1CE2-4085-AE4E-DFEC369E86D3}" = NI Logos XT Support
"{1DAFF305-A88A-40AC-A882-EB2C6F53AF94}" = League of Legends
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBC283A-8B22-48FA-9DFA-6C65E34455FA}" = NI LabVIEW Real-Time NBFifo
"{200927E3-5E45-493A-9343-508613BC59CE}" = NI LabVIEW Web Services Runtime
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236A25E1-0A48-49F6-A4D9-A21D128C4F81}" = Dyyno Browser Plugins
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{2B21DEAC-4EB7-4516-8E0C-F1F3A29FF2AE}" = Gothic III - Götterdämmerung Patch
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{2E8ECB58-EE3A-452C-B57E-1B982735F0F2}" = Duden Korrektor PLUS
"{307776AF-FA52-4CBA-84DA-190E52929C35}" = NI Update Service Extras 1.0
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{37BB98BD-C6BD-4F1E-ADC6-3BAAC6CA6EAF}_is1" = Crysis 2
"{383AD0A2-FD79-4CF0-B823-C695E32BD08D}" = NI LabVIEW Run-Time Engine Web Services
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3CD5832D-13D9-4751-8B22-3A7D3F4ACA42}" = Quake Live Mozilla Plugin
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3DAA4182-08B7-45D9-8620-6B0E13018670}" = NI TDMS
"{3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1" = VSO Image Resizer 3.0.0.140
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{40AE01BE-A290-4FFB-8DAB-C624C17DC87E}" = Vegas Movie Studio HD Platinum 10.0
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{4FFBBF14-D82E-483D-8C1D-FCECAABD399E}" = NI LabWindows/CVI 9.0.1 Run-Time Engine
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{57B77060-04B4-468E-89A9-F68EEE466F57}" = NI USI 1.7.0
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5A70FCD2-C019-4723-868F-07CD6C7755FF}" = NI Logos 5.1
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{644DAD90-2083-4871-BD49-721BF8FAE295}" = NI LabVIEW Run-Time Engine 8.6.1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C520D64-E109-4A73-82A3-7808592051BC}" = NI Circuit Design Suite 11.0 Core
"{6F7D11DC-DE87-45C8-A37E-A35B724FC771}" = NI Help Assistant
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7239A06F-235B-43B1-970D-7A411FD95683}" = Nokia Software Updater
"{732A67B6-2581-4434-AE64-9A34CCF943D1}" = Jagd Simulator 2011
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{7ACFB216-29F7-4331-A5ED-2563AEB51F21}" = NI Trace Engine
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7B8CE908-BF69-4E20-9BFE-681C573879F1}" = NI LabVIEW Run-Time Engine 2009
"{7BE5AA0C-E564-430F-B297-2B01121A1C5A}" = NI LabVIEW Real-Time NBFifo
"{7E19B002-4CA3-4C9F-BA92-91D101B97219}" = James Cameron's AVATAR(tm): DAS SPIEL
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84FAE06F-A199-4991-8526-AF57A2A0D779}" = NI Circuit Design Suite 11.0 Pro
"{85DD724B-15E5-4572-81BF-CF9031D83848}" = Ventrilo Server
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8F148D1E-6B2D-4934-A7D9-248EA5AB51B1}_is1" = Hunted™ - The Demon's Forge
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{94FA9FA6-5294-494D-A8F1-1E654CBB5736}" = Epson Easy Photo Print 2
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library
"{97AAF472-E437-4C89-AAB3-FD6785315069}" = NI Circuit Design Suite 11.0 Pro Licenses
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99011A6E-5200-11DE-BDB8-7ACD56D89593}" = Rosetta Stone Version 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}" = ANNO 1404 - Venedig
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2F166A0-F031-4E27-A057-C69733219435}_is1" = Mythos
"{a6c33c02-25c4-43d0-a7d5-cffd9f623cc7}" = Nero 9
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{ABD79E99-F9E3-413B-8D18-11070754355F}" = NI Math Kernel Libraries
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.5 - Deutsch
"{AFEDF70D-8DC3-40CB-93A0-F276E64BDF9C}" = NI VC2008MSMs x86
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{BBA6DF34-EA20-4FFB-8440-1F9657643F79}" = NI MDF Support
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C0F89603-69E7-4408-8D9C-35256481D785}" = Philips SPC530NC Webcam
"{C5773953-8F33-47BD-85D7-BE719021EB3E}" = NI Update Service 1.0
"{C9894B05-06D2-4F85-86C8-6B0D011A6BA5}" = NI License Manager
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D0A858BE-A665-4C0D-BC5F-C37E534B7669}" = PC Connectivity Solution
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D76162F1-AFAC-47BE-9302-5F35491725E1}" = NI LabVIEW Run-Time Engine Interop 2009
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB2C5648-700D-4AEF-83E1-70C72F0C34FA}" = NI Math Kernel Libraries
"{DB639F99-ED74-49D4-8FFD-5B8C34C00D64}" = AutoSketch Release 9
"{DD133F7D-E484-45B7-BBB9-828FCA45BBDB}" = i@Sky Weather Information Centre
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E37CCD6C-56C1-43C7-B2FA-24A32B6B09F7}" = NI Example Finder 9.0
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E6F385C0-79A1-44F0-9C15-70D1F2C74D01}" = NI EULA Depot
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F208D986-7DBA-47A1-B2B6-29048C1C3087}" = NI MetaSuite Installer
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2
"{FE24BCDF-9231-450D-AA08-D3550B81EE41}" = NI LabVIEW Web Server for Run-Time Engine
"{FEFA778A-05D2-4D0F-80A3-7AE24B8161C0}" = NI LabVIEW Web Server for Run-Time Engine
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = The Lord of the Rings Online™ v03.03.00.8048
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"Age of Conan_is1" = Age of Conan: Hyborian Adventures
"Biet-O-Matic v2.12.5" = Biet-O-Matic v2.12.5
"Bosch Viewer" = Bosch Viewer
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Setup.divx.com" = DivX-Setup
"Dungeons and Dragons Daggerdale_is1" = Dungeons and Dragons Daggerdale
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"EPSON Scanner" = EPSON Scan
"ESI[tronic]" = ESI[tronic]
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30
"FileZilla Client" = FileZilla Client 3.3.5.1
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"GFWL_{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"HC51 9.60PL0" = HI-TECH C51-lite V9.60PL0
"HijackThis" = HijackThis 2.0.2
"HLSW_is1" = HLSW v1.3.3.8c
"hon" = Heroes of Newerth
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"JDownloader" = JDownloader
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 5.0 (x86 de)" = Mozilla Firefox 5.0 (x86 de)
"Mozilla Thunderbird (5.0)" = Mozilla Thunderbird (5.0)
"NI Uninstaller" = Software von National Instruments
"PICC 9.60PL0" = HI-TECH PICC lite V9.60PL0
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"RocketDock_is1" = RocketDock 1.3.5
"SmartToolsFalz & Lochmarken-Assistentv6.00" = SmartTools Publishing • Word Falz & Lochmarken-Assistent
"StarCraft II" = StarCraft II
"Steam App 102700" = Alliance of Valiant Arms
"Steam App 13140" = America's Army 3
"Steam App 36620" = Forsaken World
"Steam App 440" = Team Fortress 2
"Steam App 550" = Left 4 Dead 2
"SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"Tunngle beta_is1" = Tunngle beta
"TVgenial" = TVgenial 4.10
"VentriloMIX" = VentriloMIX
"VLC media player" = VLC media player 1.0.3
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"Windows7FirewallControl_is1" = Windows7FirewallControl (i386) 4.0.144.38
"WinLiveSuite_Wave3" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)
"Zattoo4" = Zattoo4 4.0.5
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"BrainGame" = Dr Kawashima
"Move Media Player" = Move Media Player
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"Octoshape Streaming Services" = Octoshape Streaming Services
"Smart Shutdown Manager" = Smart Shutdown Manager
"Warcraft III" = Warcraft III: All Products
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 31.03.2011 11:25:08 | Computer Name = MucK | Source = SideBySide | ID = 16842761
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Duden\Duden Korrektor\adxloader.dll.Manifest". Fehler in Manifest- oder Richtliniendatei
"C:\Program Files (x86)\Duden\Duden Korrektor\adxloader.dll.Manifest" in Zeile
2. Das Stammelement der Manifestdatei muss assembliert sein.
Error - 31.03.2011 11:26:22 | Computer Name = MucK | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 31.03.2011 11:27:54 | Computer Name = MucK | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 31.03.2011 11:27:54 | Computer Name = MucK | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 31.03.2011 16:28:10 | Computer Name = MucK | Source = Application Hang | ID = 1002
Description = Programm WINWORD.EXE, Version 12.0.4518.1014 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 9fc Startzeit: 01cbefe21f33c9b8 Endzeit: 20 Anwendungspfad:
C:\PROGRA~2\MICROS~1\Office12\WINWORD.EXE Berichts-ID: 631b8c2c-5bd5-11e0-b658-00ff01000001
Error - 01.04.2011 09:25:08 | Computer Name = MucK | Source = SideBySide | ID = 16842761
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Duden\Duden Korrektor\adxloader.dll.Manifest". Fehler in Manifest- oder Richtliniendatei
"C:\Program Files (x86)\Duden\Duden Korrektor\adxloader.dll.Manifest" in Zeile
2. Das Stammelement der Manifestdatei muss assembliert sein.
Error - 01.04.2011 09:26:07 | Computer Name = MucK | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 01.04.2011 09:26:44 | Computer Name = MucK | Source = SideBySide | ID = 16842761
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\smarttools\word falz & lochmarken-assistent\adxloader.dll.Manifest". Fehler
in Manifest- oder Richtliniendatei "c:\program files (x86)\smarttools\word falz
& lochmarken-assistent\adxloader.dll.Manifest" in Zeile 2. Das Stammelement der
Manifestdatei muss assembliert sein.
Error - 01.04.2011 09:27:51 | Computer Name = MucK | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 01.04.2011 09:27:51 | Computer Name = MucK | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
|
|
30.07.2011, 12:10
| #5 |
| | WoW Account gehackt, habe ich einen Trojaner? 2. Installierte Programme Code:
ATTFilter Adobe AIR Adobe Systems Inc. 30.01.2010 1.5.3.9120
Adobe Community Help Adobe Systems Incorporated 17.07.2011 3.0.0.400
Adobe Dreamweaver CS4 Adobe Systems Incorporated 03.12.2009 441MB 10.0
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 16.12.2010 6,00MB 10.1.102.64
Adobe Flash Player 11 Plugin 64-bit Adobe Systems Incorporated 28.07.2011 6,00MB 11.0.1.60
Adobe Media Player Adobe Systems Incorporated 17.07.2011 1.8
Adobe Photoshop CS5 Adobe Systems Incorporated 17.07.2011 1.727MB 12.0
Adobe Reader 9.4.5 - Deutsch Adobe Systems Incorporated 25.06.2011 204MB 9.4.5
Adobe Shockwave Player 11.6 Adobe Systems, Inc. 29.07.2011 11.6.0.626
Age of Conan: Hyborian Adventures Funcom 13.07.2011
Alliance of Valiant Arms 27.06.2011
America's Army 3 U.S. Army 25.07.2011
ANNO 1404 Ubisoft 25.07.2011 1.02.0000
ANNO 1404 - Venedig Ubisoft 25.07.2011 2.0.5008.0
Autodesk Material Library 2011 Autodesk 14.09.2010 181,4MB 2.0.0.49
Autodesk Material Library 2011 Base Image library Autodesk 14.09.2010 255MB 2.0.0.49
Autodesk Material Library 2011 Medium Image library Autodesk 14.09.2010 750MB 2.0.0.49
AutoSketch Release 9 Autodesk 26.08.2010 156,2MB 9.0.0.88
Battlefield: Bad Company™ 2 Electronic Arts 14.03.2010 5.869MB 1.0.0.0
Biet-O-Matic v2.12.5 BOM Development Team 24.10.2009 Biet-O-Matic v2.12.5
CCleaner Piriform 29.07.2011 3.09
Curse Client Curse 23.11.2010 4.0.1.104
CyberLink PowerDVD 10 CyberLink Corp. 10.05.2010 216MB 10.0.1601
Die Sims™ 3 Electronic Arts 19.11.2009 1.6.6
Die Sims™ 3 Reiseabenteuer Electronic Arts 19.11.2009 2.0.86
DivX-Setup DivX, Inc. 09.07.2010 1.0.2.23
Dr Kawashima 02.03.2010 1.0
Duden Korrektor PLUS Bibliographisches Institut GmbH 16.09.2010 821MB 7.00.0000
Dungeons and Dragons Daggerdale 01.07.2011 3.286MB
DVD Shrink 3.2 deutsch (DeCSS-frei) DVD Shrink 07.05.2010
Dyyno Browser Plugins Dyyno, Inc. 28.10.2009 0,24MB 3.0.0.0
Epson Easy Photo Print 2 SEIKO EPSON CORPORATION 11.02.2011 2.2.3.1
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) SEIKO EPSON CORPORATION 11.02.2011 1.00.0000
EPSON Scan 05.02.2011
EPSON-Drucker-Software SEIKO EPSON Corporation 05.02.2011
EPU-6 Engine 12.02.2011 1.01.10
ESL Wire 1.9.6 Turtle Entertainment GmbH 02.04.2011 62,0MB
EVEREST Ultimate Edition v5.30 Lavalys, Inc. 17.11.2009 5.30
Fable III Microsoft Game Studios 22.05.2011 1.0.0000.131
FARO LS 1.1.406.58 FARO Scanner Production 14.09.2010 21,5MB 4.6.58.2
FileZilla Client 3.3.5.1 13.01.2011 3.3.5.1
Forsaken World
Free YouTube to MP3 Converter version 3.8 DVDVideoSoft Limited. 18.10.2010 32,1MB
Futuremark SystemInfo Futuremark Corporation 17.10.2009 3.16.2.1
Grand Theft Auto IV Rockstar Games 23.05.2011 1.00.0000
Heroes of Newerth S2 Games 16.05.2010 0.9.0
HI-TECH C51-lite V9.60PL0 HI-TECH Software 09.02.2011 9.60
HI-TECH PICC lite V9.60PL0 HI-TECH Software 09.02.2011 9.60
HijackThis 2.0.2 TrendMicro 06.12.2009 2.0.2
HLSW v1.3.3.8c Timo Stripf 23.12.2010 47,0MB
Host OpenAL (ADI) 15.10.2009
Hunted™ - The Demon's Forge Bethesda Softworks 01.07.2011
i@Sky Weather Information Centre iatsky 12.07.2010 4,20MB 1.0.3
ICQ 7.5 Build #5242 Banner Remover 1.1 murb.com 11.06.2011 2,44MB
ICQ7.5 ICQ 11.06.2011 7.5
Jagd Simulator 2011 27.04.2011
James Cameron's AVATAR(tm): DAS SPIEL Ubisoft 15.02.2010 1.02.00
Java(TM) 6 Update 26 Oracle 29.07.2011 97,1MB 6.0.260
JDownloader AppWork UG (haftungsbeschränkt) 14.12.2010
Left 4 Dead 2 Valve 05.07.2011
LightScribe System Software 1.14.17.1 LightScribe 15.10.2009 21,0MB 1.14.17.1
Marvell Miniport Driver Marvell 05.07.2011 11.43.1.3
Microsoft .NET Framework 1.1 19.06.2011
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 22.06.2010 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 22.06.2010 2,94MB 4.0.30319
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 22.05.2011 31,3MB 3.5.88.0
Microsoft Games for Windows Marketplace Microsoft Corporation 22.05.2011 6,04MB 3.5.50.0
Microsoft Office Professional Plus 2010 Microsoft Corporation 26.07.2011 14.0.6029.1000
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 08.03.2010 0,25MB 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 24.11.2009 0,25MB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 14.06.2011 0,29MB 8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 08.03.2010 0,68MB 8.0.61000
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Corporation 12.04.2011 0,57MB 8.0.51011
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Corporation 24.11.2009 0,21MB 9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 24.11.2009 0,20MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Corporation 12.04.2011 0,77MB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 12.04.2011 0,58MB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 29.10.2009 0,77MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 14.09.2010 0,76MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 14.06.2011 0,77MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 05.05.2010 7,21MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 01.07.2011 0,23MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 15.10.2009 0,58MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 24.03.2010 0,58MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 14.06.2011 0,59MB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 02.07.2011 13,8MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 22.05.2011 11,0MB 10.0.30319
Microsoft WSE 3.0 Runtime Microsoft Corp. 28.10.2009 0,92MB 3.0.5305.0
Move Media Player Move Networks 13.04.2010
Mozilla Firefox 5.0 (x86 de) Mozilla 25.06.2011 34,5MB 5.0
Mozilla Thunderbird (5.0) Mozilla 09.07.2011 5.0 (de)
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 16.10.2009 1,28MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 24.11.2009 1,33MB 4.20.9876.0
Mythos Frogster Online Gaming GmbH 21.06.2011 1.562MB 2.0.17.5991
Need For Speed™ World Electronic Arts 11.01.2011 1.0.0.199
Nero 9 Nero AG 15.10.2009
Nokia Connectivity Cable Driver Nokia 30.09.2010 3,70MB 7.1.31.0
Nokia Software Updater Nokia Corporation 01.10.2010 44,4MB 02.06.001.43673
NVIDIA Grafiktreiber 275.33 NVIDIA Corporation 14.07.2011 275.33
NVIDIA PhysX-Systemsoftware 9.10.0514 NVIDIA Corporation 14.07.2011 9.10.0514
Octoshape add-in for Adobe Flash Player 22.12.2010
Octoshape Streaming Services 21.02.2010
Pando Media Booster Pando Networks Inc. 18.06.2011 5,47MB 2.3.5.4
PC Connectivity Solution Nokia 01.10.2010 19,6MB 10.35.0.0
Philips SPC530NC Webcam Philips 23.10.2010 1.00.000
PowerISO PowerISO Computing, Inc. 10.05.2010 4.7
PunkBuster Services Even Balance, Inc. 18.06.2011 0.986
Quake Live Mozilla Plugin id Software 25.01.2011 2,94MB 1.0.401
QuickTime Apple Inc. 29.07.2011 73,7MB 7.69.80.9
RocketDock 1.3.5 Punk Software 02.07.2011
Rosetta Stone Version 3 Rosetta Stone Ltd. 18.05.2010 120,4MB 3.4.5.0
Skype Toolbars Skype Technologies S.A. 22.12.2010 7,08MB 5.0.4137
Skype™ 5.0 Skype Technologies S.A. 22.12.2010 21,4MB 5.0.156
Smart Shutdown Manager 06.07.2011
SmartTools Publishing • Word Falz & Lochmarken-Assistent SmartTools Publishing 30.03.2011 v6.00
Software von National Instruments National Instruments 09.02.2011
SoundMAX Analog Devices 15.10.2009 6.10.2.6585
StarCraft II Blizzard Entertainment 27.07.2011 1.3.5.19132
Steam Valve Corporation 20.06.2011 35,5MB 1.0.0.0
SUPER © Version 2009.bld.36 (June 10, 2009) eRightSoft 12.11.2009 Version 2009.bld.36 (June 10, 2009)
SUPERAntiSpyware SUPERAntiSpyware.com 29.07.2011 62,3MB 4.56.1000
Team Fortress 2 Valve 27.06.2011
TeamSpeak 2 RC2 Dominating Bytes Design 15.10.2009 2.0.32.60
TeamSpeak 3 Client TeamSpeak Systems GmbH 01.12.2010
The Lord of the Rings Online™ v03.03.00.8048 Turbine, Inc. 19.06.2011 03.03.00.8048
The Witcher 2 CD Projekt Red 20.05.2011 1.00.0000
Tom Clancy's Rainbow Six Vegas 2 Ubisoft 18.06.2011 1.03
Trend Micro Titanium Maximum Security Trend Micro Inc. 27.07.2011 210MB 3.1.1109
TuneUp Utilities 2011 TuneUp Software 25.07.2011 10.0.4310.8
Tunngle beta Tunngle.net GmbH 18.06.2011
TVgenial 4.10 27.07.2011
Ubisoft Game Launcher UBISOFT 04.04.2010 1.0.0.0
Vegas Movie Studio HD Platinum 10.0 Sony 11.09.2010 282MB 10.0.179
Ventrilo Client for Windows x64 Flagship Industries, Inc. 07.05.2010 5,09MB 3.0.5.0
Ventrilo Server Flagship Industries, Inc. 24.04.2010 0,42MB 2.3.1
VentriloMIX 24.04.2010
VLC media player 1.0.3 VideoLAN Team 20.01.2010 1.0.3
VSO Image Resizer 3.0.0.140 VSO-Software 06.12.2009 3.0.0.140
Warcraft III 09.03.2010
Warcraft III: All Products 09.03.2010
Win7codecs Shark007 22.05.2010 66,8MB 2.5.1
Winamp Nullsoft, Inc 29.08.2010 5.581
Winamp Erkennungs-Plug-in Nullsoft, Inc 29.08.2010 75,00KB 1.0.0.1
Windows Live Essentials Microsoft Corporation 23.11.2009 14.0.8089.0726
Windows Live ID Sign-in Assistant Microsoft Corporation 15.11.2010 10,0MB 6.500.3165.0
Windows Live-Uploadtool Microsoft Corporation 23.11.2009 0,22MB 14.0.8014.1029
Windows Media Player Firefox Plugin Microsoft Corp 06.06.2010 0,29MB 1.0.0.8
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) Nokia 30.09.2010 08/22/2008 7.0.0.0
Windows-Treiberpaket - Philips (SPC530) Image (05/21/2008 1.01.3.6650) Philips 23.10.2010 05/21/2008 1.01.3.6650
Windows-Treiberpaket - Philips CL (phaudlwr) MEDIA (05/07/2008 1.0.5.12) Philips CL 06.07.2010 05/07/2008 1.0.5.12
Windows-Treiberpaket - Philips USB (05/21/2008 1.01.3.6650) Philips 06.07.2010 05/21/2008 1.01.3.6650
Windows7FirewallControl (i386) 4.0.144.38 Sphinx Software 22.02.2011 4.0.144.38
World of Warcraft Blizzard Entertainment 30.06.2011 4.2.0.14333
Xfire (remove only) 22.05.2010
Zattoo4 4.0.5 Zattoo Inc. 28.05.2010 4.0.5
|
|
30.07.2011, 22:32
| #6 |
| /// Helfer-Team | WoW Account gehackt, habe ich einen Trojaner? 1. Fixen mit OTL
Code:
ATTFilter :OTL
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
[2009.09.21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\crawlersrch.xml
O2 - BHO: (no name) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9d2146a0-d1ec-11de-8c08-00ff01000001}\Shell - "" = AutoRun
O33 - MountPoints2\{9d2146a0-d1ec-11de-8c08-00ff01000001}\Shell\AutoRun\command - "" = N:\autorun.exe
[2011.07.28 15:35:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Crawler
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:820563D3
:Commands
[purity]
[emptytemp]
2. reinige dein System mit Ccleaner:
3. - "Link:-> ESET Online Scanner >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<< Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen. Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung -> Führe dann einen Komplett-Systemcheck mit Eset/Nod32 durch - folgendes bitte anhaken > "Remove found threads" und "Scan archives" - die Scanergebnis als *.txt Dateien speichern) - meistens "C:\Programme\Eset\EsetOnlineScanner\log.txt" Vor dem Scan Einstellungen im Internet Explorer: - "Extras→ Internetoptionen→ Sicherheit": - alles auf Standardstufe stellen - Active X erlauben - um den Scan zu starten: wenn du danach gefragt wirst (den Text in der Informationsleiste ) - ActiveX-Steuerelement installieren lassen 4. erneut einen Scan mit OTL:
__________________ --> WoW Account gehackt, habe ich einen Trojaner? |
|
| Themen zu WoW Account gehackt, habe ich einen Trojaner? |
| aktiv, daten, email, forum, frage, gehackt, gekauft, gelöscht, geändert, micro, nicht mehr, nichts, online, passwörter, postfächern, programme, scan, scanner, schnell, secunia psi, spiele, trend, trojan.msil.nd3, trojaner, trojaner?, wow account |
.
Linear-Darstellung
