| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: ich habe den ICQ-VirusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.06.2010, 17:43
| #1 |
| |  ich habe den ICQ-Virus Hallo, ich hab mir den Icq-virus eingefangen & ich weiß nicht wie ich ihn wieder losbekomme. kann mir jemand helfen? mfg julia |
|
10.06.2010, 21:20
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | ich habe den ICQ-Virus Hallo und
__________________ bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
11.06.2010, 14:43
| #3 |
| | ich habe den ICQ-Virus OTL EXTRAS Logfile:
__________________Code:
ATTFilter OTL Extras logfile created on: 11.06.2010 15:30:35 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Julia\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,77 Gb Total Space | 5,62 Gb Free Space | 8,05% Space Free | Partition Type: NTFS
Drive D: | 69,52 Gb Total Space | 51,12 Gb Free Space | 73,54% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JULIA-HOME
Current User Name: Julia
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0 -- ()
"InternetSettingsDisableNotify" = 0 -- ()
"AutoUpdateDisableNotify" = 0 -- ()
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0 -- ()
"AntiSpywareOverride" = 0 -- ()
"FirewallOverride" = 0 -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0 -- ()
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0 -- ()
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0 -- ()
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\fotobuch.de AG\Designer 2.0\Designer.exe" = C:\Program Files\fotobuch.de AG\Designer 2.0\Designer.exe:*:Designer.exe -- File not found
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0602F28C-F203-4194-8BFB-C1AE0A8B4D44}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{07D93EF9-FA1D-48F3-A662-D0C551EC01E2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0BC3D5C4-80B3-47D3-B8E6-13A1B29BBEB2}" = rport=139 | protocol=6 | dir=out | app=system |
"{176354AC-0591-4F4F-AE39-315E7A038287}" = lport=138 | protocol=17 | dir=in | app=system |
"{289B1FEB-9E48-41D0-B740-DD5F8247A4D7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2A636677-52A0-4F90-8FA2-6E1832520A4A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2F63B287-54A0-4B31-BC13-D488F91D804B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{36B1BBBC-3FA4-4C8E-B453-6B5B0493CE4E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{4B4BB51D-A51A-4DEB-9FF4-CAABCE8BCA6B}" = lport=137 | protocol=17 | dir=in | app=system |
"{4EA19635-5532-4776-A66D-59C38DA86AAF}" = rport=445 | protocol=6 | dir=out | app=system |
"{6E780EA6-DC3D-4A8D-B7BE-16C2121BDAA8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{70A53153-0644-485C-AA75-3DB0CBC16EB2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7ACFF061-624A-4D99-9065-AB536965329D}" = lport=445 | protocol=6 | dir=in | app=system |
"{839F8DB1-DBB9-4EEB-90AC-B0590CF13463}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{887BA9DF-E115-4E8F-9C6F-ADB255415AE2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8F37165A-369E-45D8-8320-0389766D896B}" = lport=139 | protocol=6 | dir=in | app=system |
"{926B7149-BDC8-4192-A8F6-6C38903CE067}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A2AB894F-2AE3-42A2-B88C-B206764CF702}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BF83B286-97E6-417F-BC63-79763941FEEC}" = rport=137 | protocol=17 | dir=out | app=system |
"{C1C03671-8749-4691-9636-0DB1D245670F}" = rport=138 | protocol=17 | dir=out | app=system |
"{D4A9BEC3-E7E0-464F-9817-3C10272DA5A1}" = lport=10243 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00CF1D9C-62C9-4272-97A8-B22D7B90EC7F}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{01A91341-1583-4993-999E-AA187F019139}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0E7404BC-82D3-44BA-97D0-C2C4F802073E}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{1886FEA2-D083-4853-B24A-BDFEDC4551BB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{20A87C19-4C7D-45EC-AA1D-A4BCACAFCBC5}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{260B5341-1830-4B87-9ACD-4B40D6A75231}" = protocol=6 | dir=out | app=system |
"{26122130-B5C0-440D-A7C7-F064D0C3FDAB}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{2BBBBA9E-A6EA-4028-8CDC-D8149F617319}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{2CF660F9-043D-4D44-AAA9-CC8BFFA73B08}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\playmovie.exe |
"{2FE687CD-69B4-4000-9C49-A375970046B5}" = dir=in | app=c:\program files\acer arcade deluxe\dvdivine\dvdivine.exe |
"{374A9A80-8424-4E97-BA38-80B8485E4FA0}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{47B60C99-CD57-4D15-B032-32C2DEB185B2}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\pmvservice.exe |
"{4A063829-9864-4250-90FB-D03B196307D5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{56C75B83-630D-4A34-B229-C5A031B34093}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6E48BCEF-0A7C-4EAC-8F9D-8FFC7B2E8C9A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{78738716-5FEE-4276-A892-53117EBE7A9F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{87BFA719-F2D7-43B6-BF2A-159AF1CF7283}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8A8FFA2B-2378-4B33-B107-74CFCECECE02}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8E7A26BC-4E72-453F-A543-9AAFEC11D844}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{95A42002-EC4B-4023-A653-D32B5A0831FF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{975AFC61-FE68-4CF6-A65A-564A9F5D9D35}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{9ABF3027-2CFA-4824-8121-28DDCF0AF8CB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9F8F4367-ED82-4C10-8E18-329FFEA0EDBA}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{A0E0D9ED-FDDA-449E-87CA-C4864C343C4F}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{A81052FD-C9EE-4479-9457-4A27CF3C731F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A9A89D73-24CF-459E-8FC6-A7DEABB9B5D5}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{AC1C30D1-9E32-418A-9020-946BEAE24E4B}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{C953C160-D1E1-40F6-9B5F-63F435EDF951}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{C9A6E4AE-1C25-469A-883C-F31DAAA87F27}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D3B8284D-42DF-4B36-969D-54DF81218438}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D974DD32-2CFE-4153-AB63-A79ECD2BCDAE}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{E0E15590-6A38-461F-BA54-930C47CD9B0C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E13DAC76-9080-488E-B14A-A09E8C7C96A0}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{E1CD9F7E-D5A5-4655-BB03-4FA1D04048A0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E2061A89-8B2B-4C34-A0F5-85D6D996A2B4}" = dir=in | app=c:\program files\acer arcade deluxe\dv wizard\dv wizard.exe |
"{E76074DF-3EC7-4C1A-B3F6-FA04A497620D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F56A074B-A43B-4EAA-A4E1-28CD8197A223}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{FB05615A-3F6C-48B2-912A-FECB096B4D62}" = dir=in | app=c:\program files\acer arcade deluxe\videomagician\videomagician.exe |
"{FC35AC74-8D24-478F-A74F-18AFA8C771BB}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"TCP Query User{5E470293-36AE-4C98-9BA9-348E2942B63C}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{93E2721A-B0D3-4B28-9E6B-81D56BE98BD2}C:\program files\icq7.0\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"TCP Query User{A66E222B-C5CF-4B44-AB87-8573773D3E66}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{AF8E29D3-A82F-4467-B046-05CD4A05E1EB}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{93280175-E90C-41A0-A33B-EE3E1ED85C08}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{A418CA4F-3206-4F66-8B08-A09545AF5CCE}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{B6A2D2C2-B5B5-4519-B537-97E147B1BF70}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{BD64CF19-2498-429B-B560-4B05D9ECFC48}C:\program files\icq7.0\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06EA4395-0EB6-4CEB-88D3-4AA320F8F6EA}" = Zlango Pic-Talk Setup
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08021248-88B6-E67B-CFD0-7B2C690CF37F}" = Catalyst Control Center Localization Russian
"{0ABBC013-7CF3-FEAE-8851-A4A290DC3D93}" = Catalyst Control Center Localization Norwegian
"{0E290898-A92A-682B-84BC-791E4B51D39E}" = Catalyst Control Center Localization Finnish
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{196654EB-009F-6E50-7BAB-CE60C89AE403}" = ccc-core-static
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2758691A-2CDE-4942-A4AC-0E8F61FE2067}" = USB Video Device Driver
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2A5050FE-B629-D35A-38F3-89B353477674}" = Catalyst Control Center Localization Spanish
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32D4851C-399A-4C02-A961-6A56178004B9}" = Hama Webcam Suite
"{34ED728D-ECE5-4A0D-9963-B54B318D0932}" = ccc-Branding
"{3838E2BF-91E8-730A-9C1C-4D73A9A08A91}" = Catalyst Control Center Graphics Light
"{3DB8A7B1-2EEB-56AF-A877-5742D2B18BEC}" = Catalyst Control Center Localization Dutch
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{429CEC54-6DE7-C63D-EB89-518AAB6F0E35}" = Catalyst Control Center Localization Korean
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D4C8490-9048-4E2C-AF1B-3866D6BC9EC8}" = WEB.DE Firefox Paket
"{4E55CE14-FC19-0D1F-E603-9CB92DBD9E7E}" = Catalyst Control Center Localization Italian
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{5204EE13-A206-ED46-8AD6-5102491DE3B6}" = Catalyst Control Center Localization Portuguese
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{54ADF8E0-E14A-6C4E-9D60-51637D6576BE}" = Catalyst Control Center Localization Czech
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5D95AD35-368F-47D5-B63A-A082DDF00116}" = Microsoft Foto 2006 Standard Edition Editor
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62355C0D-A1AC-0C50-582A-83F08692D1A4}" = Catalyst Control Center Localization Danish
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{691F4068-81BF-49E3-B32E-FE3E16400112}" = Microsoft Foto 2006 Standard Edition Bibliothek
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A904BEA-D1B5-3077-E82D-239262DCE266}" = Catalyst Control Center Localization Thai
"{6CF2361C-E085-E644-9503-D2755C98D1B7}" = Catalyst Control Center Localization German
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7A2E65F0-FCD3-50F7-CD3A-D17E01D9B22D}" = Catalyst Control Center Localization Japanese
"{7CD88B0E-CC14-20C4-AAD7-310883457848}" = ccc-utility
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{802E72D3-BAD8-44A6-B51C-7E911144A870}" = Hama WEBCAM E110
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111473353}" = Dynasty
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{86D6A20D-3910-4441-A3E5-EB6977251C86}" = Samsung USB Driver
"{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}" = SweetIM Toolbar for Internet Explorer 3.4
"{8DAE66B9-3D2C-870A-AC1F-D98D56B2E48D}" = Catalyst Control Center Localization Chinese Standard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90F1DDBF-0C56-44B0-A920-72CC90C51565}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B850277-4198-1D44-B7BD-CA8D4DCEE620}" = Catalyst Control Center Localization Polish
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{9FDBB8DB-753F-6482-DB5E-2B7DA5577053}" = Catalyst Control Center Localization Chinese Traditional
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6B90148-02C5-4fd3-8D7A-EF2386835CB9}" = F4100_Help
"{A6C265BE-E2C1-483e-843D-6B4C1E912AE0}" = F4100
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AEA296D6-0F45-5B8E-FA16-6D553D5E6149}" = Catalyst Control Center Core Implementation
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B4509BCE-7BAD-4a8c-B1AE-4D0CE7467C42}" = F4100_doccd
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{BFC7B8B9-37A3-F118-8929-8D6C0E52E9B2}" = Catalyst Control Center Localization Hungarian
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C28512D7-66A1-2EF6-94F3-6A458BD76419}" = Catalyst Control Center Localization Greek
"{C99B5FE7-A85C-77A6-64BD-644358B01A45}" = Catalyst Control Center Localization Turkish
"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE28E6F5-4A03-4DED-B954-D0779B47FFBF}" = Works Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{CE992AB2-28A0-4A92-01B8-970606F7B2A4}" = Catalyst Control Center Localization French
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D8FC2439-A2CA-6EEC-523D-8470C7967533}" = Catalyst Control Center Localization Swedish
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E848C9C0-E6FF-4A3F-9D67-AE53AC3628FE}" = SweetIM for Messenger 2.7
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1249136-F629-460E-FC20-F5D4E3F7C180}" = ATI Catalyst Install Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ashampoo ClipFinder HD_is1" = Ashampoo ClipFinder HD 2.03
"ATI Uninstaller" = ATI Uninstaller
"Auto Movie Creator_is1" = Auto Movie Creator 3.2
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"cFosSpeed" = cFosSpeed v5.00
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.3
"Google Updater" = Google Updater
"GridVista" = Acer GridVista
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"ICQToolbar" = ICQ Toolbar
"ICQ-Tools_is1" = mehr ICQ Statussymbole
"Image Analyzer" = Image Analyzer
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"LManager" = Launch Manager
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mobile Partner" = Mobile Partner
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"PictureItPrem_v11" = Microsoft Foto 2006 Standard Edition
"PROR" = Microsoft Office Professional 2007-Testversion
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
"WEB.DE Firefox Browser Update" = WEB.DE Firefox Browser Update
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Works2006Setup" = Setup-Start von Microsoft Works Suite 2006
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10.06.2010 13:07:13 | Computer Name = Julia-Home | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
Error - 10.06.2010 13:07:14 | Computer Name = Julia-Home | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
Error - 10.06.2010 13:50:05 | Computer Name = Julia-Home | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description =
Error - 10.06.2010 14:03:37 | Computer Name = Julia-Home | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
Error - 10.06.2010 14:12:35 | Computer Name = Julia-Home | Source = Avira AntiVir | ID = 4122
Description = Die Datei AVPREF.DLL konnte nicht geladen werden. Fehlercode: 0x45a
Error - 10.06.2010 14:21:30 | Computer Name = Julia-Home | Source = Web.de Update Service (AdminSVC) | ID = 100
Description = SetServiceStatus() failed error: '13' Modul: adminsvcff For more information,
see Help and Support Service at hxxp://www.web.de
Error - 10.06.2010 15:13:22 | Computer Name = Julia-Home | Source = Web.de Update Service (AdminSVC) | ID = 100
Description = SetServiceStatus() failed error: '13' Modul: adminsvcff For more information,
see Help and Support Service at hxxp://www.web.de
Error - 11.06.2010 03:23:54 | Computer Name = Julia-Home | Source = Avira AntiVir | ID = 4122
Description = Die Datei AVPREF.DLL konnte nicht geladen werden. Fehlercode: 0x45a
Error - 11.06.2010 06:07:42 | Computer Name = Julia-Home | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
Error - 11.06.2010 06:07:43 | Computer Name = Julia-Home | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
[ Media Center Events ]
Error - 18.04.2008 13:01:28 | Computer Name = Julia-Home | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight
gescheitert.
[ System Events ]
Error - 10.06.2010 14:11:58 | Computer Name = JULIA-HOME | Source = WinDefend | ID = 2004
Description = Beim Laden der Signaturen wurde von %%827 ein Fehler festgestellt.
Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen. Versuchte
Signaturen: %%824 Fehlercode: 0x8050a001 Fehlerbeschreibung: Das Programm kann keine
Definitionsdateien finden, die dazu dienen, unerwünschte Software zu erkennen.
Überprüfen Sie, ob aktualisierte Definitionsdateien vorhanden sind, und versuchen
Sie es dann erneut. Weitere Informationen zum Installieren von Updates finden Sie
unter "Hilfe und Support". Ladende Signaturen: %%825 Ladene Signaturversion: 1.83.1268.0
Ladende
Modulversion: 1.1.5802.0
Error - 10.06.2010 14:12:43 | Computer Name = Julia-Home | Source = Service Control Manager | ID = 7000
Description =
Error - 10.06.2010 14:21:27 | Computer Name = Julia-Home | Source = Service Control Manager | ID = 7030
Description =
Error - 10.06.2010 14:21:29 | Computer Name = Julia-Home | Source = Service Control Manager | ID = 7030
Description =
Error - 10.06.2010 14:21:31 | Computer Name = Julia-Home | Source = Service Control Manager | ID = 7016
Description =
Error - 10.06.2010 15:13:20 | Computer Name = Julia-Home | Source = Service Control Manager | ID = 7030
Description =
Error - 10.06.2010 15:13:21 | Computer Name = Julia-Home | Source = Service Control Manager | ID = 7030
Description =
Error - 10.06.2010 15:13:22 | Computer Name = Julia-Home | Source = Service Control Manager | ID = 7016
Description =
Error - 10.06.2010 16:52:22 | Computer Name = Julia-Home | Source = DCOM | ID = 10010
Description =
Error - 11.06.2010 03:24:02 | Computer Name = Julia-Home | Source = Service Control Manager | ID = 7000
Description =
[ TuneUp Events ]
Error - 31.05.2010 03:31:25 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 01.06.2010 10:01:34 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 02.06.2010 10:19:29 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 08.06.2010 09:44:35 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 09.06.2010 14:07:54 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 09.06.2010 15:10:22 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 10.06.2010 03:55:48 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 10.06.2010 12:08:42 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 10.06.2010 12:47:40 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 10.06.2010 14:12:44 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
< End of report >
|
|
11.06.2010, 14:52
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ich habe den ICQ-Virus Was ist mit Malwarebytes?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
11.06.2010, 15:24
| #5 |
| | ich habe den ICQ-Virus was meinst du?' |
|
11.06.2010, 15:25
| #6 |
| | ich habe den ICQ-Virus OTL Logfile: Code:
ATTFilter OTL logfile created on: 11.06.2010 15:30:35 - Run 1 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Julia\Downloads Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.17037) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69,77 Gb Total Space | 5,62 Gb Free Space | 8,05% Space Free | Partition Type: NTFS Drive D: | 69,52 Gb Total Space | 51,12 Gb Free Space | 73,54% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JULIA-HOME Current User Name: Julia Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Julia\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Programme\cFosSpeed\spd.exe (cFos Software GmbH) PRC - C:\Programme\cFosSpeed\cfosspeed.exe (cFos Software GmbH) PRC - C:\Programme\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Windows\System32\TUProgSt.exe (TuneUp Software) PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation) PRC - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe () PRC - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer) PRC - C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.) PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.) PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.) PRC - C:\Acer\ALaunch\ALaunchSvc.exe () PRC - C:\Acer\Mobility Center\MobilityService.exe () PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\ProgramData\Web.de Firefox\adminsvcff.exe (hablamax) ========== Modules (SafeList) ========== MOD - C:\Users\Julia\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\System32\eNetHook.dll (acer) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (LiveUpdate Notice Ex) -- File not found SRV - (CLTNetCnService) -- File not found SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software) SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software) SRV - (cFosSpeedS) -- C:\Program Files\cFosSpeed\spd.exe (cFos Software GmbH) SRV - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\System32\TUProgSt.exe (TuneUp Software) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.) SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (LiveUpdate) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation) SRV - (Automatisches LiveUpdate - Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation) SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe () SRV - (WMIService) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer) SRV - (eNet Service) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.) SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT) SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (eLockService) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.) SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.) SRV - (ALaunchService) -- C:\Acer\ALaunch\ALaunchSvc.exe () SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe () SRV - (AdminSVCff) -- C:\ProgramData\Web.de Firefox\adminsvcff.exe (hablamax) ========== Driver Services (SafeList) ========== DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (cFosSpeed) -- C:\Windows\System32\drivers\cfosspeed.sys (cFos Software GmbH) DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications) DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation) DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI) DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (PSDNServ) -- C:\Windows\system32\drivers\PSDNServ.sys (HiTRUST) DRV - (psdvdisk) -- C:\Windows\system32\drivers\psdvdisk.sys (HiTRUST) DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (HiTRUST) DRV - (ESDCR) -- C:\Windows\System32\drivers\ESD7SK.sys (ENE Technology Inc.) DRV - (ESMCR) -- C:\Windows\System32\drivers\ESM7SK.sys (ENE Technology Inc.) DRV - (EMSCR) -- C:\Windows\System32\drivers\EMS7SK.sys (ENE Technology Inc.) DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.) DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.) DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys () DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.) DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation) DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys () DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.) DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Deluxe\Play Movie\000.fcl (Cyberlink Corp.) DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.) DRV - (DritekPortIO) -- C:\Programme\Launch Manager\DPortIO.sys (Dritek System Inc.) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (FiltUSBEMPIA) -- C:\Windows\System32\drivers\emFilter.sys (eMPIA Technology Inc.) DRV - (DCamUSBEMPIA) -- C:\Windows\System32\drivers\emDevice.sys (eMPIA Technology, Inc.) DRV - (ScanUSBEMPIA) -- C:\Windows\System32\drivers\emScan.sys (eMPIA Technology, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = hxxp://de.rd.yahoo.com/customize/ycomp/defaults/sp/*hxxp://de.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/skins7/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (MyWebSearch.com) IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1006102113\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.) IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "Suche Deutschland Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2303923&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/webhp?sourceid=navclient-ff" FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4 FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.8 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=skins7&tb_ver=2.0.0.2&q=" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.17 14:50:01 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.06 16:42:45 | 000,000,000 | ---D | M] [2010.04.13 13:48:29 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\mozilla\Extensions [2010.04.13 13:48:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Julia\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2009.03.12 22:50:55 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2010.06.10 20:41:10 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\qgubp9o5.default\extensions [2009.09.06 13:44:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\qgubp9o5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.04.17 14:56:59 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\qgubp9o5.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.06.10 20:20:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\qgubp9o5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2009.09.23 21:07:51 | 000,000,000 | ---D | M] (Suche Deutschland Toolbar) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\qgubp9o5.default\extensions\{937f343c-c9c2-4235-b544-7fc4da2f2594} [2008.12.02 20:08:23 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\qgubp9o5.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2009.03.28 18:05:43 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\qgubp9o5.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} [2009.10.27 17:36:39 | 000,002,235 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\askcom.xml [2009.06.03 12:14:08 | 000,000,896 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\conduit.xml [2010.06.08 15:59:06 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-1.xml [2009.03.28 15:34:55 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-10.xml [2009.04.23 13:49:06 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-11.xml [2009.04.29 19:07:01 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-12.xml [2009.06.14 18:57:49 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-13.xml [2009.07.23 15:57:35 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-14.xml [2009.08.05 02:01:11 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-15.xml [2009.11.07 00:02:06 | 000,000,954 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-16.xml [2009.11.20 23:36:03 | 000,000,659 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-17.xml [2010.01.06 17:31:51 | 000,000,954 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-18.xml [2010.01.26 20:28:55 | 000,000,954 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-19.xml [2008.07.04 23:09:31 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-2.xml [2010.03.28 14:34:22 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-20.xml [2010.03.30 15:20:04 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-21.xml [2010.04.04 22:50:27 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-22.xml [2010.04.17 14:57:04 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-23.xml [2008.07.16 17:02:22 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-3.xml [2008.09.27 20:00:30 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-4.xml [2008.09.27 20:44:11 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-5.xml [2008.11.16 21:24:20 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-6.xml [2008.12.20 19:42:26 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-7.xml [2009.02.07 09:23:39 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-8.xml [2009.03.07 19:08:47 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-9.xml [2010.04.22 13:33:22 | 000,000,945 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin.xml [2009.03.28 18:05:27 | 000,003,915 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\sweetim.xml [2010.05.06 16:43:00 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.01.26 18:08:35 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2009.08.07 19:52:41 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}(11) [2009.06.01 10:53:14 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Programme\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2010.05.06 16:43:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.05.06 16:42:17 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.03.17 17:36:11 | 000,000,569 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (MyWebSearch.com) O2 - BHO: (no name) - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - No CLSID value found. O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Programme\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.) O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQToolbar\toolbaru.dll (IE Toolbar) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - No CLSID value found. O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.) O2 - BHO: (ZlangoBHO Class) - {C219F6EA-DE74-4E6C-A09F-4EC7DB9DA195} - C:\Programme\Zlango Pic-Talk\Zlango.dll (TODO: <Company name>) O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (no name) - {014DA6C9-189F-421A-88CD-07CFE51CFF10} - No CLSID value found. O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1006102113\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - No CLSID value found. O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1006102113\ICQToolBar.dll (ICQ) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [cFosSpeed] C:\Programme\cFosSpeed\cfosspeed.exe (cFos Software GmbH) O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: HP Sammelmappe - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: HP Intelligente Auswahl - {700259D7-1666-479a-93B1-3250410481E8} - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Zlango - {F70C2C8A-3CE0-4fd8-8BCA-FC70180CE226} - C:\Programme\Zlango Pic-Talk\ZlangoToolbar.dll (TODO: <Company name>) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (eNetHook.dll) - C:\Windows\System32\eNetHook.dll (acer) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Julia\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Julia\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{13f1f7d0-3f8c-11de-bddb-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{13f1f7d0-3f8c-11de-bddb-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{253b6d55-912a-11dd-b024-d2ae3017c9eb}\Shell - "" = AutoRun O33 - MountPoints2\{253b6d55-912a-11dd-b024-d2ae3017c9eb}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{253b6d6a-912a-11dd-b024-d2ae3017c9eb}\Shell - "" = AutoRun O33 - MountPoints2\{253b6d6a-912a-11dd-b024-d2ae3017c9eb}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{73370b15-92bd-11dd-b949-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{73370b15-92bd-11dd-b949-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{bc8b86dc-01df-11de-bfda-001c265c852a}\Shell - "" = AutoRun O33 - MountPoints2\{bc8b86dc-01df-11de-bfda-001c265c852a}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{bc8b86e9-01df-11de-bfda-a48361ceb13e}\Shell - "" = AutoRun O33 - MountPoints2\{bc8b86e9-01df-11de-bfda-a48361ceb13e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.06.10 18:32:03 | 000,000,000 | ---D | C] -- C:\Programme\F-Secure [2010.06.10 18:23:47 | 000,000,000 | ---D | C] -- C:\ProgramData\fssg [2010.06.10 18:20:19 | 000,000,000 | ---D | C] -- C:\ProgramData\f-secure [2010.06.09 20:28:10 | 000,000,000 | ---D | C] -- C:\Programme\ICQ7.2 [2007.05.20 00:03:06 | 000,045,056 | ---- | C] ( ) -- C:\Windows\PLFSet.dll [2007.05.19 15:34:27 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll [5 C:\Users\Julia\Documents\*.tmp files -> C:\Users\Julia\Documents\*.tmp -> ] [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.06.11 15:36:04 | 003,932,160 | -HS- | M] () -- C:\Users\Julia\ntuser.dat [2010.06.11 15:23:25 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.06.11 15:23:25 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.06.11 15:19:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.06.11 15:18:59 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.06.11 12:41:10 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2010.06.11 09:39:10 | 000,651,350 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.06.11 09:39:10 | 000,618,470 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.06.11 09:39:10 | 000,121,114 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.06.11 09:39:10 | 000,107,614 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.06.11 09:39:09 | 001,488,910 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010.06.11 09:38:44 | 000,087,040 | ---- | M] () -- C:\Users\Julia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.06.11 09:23:26 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.06.11 09:23:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.06.11 09:22:54 | 2145,509,376 | -HS- | M] () -- C:\hiberfil.sys [2010.06.10 22:52:17 | 001,773,470 | -H-- | M] () -- C:\Users\Julia\AppData\Local\IconCache.db [2010.06.10 22:35:11 | 000,019,968 | ---- | M] () -- C:\Users\Julia\Documents\gebliste.doc [2010.06.10 22:35:10 | 000,015,718 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\wklnhst.dat [2010.06.10 22:13:07 | 000,002,623 | ---- | M] () -- C:\Users\Julia\Desktop\Microsoft Word.lnk [2010.06.10 20:21:16 | 000,001,613 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.2.lnk [2010.05.21 16:23:44 | 000,000,042 | -H-- | M] () -- C:\Users\Julia\Desktop\.picasa.ini [5 C:\Users\Julia\Documents\*.tmp files -> C:\Users\Julia\Documents\*.tmp -> ] [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.06.10 22:16:50 | 000,019,968 | ---- | C] () -- C:\Users\Julia\Documents\gebliste.doc [2010.06.10 20:21:16 | 000,001,613 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.2.lnk [2010.05.21 16:23:44 | 000,000,042 | -H-- | C] () -- C:\Users\Julia\Desktop\.picasa.ini [2010.04.20 14:31:02 | 000,000,736 | ---- | C] () -- C:\Windows\SamsungMaster.INI [2009.09.18 16:21:08 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2009.09.18 16:21:08 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2008.10.06 16:58:33 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2008.06.17 20:41:41 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll [2008.06.17 20:41:41 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll [2008.06.17 20:41:41 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll [2008.06.17 20:41:40 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll [2008.06.17 20:41:40 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll [2008.05.28 16:46:21 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2008.01.10 20:16:20 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2008.01.10 20:15:30 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2007.11.18 21:28:13 | 000,394,240 | ---- | C] () -- C:\Windows\System32\Smab.dll [2007.11.18 21:28:12 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2007.08.28 00:54:19 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2007.08.28 00:54:12 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI [2007.05.20 02:52:39 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll [2007.05.20 00:03:07 | 001,729,152 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2007.05.19 15:36:19 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll [2007.05.19 15:34:47 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys [2007.05.19 15:34:47 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys [2007.05.19 15:34:24 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll [2007.05.19 15:28:31 | 000,356,352 | ---- | C] () -- C:\Windows\EMCRI.dll [2007.04.12 17:42:14 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll [2007.04.12 17:41:48 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll [2007.04.12 17:41:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll [2007.04.12 17:40:04 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll [2007.04.12 17:39:56 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll [2007.04.12 17:39:48 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll [2007.02.06 02:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2006.12.25 15:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 10:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\System32\SP207.INI [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 16 bytes -> C:\Users\Julia\Downloads:Shareaza.GUID @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:6152D44C < End of report > |
|
13.06.2010, 13:18
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ich habe den ICQ-Virus Was ist denn jetzt mit Malwarebytes? Nimm Dir doch einfach mal mehr Zeit zum Lesen der Postings und Anleitungen, das würde uns diese unnötige Nachfragerei ersparen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu ich habe den ICQ-Virus |
| eingefangen, gefangen, gen, icq-virus, julia |
Linear-Darstellung
