Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Ich wurde gehackt und fühle mich nicht mehr sicher

Ich wurde gehackt und fühle mich nicht mehr sicher


Plagegeister aller Art und deren Bekämpfung: Ich wurde gehackt und fühle mich nicht mehr sicher

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 31.05.2012, 12:00   #1
Xaduras
 
Ich wurde gehackt und fühle mich nicht mehr sicher - Standard

Ich wurde gehackt und fühle mich nicht mehr sicher


Guten Tag,

vor kurzem wurde mein Blizzard-Spielaccount gehackt und obwohl ich mit Avast Premium und G-Data InternetSecurity 2013 (Testversion) keinerlei Schadsoftware entdeckt wurde (jeweils nur 1 zur selben Zeit installiert gewesen), fühle ich mich momentan nicht mehr sicher, da ich über meinen PC auch einige Finanzen kläre. (keine Log-File vorhanden)

Da ich durch Suchmaschinen bei Virenproblemen o.Ä immer auf Ihre Seite gestoßen bin, wollte ich auf Nummer sich gehen und hiermit um Ihre Hilfe bitten.

Hier der Inhalt aus der OTL.txt :

Code:
ATTFilter
OTL logfile created on: 31.05.2012 12:30:05 - Run 1
OTL by OldTimer - Version 3.2.44.0     Folder = C:\Users\Pascal\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,24 Gb Available Physical Memory | 77,95% Memory free
16,00 Gb Paging File | 14,08 Gb Available in Paging File | 88,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,31 Gb Total Space | 114,34 Gb Free Space | 58,54% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 93,18 Gb Free Space | 47,71% Space Free | Partition Type: NTFS
Drive E: | 195,31 Gb Total Space | 168,16 Gb Free Space | 86,10% Space Free | Partition Type: NTFS
Drive F: | 195,31 Gb Total Space | 195,21 Gb Free Space | 99,95% Space Free | Partition Type: NTFS
Drive G: | 150,25 Gb Total Space | 150,16 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
Drive H: | 0,38 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: PASCAL-PC | User Name: Pascal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.05.31 12:21:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Pascal\Desktop\OTL.exe
PRC - [2012.04.05 05:21:03 | 000,985,592 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
PRC - [2012.04.05 04:46:46 | 001,538,040 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
PRC - [2012.03.29 04:42:27 | 000,470,008 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
PRC - [2012.01.27 05:13:02 | 001,470,968 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
PRC - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
PRC - [2012.01.04 20:20:50 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2010.12.23 12:41:36 | 003,304,768 | ---- | M] (devolo AG) -- C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
PRC - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.12.06 05:11:56 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.10.25 22:14:28 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010.11.20 15:26:50 | 000,084,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:64bit: - [2009.07.14 03:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:64bit: - [2009.07.14 03:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV - [2012.05.04 22:38:33 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.02 15:39:30 | 000,168,864 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\WireHelpSvc.exe -- (WireHelpSvc)
SRV - [2012.04.20 15:32:36 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.04.05 04:46:46 | 001,538,040 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2012.03.30 05:09:49 | 001,765,352 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe -- (GDFwSvc)
SRV - [2012.03.29 04:42:27 | 000,470,008 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan)
SRV - [2012.01.27 05:01:08 | 002,006,872 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe -- (AVKWCtl)
SRV - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService)
SRV - [2011.12.08 03:08:21 | 000,229,520 | ---- | M] (soft Xpansion) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe -- (SXDS10)
SRV - [2010.12.23 12:41:36 | 003,304,768 | ---- | M] (devolo AG) [Auto | Running] -- C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe -- (DevoloNetworkService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.18 13:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.07.26 07:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- D:\Spiele\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009.07.14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2007.11.15 11:17:04 | 000,160,272 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.05.30 00:00:48 | 000,106,648 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD)
DRV:64bit: - [2012.05.29 23:58:22 | 000,065,912 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)
DRV:64bit: - [2012.05.29 23:54:25 | 000,059,768 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV:64bit: - [2012.05.29 23:54:19 | 000,064,376 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)
DRV:64bit: - [2012.05.29 23:54:17 | 000,122,744 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV:64bit: - [2012.05.29 23:54:15 | 000,054,136 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)
DRV:64bit: - [2012.05.02 15:39:14 | 000,147,472 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.06 05:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011.12.06 05:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.12.06 04:12:14 | 000,327,168 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.11.28 14:20:28 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ESLvnic.sys -- (ESLvnic1)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:26:11 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:64bit: - [2010.05.26 10:39:08 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\BB44.tmp -- (MEMSWEEP2)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.02 00:05:32 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2008.12.25 11:30:52 | 000,190,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2007.09.21 04:13:22 | 000,040,464 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2007.09.21 04:13:08 | 000,056,336 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2007.09.21 04:13:02 | 000,054,288 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011.11.23 15:56:06 | 000,024,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2011.06.24 06:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV - [2010.06.10 13:32:14 | 000,034,048 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\npf_devolo.sys -- (NPF_devolo) NetGroup Packet Filter Driver (devolo)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2967869
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2967869
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6A 42 C1 62 E7 A9 CC 01  [binary data]
IE - HKCU\..\URLSearchHook: {1ce76c93-a797-4ca2-ab3c-f4a6cfba3440} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2967869
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "google.de"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mytalkpal.com/ffplugin: C:\Program Files (x86)\Talkpal\Speech Plugin For EF\npTalkpalPlugin.dll (Shanghai Qitai Tech. Co., Ltd.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.09 22:58:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.04 22:38:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.12.29 19:25:35 | 000,000,000 | ---D | M]
 
[2011.11.23 16:05:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pascal\AppData\Roaming\mozilla\Extensions
[2012.05.20 18:10:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pascal\AppData\Roaming\mozilla\Firefox\Profiles\ech13afx.default\extensions
[2012.05.20 18:10:30 | 000,000,000 | ---D | M] (GIGA Deutsch Community Toolbar) -- C:\Users\Pascal\AppData\Roaming\mozilla\Firefox\Profiles\ech13afx.default\extensions\{1ce76c93-a797-4ca2-ab3c-f4a6cfba3440}
[2012.05.15 11:08:11 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\Pascal\AppData\Roaming\mozilla\Firefox\Profiles\ech13afx.default\extensions\toolbar@ask.com
[2012.05.29 23:54:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.11.24 00:43:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.05.29 23:54:26 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files (x86)\mozilla firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2012.01.09 22:58:03 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.01.06 01:01:08 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\PASCAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ECH13AFX.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.03.09 19:46:49 | 000,029,003 | ---- | M] () (No name found) -- C:\USERS\PASCAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ECH13AFX.DEFAULT\EXTENSIONS\GROOVESHARKUNLOCKER@OVERLORD1337.XPI
[2012.05.04 22:38:33 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.12.08 03:08:21 | 000,063,632 | ---- | M] (soft Xpansion) -- C:\Program Files (x86)\mozilla firefox\plugins\np-sxpdf.dll
[2011.12.29 19:25:30 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.05.04 22:38:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.05.04 22:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.05.04 22:38:32 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.05.04 22:38:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.05.04 22:38:32 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.05.04 22:38:32 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Pascal\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Pascal\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Pascal\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: PDF Xpansion - the perfect PDF technology (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-sxpdf.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Talkpal Scriptable Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Talkpal\Speech Plugin For EF\npTalkpalPlugin.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.30_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: GIGA Deutsch = C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofahndfepeaeelmhdkjiihmofnokhmik\2.3.4.2_0\
CHR - Extension: Google Mail = C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1CE76C93-A797-4CA2-AB3C-F4A6CFBA3440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0AE4BCF6-CE4B-4425-98EB-B68C930818DE}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.04.29 11:02:01 | 000,000,055 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{46878b90-15d9-11e1-ac29-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{46878b90-15d9-11e1-ac29-806e6f6e6963}\Shell\AutoRun\command - "" = H:\BlueBirds.exe -- [2009.04.29 11:02:01 | 000,270,336 | R--- | M] (LG Electronics)
O33 - MountPoints2\{52ccecf3-4de0-11e1-ab0b-00ff01000001}\Shell - "" = AutoRun
O33 - MountPoints2\{52ccecf3-4de0-11e1-ab0b-00ff01000001}\Shell\AutoRun\command - "" = K:\OblivionLauncher.exe
O33 - MountPoints2\{adbe6130-15db-11e1-b612-00241dd6f505}\Shell - "" = AutoRun
O33 - MountPoints2\{adbe6130-15db-11e1-b612-00241dd6f505}\Shell\AutoRun\command - "" = "I:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.05.31 12:21:52 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Pascal\Desktop\OTL.exe
[2012.05.31 12:03:30 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2012.05.31 11:58:40 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Local\G DATA
[2012.05.31 11:51:16 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Roaming\TuneUp Software
[2012.05.31 11:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012.05.31 11:50:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.05.31 11:50:43 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.05.30 10:48:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2012.05.30 00:00:48 | 000,106,648 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2012.05.29 23:58:22 | 000,010,760 | ---- | C] (G Data Software AG) -- C:\Windows\SysWow64\GdScrSv.de.dll
[2012.05.29 23:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity 2013
[2012.05.29 23:54:25 | 000,059,768 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2012.05.29 23:54:19 | 000,064,376 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2012.05.29 23:54:17 | 000,122,744 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2012.05.29 23:54:15 | 000,054,136 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2012.05.29 23:54:07 | 000,065,912 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2012.05.29 23:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA
[2012.05.29 23:53:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\G Data
[2012.05.29 23:53:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data
[2012.05.29 23:49:58 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Local\Downloaded Installations
[2012.05.29 23:34:26 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.05.29 15:25:45 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Local\ESL Wire Game Client
[2012.05.29 15:25:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESL Wire
[2012.05.29 15:25:33 | 000,000,000 | ---D | C] -- C:\ProgramData\ESL Wire
[2012.05.14 17:48:25 | 000,000,000 | ---D | C] -- C:\Users\Pascal\Documents\Diablo III
[2012.05.14 17:18:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012.05.14 12:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012.05.04 22:38:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.05.04 22:38:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.05.31 12:25:54 | 000,015,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.31 12:25:54 | 000,015,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.31 12:21:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Pascal\Desktop\OTL.exe
[2012.05.31 12:18:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.31 12:18:38 | 2146,295,807 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.31 12:17:39 | 000,000,202 | ---- | M] () -- C:\Users\Pascal\defogger_reenable
[2012.05.31 11:32:50 | 000,661,313 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2012.05.31 11:32:50 | 000,040,294 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2012.05.30 10:43:00 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.05.30 10:43:00 | 000,654,006 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.05.30 10:43:00 | 000,615,888 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.05.30 10:43:00 | 000,129,878 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.05.30 10:43:00 | 000,106,268 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.05.30 00:00:48 | 000,106,648 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2012.05.29 23:58:22 | 000,065,912 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2012.05.29 23:54:25 | 000,059,768 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2012.05.29 23:54:19 | 000,064,376 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2012.05.29 23:54:17 | 000,122,744 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2012.05.29 23:54:15 | 000,054,136 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2012.05.29 23:45:40 | 000,000,198 | ---- | M] () -- C:\Users\Pascal\Documents\cc_20120529_234539.reg
[2012.05.29 23:45:33 | 000,004,306 | ---- | M] () -- C:\Users\Pascal\Documents\cc_20120529_234526.reg
[2012.05.29 23:45:19 | 000,037,674 | ---- | M] () -- C:\Users\Pascal\Documents\cc_20120529_234503.reg
[2012.05.24 10:02:42 | 000,281,216 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.05.14 22:31:25 | 000,000,040 | ---- | M] () -- C:\Windows\SysNative\InstallationInfs
[2012.05.02 15:39:30 | 000,168,864 | ---- | M] () -- C:\Program Files\Common Files\WireHelpSvc.exe
[2012.05.02 15:39:14 | 000,147,472 | ---- | M] (<Turtle Entertainment>) -- C:\Windows\SysNative\drivers\ESLWireACD.sys
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.05.31 12:17:39 | 000,000,202 | ---- | C] () -- C:\Users\Pascal\defogger_reenable
[2012.05.30 10:40:13 | 000,661,313 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2012.05.30 10:40:13 | 000,040,294 | ---- | C] () -- C:\Windows\SysWow64\nmp.map
[2012.05.29 23:45:40 | 000,000,198 | ---- | C] () -- C:\Users\Pascal\Documents\cc_20120529_234539.reg
[2012.05.29 23:45:29 | 000,004,306 | ---- | C] () -- C:\Users\Pascal\Documents\cc_20120529_234526.reg
[2012.05.29 23:45:06 | 000,037,674 | ---- | C] () -- C:\Users\Pascal\Documents\cc_20120529_234503.reg
[2012.05.14 22:31:24 | 000,000,040 | ---- | C] () -- C:\Windows\SysNative\InstallationInfs
[2012.04.10 18:13:35 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2012.01.18 20:59:59 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe
[2011.12.06 04:35:10 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.12.06 04:35:10 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.12.05 23:04:00 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.12.05 23:03:52 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.11.27 18:09:15 | 000,007,605 | ---- | C] () -- C:\Users\Pascal\AppData\Local\Resmon.ResmonCfg
[2011.11.24 17:41:18 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.11.23 16:01:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.11.23 15:56:04 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== LOP Check ==========
 
[2011.11.23 20:39:01 | 000,000,000 | ---D | M] -- C:\Users\Pascal\AppData\Roaming\Leadertech
[2012.01.12 16:52:25 | 000,000,000 | ---D | M] -- C:\Users\Pascal\AppData\Roaming\Lionhead Studios
[2011.11.23 20:59:34 | 000,000,000 | ---D | M] -- C:\Users\Pascal\AppData\Roaming\LolClient
[2011.11.23 19:47:37 | 000,000,000 | ---D | M] -- C:\Users\Pascal\AppData\Roaming\Steganos
[2012.05.31 11:51:16 | 000,000,000 | ---D | M] -- C:\Users\Pascal\AppData\Roaming\TuneUp Software
[2012.04.03 18:20:15 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
Hier die Extras.txt:

Code:
ATTFilter
OTL Extras logfile created on: 31.05.2012 12:30:05 - Run 1
OTL by OldTimer - Version 3.2.44.0     Folder = C:\Users\Pascal\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,24 Gb Available Physical Memory | 77,95% Memory free
16,00 Gb Paging File | 14,08 Gb Available in Paging File | 88,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,31 Gb Total Space | 114,34 Gb Free Space | 58,54% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 93,18 Gb Free Space | 47,71% Space Free | Partition Type: NTFS
Drive E: | 195,31 Gb Total Space | 168,16 Gb Free Space | 86,10% Space Free | Partition Type: NTFS
Drive F: | 195,31 Gb Total Space | 195,21 Gb Free Space | 99,95% Space Free | Partition Type: NTFS
Drive G: | 150,25 Gb Total Space | 150,16 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
Drive H: | 0,38 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: PASCAL-PC | User Name: Pascal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{110AE8D7-2D84-497D-9BED-A6809ECD1AF8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{1A9FCC8A-693B-46DE-B47E-251A64CD9035}" = lport=139 | protocol=6 | dir=in | app=system | 
"{22DF863C-736B-4E5D-A8E6-22221ECAD031}" = rport=138 | protocol=17 | dir=out | app=system | 
"{2999C570-143A-4656-9865-93697C553FF6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{2E0D91B5-D02A-4D33-A303-5E6417165E35}" = lport=137 | protocol=17 | dir=in | app=system | 
"{2E10083C-366F-4B02-91D2-6A996E83D5E0}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{34A99B02-760B-4E81-9FB2-A7C8F090CC3F}" = lport=445 | protocol=6 | dir=in | app=system | 
"{4C4E468A-3C61-4D45-97AB-556BCA913D02}" = rport=137 | protocol=17 | dir=out | app=system | 
"{5D67BA95-6091-43BD-9571-1128C52E9663}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{6BCBCE21-96AE-4DEF-90A0-9BF8AC8A1939}" = lport=138 | protocol=17 | dir=in | app=system | 
"{82CAEA8D-948D-43D5-95DD-65DC5CC639F1}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{86A86AD5-E3FA-46DA-84BA-3C71CAF6BD2C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{90D779ED-AFFF-447D-9D4E-5B3045947440}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A167BCA7-A6F5-406B-877C-42A3657F4D83}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{ACF71CF0-B932-4F9F-A626-632670D5EB45}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{B4D77B61-82B1-441D-A8DF-53A43F567214}" = rport=445 | protocol=6 | dir=out | app=system | 
"{B778513F-13ED-44BF-935C-84E1C04A55CF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C1D4511F-A0DD-4D44-8231-25693725996A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{CD581140-5988-4B18-9A0C-B3489480FAE2}" = rport=139 | protocol=6 | dir=out | app=system | 
"{D7CF9236-BA8A-4637-BBC2-6A8C5897C996}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | 
"{DE35EC1D-84B0-428A-89D1-4F78936939D5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{ED327E7C-3540-4362-AF0F-8C2EBE43877E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F82CB6E9-6A5B-469B-8AFA-B98A86078A70}" = lport=19376 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0012CAED-CA89-41F9-84D4-7DAB02C8FBCD}" = protocol=17 | dir=in | app=d:\spiele\mass effect\masseffectlauncher.exe | 
"{01D7F3B9-072F-417E-86A0-155410048C76}" = protocol=6 | dir=out | app=system | 
"{045B9906-4779-4399-BF3F-45416538DAE7}" = protocol=6 | dir=in | app=d:\spiele\mass effect 2\masseffect2launcher.exe | 
"{073C5642-88BD-40FF-8E0B-310E76BBBC33}" = protocol=17 | dir=in | app=d:\spiele\sum2\game.dat | 
"{0C2A8140-FDD4-4015-B796-38381AEEF401}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{1448262F-D122-4048-A15A-5B7D433ADDD5}" = protocol=6 | dir=in | app=d:\spiele\dragon age\bin_ship\daorigins.exe | 
"{1571A47A-E669-429B-8D55-4B95816CE2CB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{16BE0B4D-E7B8-4CC9-B744-926CF0194E58}" = protocol=6 | dir=in | app=d:\spiele\dragon age\bin_ship\daupdatersvc.service.exe | 
"{1CAC5B16-5CA9-48CC-9A19-6EDB93B6FDBC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{1CDAC1BB-51E3-48B8-8AA8-FF262A34E8F2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | 
"{1D6AFAFB-4ADB-4F27-A1D7-E95153F6400D}" = dir=in | app=c:\program files\eslwire\wire.exe | 
"{25BDF4B7-C104-4675-8544-45E3EC75C173}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | 
"{25FD779E-CBE2-4EE7-B319-5B2AEE121690}" = dir=out | app=c:\program files\eslwire\wire.exe | 
"{2C84CD88-001E-499E-A114-D2E6707D71C7}" = protocol=17 | dir=in | app=d:\spiele\dragon age\bin_ship\daupdatersvc.service.exe | 
"{38B0E7F6-4D07-40A9-95CA-EBA190D9382F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{396D4B0B-A840-4B79-BC9E-4BFC56DBC725}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{43D2CEED-0DB9-4E9D-ACE3-19BFEECBFEA4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{4569D798-B1D7-4E67-8FC4-DE0076F49C8A}" = protocol=17 | dir=in | app=d:\spiele\mass effect\binaries\masseffect.exe | 
"{459C586E-EF45-456D-A92D-1DBA8B5D6A96}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{47BF632E-0C22-4DF6-B90B-8DE150E703FC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\homefront\binaries\homefront.exe | 
"{4970FDC0-C49D-48B9-814E-9851129A9CF8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4C57B183-0BC0-4899-AF9A-4F16A54B5FAB}" = protocol=6 | dir=in | app=d:\spiele\mass effect\masseffectlauncher.exe | 
"{4D5A55DD-E235-4032-B319-2B1874471CE1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{507438F7-A444-4EEE-B473-AB8D3F81583D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{520E1C41-5539-4ECF-AA96-7E41FC416559}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{52FBDD1C-9E22-49D8-AD30-6441BE96D6F7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{542FB5A9-922D-4B70-923C-4B495750D5EA}" = protocol=17 | dir=in | app=d:\spiele\fable iii\fable3.exe | 
"{598D733E-C873-495E-B914-80AC4E0FFDC2}" = protocol=6 | dir=in | app=d:\spiele\mass effect 2\binaries\masseffect2.exe | 
"{5A3405EF-FC39-4AA4-9498-210F4B1A46E5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\uef_boindil\counter-strike\hl.exe | 
"{5F39C0EE-3E1B-4C28-BB82-215211866BEC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{5FBE6DCE-B2F8-4C0B-AF18-574DD3ADF41C}" = protocol=6 | dir=in | app=d:\spiele\mass effect\binaries\masseffect.exe | 
"{66047F25-B05D-485F-8368-614BE2F38E0D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\uef_boindil\counter-strike\hl.exe | 
"{6C52E426-0B34-47AE-9A3F-EEA6415B006A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\uef_boindil\condition zero\hl.exe | 
"{6C709509-E807-4ED4-91C6-D0ADE0DF5AD3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\homefront\binaries\homefront.exe | 
"{749462AA-3D60-4AD7-9D15-6B34CF45C940}" = protocol=17 | dir=in | app=d:\spiele\dragon age\daoriginslauncher.exe | 
"{88364D12-3E64-46C8-8763-48FD2A08CC8E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{8C52F4C1-3B8D-4552-ABAA-5430B96F497B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{8F32B3DA-DFFB-41D0-A909-59DC24800DC1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\uef_boindil\condition zero\hl.exe | 
"{97725A84-D096-482E-95FF-A9E0DADAB6A2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{97DA4C73-BF6A-4825-923A-1EC9BCFD6459}" = protocol=17 | dir=in | app=d:\spiele\mass effect 2\masseffect2launcher.exe | 
"{9AA7B0E1-3A3C-40FA-83E1-6E262E9314A0}" = protocol=6 | dir=in | app=d:\spiele\sum2\game.dat | 
"{9B181996-2B25-4419-8077-CD53434234C2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9B29DC84-B202-44AA-80BF-55B4B2E87963}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{A3D5FEBB-9CBB-45EA-A70C-785489390FED}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{A52DAEC7-C1F4-4ABA-AFD3-6E8ECC6A6AE6}" = protocol=17 | dir=in | app=d:\spiele\dragon age\bin_ship\daorigins.exe | 
"{A82EE495-203C-4291-9B73-9DFF1403E431}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{AAE5AB10-8712-41EE-9835-DC2885581445}" = protocol=17 | dir=in | app=d:\spiele\mass effect 2\binaries\masseffect2.exe | 
"{BE942382-77F5-407F-8163-2EF75D490FB5}" = protocol=17 | dir=in | app=d:\spiele\starcraft ii\starcraft ii.exe | 
"{C2B6353E-DCE2-4148-BF9D-F6F1DAF4EDE0}" = protocol=6 | dir=in | app=d:\spiele\starcraft ii\starcraft ii.exe | 
"{C5B901B1-F123-4863-AD3E-3D0BDE7B1FEF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{D2826703-1746-45CD-AC0F-130E48063D32}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D6C4E0E5-EE07-4BDB-B658-6CF58A6A8D84}" = protocol=6 | dir=in | app=d:\spiele\fable iii\fable3.exe | 
"{D7ABDBC2-1C53-4ED1-BACD-A26F8A7E047E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E4AF0475-EB3E-4C89-9070-AA54C1E470FF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{E895EEE5-CF22-44DF-BD49-0EF89CA2F51C}" = protocol=6 | dir=in | app=d:\spiele\dragon age\daoriginslauncher.exe | 
"{F1EF4E75-83AD-40B2-BF1E-4F852C09A842}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BE9F0B8-FF3D-5CAA-9BF2-CB6F3DF75D3B}" = ccc-utility64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{67303AC9-A9BA-E413-0001-AAC1C812947C}" = AMD Fuel
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B69A7CBA-9139-7ACB-7564-4CD5D8C36E26}" = AMD Drag and Drop Transcoding
"{BE882A12-5A45-3DFF-9FD0-306DE65EB8A5}" = AMD Catalyst Install Manager
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA54C4B1-98E3-AEFA-7254-C4038DC739AF}" = AMD Media Foundation Decoders
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"ESL Wire_is1" = ESL Wire 1.12.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00170407-78E1-11D2-B60F-006097C998E7}" = Microsoft Word 2000
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1BF82343-8EE6-8B76-90CF-31059B9D1842}" = CCC Help English
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"{4D53090A-CE35-42BD-B377-831000028301}" = Fable III
"{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"{70C3CC75-9E14-D215-8FAD-5ABEAE3125D9}" = AMD VISION Engine Control Center
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{846E4C72-DF45-43ED-1680-EDF5F87F279E}" = dLAN Cockpit
"{86107E2D-DFB9-46BC-99ED-07EACAEE0923}" = G Data InternetSecurity 2013
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{960F8836-A5E6-4801-B889-69A9777660E4}" = Steganos Shredder 11
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A33A89D0-2F48-FD1C-A243-9073EE0592E0}" = Catalyst Control Center InstallProxy
"{A6D309F9-38AB-4cc3-8DA7-0544F5011788}" = soft Xpansion Perfect PDF 6 Converter
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E9D98510-A8B6-E39C-B8BA-BA9A511E040C}" = Catalyst Control Center Graphics Previews Common
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Cockpit.92121A72F826FA9D0BD3A830E7F04987B31AFB22.1" = dLAN Cockpit
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"DivX Setup" = DivX-Setup
"dlancockpit" = devolo dLAN Cockpit
"EF Englishtown Advanced Speech Recognition_is1" = EF Englishtown Advanced Speech Recognition Version 4.6.449.1
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.60
"GFWL_{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NCLauncher_GameForge" = NC Launcher (GameForge)
"PlugY, The Survival Kit" = PlugY, The Survival Kit
"StarCraft II" = StarCraft II
"Steam App 10" = Counter-Strike
"Steam App 400" = Portal
"Steam App 55100" = Homefront
"Steam App 570" = Dota 2
"Steam App 620" = Portal 2
"Steam App 730" = Counter-Strike: Global Offensive Beta
"Steam App 80" = Counter-Strike: Condition Zero
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Warcraft III" = Warcraft III
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 29.05.2012 17:51:01 | Computer Name = Pascal-PC | Source = Windows Search Service | ID = 3028
Description = 
 
Error - 29.05.2012 17:51:01 | Computer Name = Pascal-PC | Source = Windows Search Service | ID = 3058
Description = 
 
Error - 29.05.2012 17:51:01 | Computer Name = Pascal-PC | Source = Windows Search Service | ID = 7010
Description = 
 
Error - 29.05.2012 17:51:01 | Computer Name = Pascal-PC | Source = Windows Search Service | ID = 7042
Description = 
 
Error - 29.05.2012 17:54:40 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 29.05.2012 17:54:47 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 29.05.2012 17:54:47 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 30.05.2012 05:05:38 | Computer Name = Pascal-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: clxhkq.exe, Version: 0.0.0.0, Zeitstempel:
 0x4bfced95  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel:
 0x4ec49b8f  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00033fbb  ID des fehlerhaften Prozesses:
 0xdf8  Startzeit der fehlerhaften Anwendung: 0x01cd3e43611cf2b0  Pfad der fehlerhaften
 Anwendung: C:\Users\Pascal\AppData\Local\Temp\clxhkq.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 9f82f4e0-aa36-11e1-9cbc-00241dd6f505
 
Error - 30.05.2012 05:40:42 | Computer Name = Pascal-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: grjksj.exe, Version: 0.0.0.0, Zeitstempel:
 0x4bfced95  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel:
 0x4ec49b8f  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00033fbb  ID des fehlerhaften Prozesses:
 0x980  Startzeit der fehlerhaften Anwendung: 0x01cd3e48477c996c  Pfad der fehlerhaften
 Anwendung: C:\Users\Pascal\AppData\Local\Temp\grjksj.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 85755055-aa3b-11e1-9cbc-00241dd6f505
 
Error - 31.05.2012 05:48:54 | Computer Name = Pascal-PC | Source = Application Hang | ID = 1002
Description = Programm Steam.exe, Version 1.0.1065.11 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1104    Startzeit:
 01cd3f10909ea016    Endzeit: 60000    Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe

Berichts-ID:
 aa44b716-ab05-11e1-84ba-00241dd6f505  
 
[ System Events ]
Error - 28.04.2012 11:32:14 | Computer Name = Pascal-PC | Source = amdkmdag | ID = 43038
Description = EDID contain an error in the RangeLimit field
 
Error - 28.04.2012 15:51:26 | Computer Name = Pascal-PC | Source = amdkmdag | ID = 43038
Description = EDID contain an error in the RangeLimit field
 
Error - 29.04.2012 06:53:16 | Computer Name = Pascal-PC | Source = amdkmdag | ID = 43038
Description = EDID contain an error in the RangeLimit field
 
Error - 29.04.2012 15:58:48 | Computer Name = Pascal-PC | Source = amdkmdag | ID = 43038
Description = EDID contain an error in the RangeLimit field
 
Error - 30.04.2012 06:00:34 | Computer Name = Pascal-PC | Source = amdkmdag | ID = 43038
Description = EDID contain an error in the RangeLimit field
 
Error - 30.04.2012 13:45:59 | Computer Name = Pascal-PC | Source = amdkmdag | ID = 43038
Description = EDID contain an error in the RangeLimit field
 
Error - 01.05.2012 08:16:31 | Computer Name = Pascal-PC | Source = amdkmdag | ID = 43038
Description = EDID contain an error in the RangeLimit field
 
Error - 02.05.2012 09:02:50 | Computer Name = Pascal-PC | Source = amdkmdag | ID = 43038
Description = EDID contain an error in the RangeLimit field
 
Error - 02.05.2012 13:24:52 | Computer Name = Pascal-PC | Source = amdkmdag | ID = 43038
Description = EDID contain an error in the RangeLimit field
 
Error - 03.05.2012 08:30:04 | Computer Name = Pascal-PC | Source = amdkmdag | ID = 43038
Description = EDID contain an error in the RangeLimit field
 
 
< End of report >
Schon mal danke im Voraus

Mit freundlichen Grüßen

Xaduras

 

Themen zu Ich wurde gehackt und fühle mich nicht mehr sicher
adblock, antivirus, avast, avira, avira searchfree toolbar, bankguard, bho, error, fehler, firefox, flash player, format, g-data, helper, home, install.exe, langs, locker, logfile, mozilla, ntdll.dll, plug-in, realtek, registry, rundll, scan, searchscopes, security, server, suchmaschine, svchost.exe, teamspeak, windows


« Ukash 100€ Trojaner Windows XP SP3 PC infiziert | Hilfe! Paysafe-Trojaner »


Ähnliche Themen: Ich wurde gehackt und fühle mich nicht mehr sicher


  1. weis nicht mehr weiter ist mein PC noch sicher
    Plagegeister aller Art und deren Bekämpfung - 15.11.2015 (10)
  2. Bin mir nicht sicher, hab mich am Telefon reinlegen lassen, angeblich vom MS- Support, und habe diesen per teamwiever auf meinem PC gelassen
    Plagegeister aller Art und deren Bekämpfung - 09.06.2015 (11)
  3. Trojan.Agent.CK gefunden - WIN neu aufgesetzt - Fühle mich dennoch unsicher (Stichwort: Externe Festplatte)
    Log-Analyse und Auswertung - 10.11.2014 (11)
  4. Windows XP ist nicht mehr sicher...
    Plagegeister aller Art und deren Bekämpfung - 19.02.2014 (23)
  5. Avira meldete Virus, bin nicht sicher ob dieser einwandfrei behandelt wurde
    Log-Analyse und Auswertung - 15.11.2013 (5)
  6. Skype Virus angeklickt aber nicht ausgeführt wurde nun gerne wissen ob mein PC sicher ist
    Plagegeister aller Art und deren Bekämpfung - 05.10.2012 (1)
  7. Ein Online Account wurde gehackt... System sicher?
    Log-Analyse und Auswertung - 29.12.2011 (25)
  8. Trojan.SpyEyes .. Computer jetzt nicht mehr sicher?
    Plagegeister aller Art und deren Bekämpfung - 13.07.2011 (5)
  9. Problem mit TR/fakesysdef.b - nicht sicher ob alles beseitigt wurde
    Plagegeister aller Art und deren Bekämpfung - 02.02.2011 (2)
  10. WOW-Account gehackt - Bin ich noch sicher?
    Log-Analyse und Auswertung - 03.07.2010 (7)
  11. Fühle mich unsicher
    Log-Analyse und Auswertung - 23.03.2009 (6)
  12. WPA2 auch nicht mehr sicher?
    Netzwerk und Hardware - 14.10.2008 (2)
  13. Oh man....ich fühle mich so hilflos :)
    Mülltonne - 20.06.2008 (0)
  14. Fühle mich beobachtet - kleinere "Unregelmäßigkeiten"
    Log-Analyse und Auswertung - 21.10.2007 (3)
  15. wurde gehackt und weiß nicht weiter
    Plagegeister aller Art und deren Bekämpfung - 10.08.2007 (7)
  16. Wie siehts jetzt mit meiner File aus? Bin nicht sicher ob alles bereinigt wurde
    Log-Analyse und Auswertung - 03.12.2005 (2)
  17. fühle mich nicht mehr sicher
    Log-Analyse und Auswertung - 09.11.2005 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Ich wurde gehackt und fühle mich nicht mehr sicher - Guten Tag, vor kurzem wurde mein Blizzard-Spielaccount gehackt und obwohl ich mit Avast Premium und G-Data InternetSecurity 2013 (Testversion) keinerlei Schadsoftware entdeckt wurde (jeweils nur 1 zur selben Zeit installiert - Ich wurde gehackt und fühle mich nicht mehr sicher...
Archiv
Du betrachtest: Ich wurde gehackt und fühle mich nicht mehr sicher auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132