Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Computer hängt sich nach dem Start auf!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 28.06.2012, 11:59   #1
deniznpl
 
Computer hängt sich nach dem Start auf! - Standard

Computer hängt sich nach dem Start auf!



Hey Leute also ich hab vor 2 Tagen den GVU Virus bekommen. Wusste natürlich sofort, dass es ein Fake ist da ich so etwas ähnliches schon mal hatte. Ich hab meinen Lappy also im Abgesicherten Modus gestartet und Anti Malwarebyte drüberlaufen lassen. Der hatte dann auch 7 Funde natürlich erstmal gelöscht. Wenn ich jetzt meinen PC aber im normalen Modus öffne und etwas anklicke hängt der sich nach paar Sekunden auf und es geht gar nix mehr. Kann nichts mehr klicken Maus bewegt sich nicht gar nix geht. Das komische ist, dass es im Abgesicherten Modus nicht passiert. Manchmal kommt nach dem Start auch so ein komischer Fehler der wie folgt aussieht " Fehler beim laden von C:/Users/........... Das angegebene Modul wurde nicht gefunden" Bei den Pünktchen weiß ich nicht mehr genau was da stand aber es führte zu irgendeiner .dll Datei. Hoffe ihr könnt mir helfen. Und tut mir leid habe das mit den Programmen und Logs hinzufügen nicht so verstanden. Wäre cool wenn mir das einer genauer erläutern könnte was ich da herunterladen muss und was ich wo einfügen muss.

Danke schon mal im Voraus.


MFG

deniznpl

Sorry für Doppelpost aber keine eine Idee??

Alt 29.06.2012, 13:53   #2
deniznpl
 
Computer hängt sich nach dem Start auf! - Standard

Computer hängt sich nach dem Start auf!



Keiner der helfen kann?
__________________


Alt 29.06.2012, 16:48   #3
markusg
/// Malware-holic
 
Computer hängt sich nach dem Start auf! - Standard

Computer hängt sich nach dem Start auf!



hi
du hast dich schon mal umgeguckt wie viel hier los ist?
3 tage wartezeit ist da normal.
welche fehlermeldung gibts genau?
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________
__________________

Alt 30.06.2012, 19:40   #4
deniznpl
 
Computer hängt sich nach dem Start auf! - Standard

Computer hängt sich nach dem Start auf!



Hi erstmal danke für die Antwort. Tut mir leid bin noch ganz neu hier wusste nicht wie lange die Wartezeiten so sind. Mein Posts hat sich immer mehr nach hinten verschoben dann dachte ich es wird nicht mehr gefunden. Naja wird nicht mehr vorkommen ab jetzt. Hier der Text vom OTLOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 30.06.2012 20:13:14 - Run 1
OTL by OldTimer - Version 3.2.53.0     Folder = C:\Users\WINSTEAD\Downloads\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19190)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,96 Gb Total Physical Memory | 2,44 Gb Available Physical Memory | 82,37% Memory free
6,13 Gb Paging File | 5,83 Gb Available in Paging File | 95,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 14,36 Gb Free Space | 9,97% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 263,76 Gb Free Space | 88,48% Space Free | Partition Type: NTFS
Drive E: | 144,04 Gb Total Space | 66,34 Gb Free Space | 46,06% Space Free | Partition Type: NTFS
 
Computer Name: DENIZ-GAMER-PC | User Name: WINSTEAD | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.06.30 20:10:33 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\WINSTEAD\Downloads\Desktop\OTL.exe
PRC - [2010.09.08 14:59:41 | 000,755,096 | ---- | M] () -- C:\Programme\Lavasoft\Ad-Aware\AAWWSC.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.04.15 02:12:33 | 000,250,736 | ---- | M] () -- C:\Programme\Lavasoft\Ad-Aware\ShellExt.dll
MOD - [2010.07.04 23:32:38 | 000,010,752 | ---- | M] () -- C:\Programme\Unlocker\UnlockerCOM.dll
MOD - [2009.08.16 17:06:02 | 000,141,312 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012.05.09 03:00:13 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.09 03:00:06 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.03.21 17:59:29 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.07.09 04:30:38 | 000,018,472 | ---- | M] (WeGame.com, Inc.) [Auto | Stopped] -- C:\Programme\WeGame\wgclientservice.exe -- (WeGameClientService)
SRV - [2011.04.15 02:12:19 | 001,378,040 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010.12.28 10:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Programme\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV - [2010.06.14 16:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.03.28 16:47:30 | 000,246,520 | ---- | M] () [Auto | Stopped] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.02.13 21:45:42 | 000,604,488 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2010.02.13 21:45:36 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009.12.09 14:42:14 | 001,044,808 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009.11.16 13:25:48 | 000,029,000 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.08.18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008.12.09 17:33:08 | 003,471,360 | ---- | M] () [Auto | Stopped] -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2008.10.16 17:26:20 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.10.16 16:54:34 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.07.29 17:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Stopped] -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.07.20 18:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008.03.21 14:22:52 | 000,024,576 | ---- | M] () [Auto | Stopped] -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.03.18 05:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008.02.27 11:06:28 | 000,594,600 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\lxdpcoms.exe -- (lxdp_device)
SRV - [2008.02.27 11:06:12 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdpserv.exe -- (lxdpCATSCustConnectService)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.16 19:35:02 | 000,081,504 | ---- | M] () [Auto | Stopped] -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2007.12.06 17:15:28 | 000,110,592 | ---- | M] () [Auto | Stopped] -- C:\ACER\Mobility Center\MobilityService.exe -- (MobilityService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\DKbFltr.sys -- (DKbFltr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2012.05.15 12:26:00 | 011,354,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.05.09 03:00:15 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.09 03:00:14 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.18 19:08:04 | 000,148,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.02.22 12:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mcaudrv.sys -- (mcaudrv_simple)
DRV - [2012.01.11 08:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mcvidrv.sys -- (ManyCam)
DRV - [2011.09.16 16:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.03.29 15:31:06 | 000,812,448 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\ESLWireACD.sys -- (ESLWireAC)
DRV - [2010.11.08 14:08:14 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Programme\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010.10.13 13:19:54 | 000,024,504 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ESLvnic.sys -- (ESLvnic1)
DRV - [2010.10.04 17:41:39 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010.09.08 14:59:42 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV - [2010.07.30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.07.30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.07.30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.07.30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.07.26 13:24:46 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010.07.26 13:24:42 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2010.07.04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Programme\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010.02.03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.10.14 08:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.10.08 16:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.12.09 17:33:03 | 000,043,184 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2008.11.17 07:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.08.26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.28 09:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.05.09 13:03:58 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Stopped] -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2008.04.25 11:31:26 | 000,146,688 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2008.04.21 05:07:00 | 000,081,296 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.02.29 09:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.01.16 19:35:08 | 000,122,368 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Stopped] -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys -- (NTIPPKernel)
DRV - [2007.03.28 08:51:40 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)
DRV - [2007.01.26 08:32:18 | 000,069,632 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2005.08.17 08:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005.08.17 08:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005.08.17 08:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1208&m=aspire_7730g
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfir.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2304157
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com/?l=dis&o=14672
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfir.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\SearchScopes,DefaultScope = {FEDB6AF3-8938-45B8-B847-8F261D80C1BD}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=100581&tt=110911_startpage
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = hxxp://www.daemon-search.com/search/web?q={searchTerms}
IE - HKCU\..\SearchScopes\{af3d7884-b142-414e-943d-75d8d54e1fff}: "URL" = hxxp://searchtronic.net/search?query={searchTerms}&i=61&tp=chrome
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2304157
IE - HKCU\..\SearchScopes\{CFBC8768-118B-460A-9E44-8A1360DF10BF}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=crm&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYDE&apn_uid=29788ce3-48d4-4f7c-824e-95074bc1b291&apn_sauid=8EE706C2-56C8-4EFC-ACA0-379559BE535B
IE - HKCU\..\SearchScopes\{FEDB6AF3-8938-45B8-B847-8F261D80C1BD}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_deDE343
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "foxsearch"
FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "foxsearch"
FF - prefs.js..browser.search.selectedEngine: "foxsearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20091209.4
FF - prefs.js..extensions.enabledItems: gutscheinmieze@synatix-gmbh.de:1.03
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.5.6.0
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU2&o=14670&locale=de_DE&apn_uid=29788ce3-48d4-4f7c-824e-95074bc1b291&apn_ptnrs=T8&apn_sauid=8EE706C2-56C8-4EFC-ACA0-379559BE535B&apn_dtid=YYYYYYYYDE&&q="
 
FF - user.js..browser.search.selectedEngine: "foxsearch"
FF - user.js..browser.search.order.1: "foxsearch"
FF - user.js..browser.search.defaultenginename: "foxsearch"
FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\WINSTEAD\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\WINSTEAD\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\electronicarts.com/GameFacePlugin: C:\Users\WINSTEAD\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.01.18 17:50:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.09.13 14:27:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.14 19:36:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.01.18 17:51:01 | 000,000,000 | ---D | M]
 
[2009.12.01 19:15:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WINSTEAD\AppData\Roaming\mozilla\Extensions
[2012.06.18 22:30:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WINSTEAD\AppData\Roaming\mozilla\Firefox\Profiles\v36vcd7x.default\extensions
[2009.12.01 19:25:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\WINSTEAD\AppData\Roaming\mozilla\Firefox\Profiles\v36vcd7x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.06.06 04:59:43 | 000,000,000 | ---D | M] (XfireXO Community Toolbar) -- C:\Users\WINSTEAD\AppData\Roaming\mozilla\Firefox\Profiles\v36vcd7x.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2012.04.02 04:35:03 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\WINSTEAD\AppData\Roaming\mozilla\Firefox\Profiles\v36vcd7x.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.04.09 17:33:50 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\WINSTEAD\AppData\Roaming\mozilla\Firefox\Profiles\v36vcd7x.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.02.14 21:16:58 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\WINSTEAD\AppData\Roaming\mozilla\Firefox\Profiles\v36vcd7x.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2012.03.30 03:35:43 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\WINSTEAD\AppData\Roaming\mozilla\Firefox\Profiles\v36vcd7x.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.03.02 13:10:12 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\WINSTEAD\AppData\Roaming\mozilla\Firefox\Profiles\v36vcd7x.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}(66)
[2011.09.20 23:18:26 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\WINSTEAD\AppData\Roaming\mozilla\Firefox\Profiles\v36vcd7x.default\extensions\ffxtlbr@babylon.com
[2012.06.18 22:30:55 | 000,000,000 | ---D | M] (softonic.com) -- C:\Users\WINSTEAD\AppData\Roaming\mozilla\Firefox\Profiles\v36vcd7x.default\extensions\ffxtlbra@softonic.com
[2012.06.20 06:00:23 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Users\WINSTEAD\AppData\Roaming\mozilla\Firefox\Profiles\v36vcd7x.default\extensions\toolbar@ask.com
[2012.06.30 20:04:07 | 000,002,401 | ---- | M] () -- C:\Users\WINSTEAD\AppData\Roaming\Mozilla\Firefox\Profiles\v36vcd7x.default\searchplugins\askcom.xml
[2012.06.04 22:06:34 | 000,000,917 | ---- | M] () -- C:\Users\WINSTEAD\AppData\Roaming\Mozilla\Firefox\Profiles\v36vcd7x.default\searchplugins\conduit.xml
[2012.06.30 20:06:00 | 000,000,950 | ---- | M] () -- C:\Users\WINSTEAD\AppData\Roaming\Mozilla\Firefox\Profiles\v36vcd7x.default\searchplugins\icqplugin-11.xml
[2011.12.01 17:40:16 | 000,000,950 | ---- | M] () -- C:\Users\WINSTEAD\AppData\Roaming\Mozilla\Firefox\Profiles\v36vcd7x.default\searchplugins\icqplugin-12.xml
[2012.04.09 20:20:57 | 000,000,950 | ---- | M] () -- C:\Users\WINSTEAD\AppData\Roaming\Mozilla\Firefox\Profiles\v36vcd7x.default\searchplugins\icqplugin-13.xml
[2010.10.29 17:55:26 | 000,000,961 | ---- | M] () -- C:\Users\WINSTEAD\AppData\Roaming\Mozilla\Firefox\Profiles\v36vcd7x.default\searchplugins\icqplugin-2.xml
[2010.12.10 06:32:00 | 000,000,961 | ---- | M] () -- C:\Users\WINSTEAD\AppData\Roaming\Mozilla\Firefox\Profiles\v36vcd7x.default\searchplugins\icqplugin-3.xml
[2011.03.24 03:40:29 | 000,000,961 | ---- | M] () -- C:\Users\WINSTEAD\AppData\Roaming\Mozilla\Firefox\Profiles\v36vcd7x.default\searchplugins\icqplugin-4.xml
[2011.04.08 02:39:28 | 000,000,950 | ---- | M] () -- C:\Users\WINSTEAD\AppData\Roaming\Mozilla\Firefox\Profiles\v36vcd7x.default\searchplugins\icqplugin-5.xml
[2011.04.09 04:29:43 | 000,000,950 | ---- | M] () -- C:\Users\WINSTEAD\AppData\Roaming\Mozilla\Firefox\Profiles\v36vcd7x.default\searchplugins\icqplugin-6.xml
[2011.04.30 17:20:56 | 000,000,950 | ---- | M] () -- C:\Users\WINSTEAD\AppData\Roaming\Mozilla\Firefox\Profiles\v36vcd7x.default\searchplugins\icqplugin-7.xml
[2011.06.21 21:57:53 | 000,000,950 | ---- | M] () -- C:\Users\WINSTEAD\AppData\Roaming\Mozilla\Firefox\Profiles\v36vcd7x.default\searchplugins\icqplugin-8.xml
[2011.06.26 00:42:46 | 000,000,950 | ---- | M] () -- C:\Users\WINSTEAD\AppData\Roaming\Mozilla\Firefox\Profiles\v36vcd7x.default\searchplugins\icqplugin-9.xml
[2010.10.18 05:54:49 | 000,001,069 | ---- | M] () -- C:\Users\WINSTEAD\AppData\Roaming\Mozilla\Firefox\Profiles\v36vcd7x.default\searchplugins\icqplugin.xml
[2012.06.14 19:36:46 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.11.06 15:12:42 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.01.05 15:17:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2012.06.14 19:36:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.01.07 20:08:31 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\WINSTEAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\V36VCD7X.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.09.13 14:27:36 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.04.15 14:20:18 | 001,034,544 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2010.03.19 09:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Program Files\mozilla firefox\plugins\npmieze.dll
[2011.09.13 14:27:34 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.20 23:18:21 | 000,002,227 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.09.13 14:27:34 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.09.20 18:02:48 | 000,002,231 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\butterscotch_igeared.xml
[2011.09.13 14:27:34 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.08.15 17:38:42 | 000,000,143 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\foxsearch.src
[2011.09.13 14:27:34 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.13 14:27:34 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.13 14:27:34 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.09.29 18:59:29 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programme\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfir.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Programme\Softonic\softonic\1.5.11.5\bh\softonic.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Programme\Softonic\softonic\1.5.11.5\softonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\WINSTEAD\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Programme\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\WINSTEAD\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [lxdpmon.exe] C:\Program Files\Lexmark Z2300 Series\lxdpmon.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKCU..\Run: []  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Alles mit BitComet herunterladen - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\WINSTEAD\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Mit BitComet herunter&laden - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O9 - Extra Button: SecretCity 3DChat - {D401C3A2-12EF-4D1D-A086-F3AB10B565BF} - C:\PROGRA~1\SECRET~1\\SECRET~1.EXE File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E6AE4EF-C04C-45F9-8F7E-23246DA528DA}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ABD8BC1E-19D7-4F73-B0E6-C9BABFA0087A}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: ({DLL_Str}) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll) - C:\Programme\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O24 - Desktop WallPaper: C:\Users\WINSTEAD\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\WINSTEAD\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)
MsConfig - StartUpFolder: C:^Users^WINSTEAD^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameRanger.lnk -  - File not found
MsConfig - StartUpFolder: C:^Users^WINSTEAD^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk - C:\Programme\OpenOffice.org 3\program\quickstart.exe - ()
MsConfig - StartUpFolder: C:^Users^WINSTEAD^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^The Matrix_ Path of Neo Registration.lnk -  - File not found
MsConfig - StartUpFolder: C:^Users^WINSTEAD^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk - C:\Programme\Xfire\Xfire.exe - (Xfire Inc.)
MsConfig - StartUpReg: ApnUpdater - hkey= - key= - C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: EA Core - hkey= - key= - C:\Program Files\Electronic Arts\EADM\EADMUI\Core.exe (Electronic Arts)
MsConfig - StartUpReg: ESL Wire - hkey= - key= - C:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH)
MsConfig - StartUpReg: EzPrint - hkey= - key= - C:\Program Files\Lexmark Z2300 Series\ezprint.exe (Lexmark International Inc.)
MsConfig - StartUpReg: FILSHtray - hkey= - key= - C:\Program Files\FILSHtray\FILSHtray.exe (FILSH Media GmbH)
MsConfig - StartUpReg: IAAnotif - hkey= - key= - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
MsConfig - StartUpReg: ICQ - hkey= - key= - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
MsConfig - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= -  File not found
MsConfig - StartUpReg: ManyCam - hkey= - key= -  File not found
MsConfig - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
MsConfig - StartUpReg: NokiaMusic FastStart - hkey= - key= - C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia)
MsConfig - StartUpReg: NokiaOviSuite2 - hkey= - key= - C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
MsConfig - StartUpReg: Razer Imperator Driver - hkey= - key= - C:\Programme\Razer\Imperator\RazerImperatorSysTray.exe (Razer USA Ltd)
MsConfig - StartUpReg: RGSC - hkey= - key= -  File not found
MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: Skytel - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: Steam - hkey= - key= - C:\Program Files\Steam\steam.exe (Valve Corporation)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: SynTPEnh - hkey= - key= -  File not found
MsConfig - StartUpReg: UnlockerAssistant - hkey= - key= - C:\Program Files\Unlocker\UnlockerAssistant.exe ()
MsConfig - StartUpReg: Windows Defender - hkey= - key= -  File not found
MsConfig - StartUpReg: Xvid - hkey= - key= - C:\Programme\Xvid\CheckUpdate.exe ()
MsConfig - StartUpReg: ZPdtWzdVitaKey MC3000 - hkey= - key= - C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
MsConfig - State: "startup" - 2
 
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084
 
========== Files/Folders - Created Within 30 Days ==========
 
File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1
[2012.06.30 20:10:32 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\WINSTEAD\Downloads\Desktop\OTL.exe
[2012.06.29 14:34:45 | 000,000,000 | ---D | C] -- C:\Users\WINSTEAD\Downloads\Desktop\k
[2012.06.27 23:38:24 | 000,000,000 | ---D | C] -- C:\Users\WINSTEAD\Option
[2012.06.27 08:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.06.27 08:21:00 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.06.26 17:43:06 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.06.26 17:43:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.26 17:43:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.06.26 05:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.06.26 04:57:21 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2012.06.26 04:57:17 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.06.26 04:56:13 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012.06.21 00:31:57 | 000,000,000 | ---D | C] -- C:\Program Files\MWS Reader 4
[2012.06.14 19:37:40 | 000,000,000 | ---D | C] -- C:\League of Legends
[2012.06.14 19:37:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.06.14 19:36:15 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.06.06 04:41:29 | 000,000,000 | ---D | C] -- C:\Users\WINSTEAD\Documents\Amnesia
[2007.08.13 18:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\WINSTEAD\AppData\Local\CDRip.dll
[2007.01.18 22:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Users\WINSTEAD\AppData\Local\No23 Recorder.exe
[2006.12.11 20:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\WINSTEAD\AppData\Local\basscd.dll
[2006.12.11 20:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\WINSTEAD\AppData\Local\bass.dll
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.30 20:10:33 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\WINSTEAD\Downloads\Desktop\OTL.exe
[2012.06.30 20:04:59 | 000,678,774 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.06.30 20:04:59 | 000,639,840 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.06.30 20:04:59 | 000,147,376 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.06.30 20:04:59 | 000,121,530 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.06.30 20:01:22 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.06.30 20:00:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.29 14:39:31 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2012.06.29 14:39:30 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.29 14:39:17 | 000,004,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.29 14:39:16 | 000,004,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.29 03:04:28 | 000,001,356 | ---- | M] () -- C:\Users\WINSTEAD\AppData\Local\d3d9caps.dat
[2012.06.29 02:03:16 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.06.29 01:45:49 | 000,001,286 | ---- | M] () -- C:\Users\WINSTEAD\Documents\cc_20120629_014540.reg
[2012.06.29 00:39:42 | 000,014,744 | ---- | M] () -- C:\Users\WINSTEAD\Downloads\Desktop\bal_37155806.onlineBild.jpg
[2012.06.29 00:38:40 | 000,050,746 | ---- | M] () -- C:\Users\WINSTEAD\Downloads\Desktop\topelement.jpg
[2012.06.28 09:59:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.27 22:18:33 | 000,328,000 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.06.27 11:18:57 | 000,001,893 | ---- | M] () -- C:\Windows\System32\Preferences.xml
[2012.06.27 11:18:57 | 000,001,893 | ---- | M] () -- C:\Windows\System32\Preferences.bak
[2012.06.27 11:16:23 | 000,000,584 | ---- | M] () -- C:\Windows\System32\DeviceConfig.xml
[2012.06.27 11:16:23 | 000,000,000 | ---- | M] () -- C:\Windows\System32\DeviceConfig.bak
[2012.06.27 11:15:58 | 000,005,268 | ---- | M] () -- C:\Windows\System32\Default.session
[2012.06.27 11:15:58 | 000,000,228 | ---- | M] () -- C:\Windows\System32\SysConfig.xml
[2012.06.27 11:15:58 | 000,000,000 | ---- | M] () -- C:\Windows\System32\SysConfig.bak
[2012.06.27 11:15:58 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Default.bak
[2012.06.27 08:53:00 | 000,447,726 | ---- | M] () -- C:\Users\WINSTEAD\Documents\cc_20120627_085230.reg
[2012.06.27 08:21:02 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.06.27 05:31:12 | 000,104,960 | ---- | M] () -- C:\Users\WINSTEAD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.26 17:43:07 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.26 17:34:37 | 004,503,728 | ---- | M] () -- C:\ProgramData\0tbpw.pad
[2012.06.26 12:39:47 | 000,001,724 | ---- | M] () -- C:\Users\WINSTEAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.06.25 17:32:28 | 000,000,480 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for WINSTEAD.job
[2012.06.24 23:51:34 | 007,797,296 | ---- | M] () -- C:\Users\WINSTEAD\Downloads\Desktop\vid-20120624-wa0001.mp4
[2012.06.24 09:33:32 | 219,194,706 | ---- | M] () -- C:\Users\WINSTEAD\Downloads\Desktop\Dragonball Z Shin Budokai.cso
[2012.06.24 07:08:45 | 855,638,016 | ---- | M] () -- C:\Users\WINSTEAD\Downloads\Desktop\Tekken.6.2009.PSP.iso
[2012.06.23 12:00:16 | 011,653,847 | ---- | M] () -- C:\Users\WINSTEAD\Downloads\Desktop\Lloyd Banks ft Kanye West, Swizz Beatz, Fabolous  Ryan Leslie   Start It Up [New CDQ 2010 HFM2].mp3
[2012.06.23 11:58:29 | 008,689,368 | ---- | M] () -- C:\Users\WINSTEAD\Downloads\Desktop\J Doe feat Busta Rhymes T Pain  David Banner   Coke Dope Crack Smack.mp3
[2012.06.20 09:14:30 | 000,071,784 | ---- | M] () -- C:\Users\WINSTEAD\Documents\Track 1 Recording 2.sfk
[2012.06.20 09:14:30 | 000,030,608 | ---- | M] () -- C:\Users\WINSTEAD\Documents\Track 1 Recording 1.sfk
[2012.06.20 09:13:48 | 009,180,122 | ---- | M] () -- C:\Users\WINSTEAD\Documents\Track 1 Recording 2.wav
[2012.06.20 09:09:58 | 003,910,178 | ---- | M] () -- C:\Users\WINSTEAD\Documents\Track 1 Recording 1.wav
[2012.06.19 01:13:39 | 018,727,760 | ---- | M] () -- C:\Users\WINSTEAD\Downloads\Desktop\ts3_recording_12_06_19_1_12_0.wav
[2012.06.14 21:23:04 | 000,001,674 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.06.29 14:39:57 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.06.29 01:45:42 | 000,001,286 | ---- | C] () -- C:\Users\WINSTEAD\Documents\cc_20120629_014540.reg
[2012.06.29 00:39:42 | 000,014,744 | ---- | C] () -- C:\Users\WINSTEAD\Downloads\Desktop\bal_37155806.onlineBild.jpg
[2012.06.29 00:38:39 | 000,050,746 | ---- | C] () -- C:\Users\WINSTEAD\Downloads\Desktop\topelement.jpg
[2012.06.27 22:55:58 | 000,001,724 | ---- | C] () -- C:\Users\WINSTEAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.06.27 11:18:55 | 000,001,893 | ---- | C] () -- C:\Windows\System32\Preferences.xml
[2012.06.27 11:18:55 | 000,001,893 | ---- | C] () -- C:\Windows\System32\Preferences.bak
[2012.06.27 11:16:23 | 000,000,584 | ---- | C] () -- C:\Windows\System32\DeviceConfig.xml
[2012.06.27 11:16:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\DeviceConfig.bak
[2012.06.27 11:15:58 | 000,005,268 | ---- | C] () -- C:\Windows\System32\Default.session
[2012.06.27 11:15:58 | 000,000,228 | ---- | C] () -- C:\Windows\System32\SysConfig.xml
[2012.06.27 11:15:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\SysConfig.bak
[2012.06.27 11:15:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Default.bak
[2012.06.27 08:52:34 | 000,447,726 | ---- | C] () -- C:\Users\WINSTEAD\Documents\cc_20120627_085230.reg
[2012.06.27 08:21:02 | 000,000,808 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.06.26 17:43:07 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.26 12:39:46 | 004,503,728 | ---- | C] () -- C:\ProgramData\0tbpw.pad
[2012.06.26 04:56:57 | 000,011,190 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2012.06.24 23:51:34 | 007,797,296 | ---- | C] () -- C:\Users\WINSTEAD\Downloads\Desktop\vid-20120624-wa0001.mp4
[2012.06.24 12:15:00 | 563,086,169 | ---- | C] () -- C:\Users\WINSTEAD\Downloads\Desktop\Tekken 6.iso
[2012.06.24 08:36:31 | 219,194,706 | ---- | C] () -- C:\Users\WINSTEAD\Downloads\Desktop\Dragonball Z Shin Budokai.cso
[2012.06.24 06:40:44 | 855,638,016 | ---- | C] () -- C:\Users\WINSTEAD\Downloads\Desktop\Tekken.6.2009.PSP.iso
[2012.06.23 12:00:16 | 011,653,847 | ---- | C] () -- C:\Users\WINSTEAD\Downloads\Desktop\Lloyd Banks ft Kanye West, Swizz Beatz, Fabolous  Ryan Leslie   Start It Up [New CDQ 2010 HFM2].mp3
[2012.06.23 11:58:29 | 008,689,368 | ---- | C] () -- C:\Users\WINSTEAD\Downloads\Desktop\J Doe feat Busta Rhymes T Pain  David Banner   Coke Dope Crack Smack.mp3
[2012.06.20 09:13:48 | 000,071,784 | ---- | C] () -- C:\Users\WINSTEAD\Documents\Track 1 Recording 2.sfk
[2012.06.20 09:09:58 | 009,180,122 | ---- | C] () -- C:\Users\WINSTEAD\Documents\Track 1 Recording 2.wav
[2012.06.20 09:09:58 | 000,030,608 | ---- | C] () -- C:\Users\WINSTEAD\Documents\Track 1 Recording 1.sfk
[2012.06.20 09:09:31 | 003,910,178 | ---- | C] () -- C:\Users\WINSTEAD\Documents\Track 1 Recording 1.wav
[2012.06.19 01:12:01 | 018,727,760 | ---- | C] () -- C:\Users\WINSTEAD\Downloads\Desktop\ts3_recording_12_06_19_1_12_0.wav
[2012.06.14 21:23:04 | 000,001,674 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2012.03.19 23:31:36 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012.03.19 23:31:36 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012.03.19 21:46:53 | 000,001,431 | ---- | C] () -- C:\Windows\SplitCam.INI
[2012.03.19 06:14:07 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.10.09 10:32:33 | 000,000,004 | ---- | C] () -- C:\Users\WINSTEAD\AppData\Roaming\steam_md4.dat
[2011.09.20 23:20:38 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011.09.17 14:40:38 | 000,000,045 | ---- | C] () -- C:\Windows\tkkg_5.ini
[2011.09.17 14:40:28 | 000,182,528 | ---- | C] () -- C:\Windows\PI.EXE
[2011.08.16 00:15:24 | 000,107,248 | ---- | C] () -- C:\Users\WINSTEAD\auditore.jpg
[2011.07.28 17:52:50 | 000,000,780 | ---- | C] () -- C:\Users\WINSTEAD\WeGame.lnk
[2011.07.25 20:52:06 | 000,000,843 | ---- | C] () -- C:\Users\WINSTEAD\Avidemux 2.5 (32-bit).lnk
[2011.07.19 22:27:11 | 000,018,187 | ---- | C] () -- C:\Users\WINSTEAD\bewerbungilde.odt
[2011.06.14 23:28:36 | 000,037,211 | ---- | C] () -- C:\Users\WINSTEAD\tombstone.jpg
[2011.06.08 16:39:19 | 000,000,253 | ---- | C] () -- C:\Users\WINSTEAD\Launch Hitman Blood Money.lnk
[2011.06.05 21:54:32 | 000,075,647 | ---- | C] () -- C:\Users\WINSTEAD\wayne.xps
[2011.05.25 14:25:44 | 000,000,545 | ---- | C] () -- C:\Users\WINSTEAD\prototypef - Verknüpfung.lnk
[2011.05.07 13:54:09 | 000,472,576 | ---- | C] () -- C:\Windows\Nvidia Omega Drivers v1.169.25 Uninstall.exe
[2011.05.05 19:15:12 | 000,000,524 | ---- | C] () -- C:\Users\WINSTEAD\Fraps.lnk
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.03.29 22:33:28 | 000,000,000 | ---- | C] () -- C:\Users\WINSTEAD\AppData\Roaming\fggi.ini
[2011.01.17 02:08:25 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2011.01.06 00:19:29 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2011.01.06 00:19:29 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2011.01.06 00:19:29 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2010.11.17 23:04:27 | 000,001,100 | ---- | C] () -- C:\Users\WINSTEAD\AppData\Local\d3d8caps.dat
[2010.11.06 15:13:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.10.02 02:50:50 | 000,015,880 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2010.09.29 18:14:09 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010.09.29 18:14:09 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010.09.29 18:14:09 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010.09.29 18:14:09 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010.09.29 18:14:09 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010.09.13 15:48:21 | 001,749,376 | ---- | C] () -- C:\Windows\System32\snp2uvc.sys
[2010.09.13 15:48:21 | 000,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2010.09.13 15:48:21 | 000,028,032 | ---- | C] () -- C:\Windows\System32\sncduvc.sys
[2010.09.13 15:48:21 | 000,000,131 | ---- | C] () -- C:\Windows\System32\PidList.ini
[2010.08.29 05:14:57 | 669,204,480 | ---- | C] () -- C:\Users\WINSTEAD\Call of Duty CD-2.ISO
[2010.08.29 05:14:48 | 635,731,968 | ---- | C] () -- C:\Users\WINSTEAD\Call of Duty CD-1.ISO
[2010.07.09 21:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010.03.15 14:33:49 | 000,022,328 | ---- | C] () -- C:\Users\WINSTEAD\AppData\Roaming\PnkBstrK.sys
[2009.12.09 00:01:35 | 000,001,356 | ---- | C] () -- C:\Users\WINSTEAD\AppData\Local\d3d9caps.dat
[2009.12.05 09:00:29 | 000,001,472 | ---- | C] () -- C:\Users\WINSTEAD\AppData\Local\RecConfig.xml
[2009.12.02 17:57:53 | 000,104,960 | ---- | C] () -- C:\Users\WINSTEAD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.10.26 02:06:48 | 000,064,000 | ---- | C] () -- C:\Users\WINSTEAD\AppData\Local\vorbisenc.dll
[2006.10.26 02:06:48 | 000,019,456 | ---- | C] () -- C:\Users\WINSTEAD\AppData\Local\vorbisfile.dll
[2006.10.26 02:06:46 | 000,143,872 | ---- | C] () -- C:\Users\WINSTEAD\AppData\Local\vorbis.dll
[2006.05.24 20:09:56 | 008,171,520 | ---- | C] () -- C:\Users\WINSTEAD\HitmanBloodMoney.exe
[2006.04.13 13:29:50 | 000,087,600 | ---- | C] () -- C:\Program Files\YamiGsg9Fake.vtf
[2006.04.13 13:29:50 | 000,000,067 | ---- | C] () -- C:\Program Files\YamiGsg9Fake.vmt
[2005.09.26 10:24:44 | 000,123,304 | ---- | C] () -- C:\Users\WINSTEAD\Mutlu__Ornamental.ttf
 
========== LOP Check ==========
 
[2011.04.24 21:51:27 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\.minecraft
[2008.10.31 23:43:28 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\Acer GameZone Console
[2010.08.09 16:33:41 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\Ahet
[2009.12.02 00:19:57 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\Audacity
[2011.07.25 20:57:02 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\avidemux
[2012.06.27 08:31:20 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\Azureus
[2012.06.24 09:53:34 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\BitComet
[2011.03.08 14:32:49 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\Canneverbe Limited
[2012.06.27 08:31:25 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\DAEMON Tools Lite
[2010.08.15 17:07:43 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\DAEMON Tools Net
[2012.04.09 17:33:56 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\DVDVideoSoft
[2012.04.09 17:33:50 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.03.12 21:51:56 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\Electronic Arts
[2010.02.09 02:23:16 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\Facebook
[2010.03.24 23:50:15 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\FloodLightGames
[2010.03.01 06:08:32 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\FreeFLVConverter
[2011.01.09 02:40:04 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\GameRanger
[2012.05.14 18:53:24 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\GetRightToGo
[2010.08.15 16:41:40 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\Gutscheinmieze
[2010.12.03 02:33:05 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\ICQ
[2010.11.08 14:15:03 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\Leadertech
[2010.11.06 16:48:40 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\LolClient
[2012.05.24 06:45:28 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\LolClient2
[2012.03.20 04:44:46 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\ManyCam
[2010.01.14 22:59:39 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\Mumble
[2011.01.18 18:05:47 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\Nokia
[2010.07.30 19:51:10 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\OpenCandy
[2011.01.05 15:25:24 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\OpenOffice.org
[2011.01.18 18:33:41 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\PC Suite
[2009.12.07 07:32:19 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\Publish Providers
[2011.08.13 13:01:15 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\PunkBuster
[2009.12.24 19:04:48 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\Sony
[2011.12.28 00:22:30 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\TeamViewer
[2012.02.14 21:33:17 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\thriXXX
[2012.02.21 19:47:04 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\TS3Client
[2009.12.16 11:45:41 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\TuneUp Software
[2010.10.30 18:27:01 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\Ubisoft
[2010.08.09 05:13:55 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\Unawid
[2011.01.03 03:24:27 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\Unity
[2010.07.04 04:12:01 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\Utherverse
[2012.06.27 08:31:20 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\uTorrent
[2012.03.19 05:53:21 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\WebcamMax
[2010.02.28 06:19:41 | 000,000,000 | ---D | M] -- C:\Users\WINSTEAD\AppData\Roaming\Youtube Downloader HD
[2012.06.29 14:39:31 | 000,000,522 | ---- | M] () -- C:\Windows\Tasks\1-Klick-Wartung.job
[2012.06.30 20:01:22 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2012.06.29 02:03:16 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2010.09.29 18:59:34 | 000,000,000 | ---D | M] -- C:\$RECYCLE.BIN
[2010.03.25 00:03:46 | 000,000,000 | ---D | M] -- C:\ACER
[2010.09.29 18:57:51 | 000,000,000 | ---D | M] -- C:\Boot
[2010.09.29 19:07:27 | 000,000,000 | ---D | M] -- C:\ComboFix
[2006.11.02 15:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2009.08.31 09:00:18 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.06.24 09:35:43 | 000,000,000 | ---D | M] -- C:\Downloads
[2010.11.10 22:04:43 | 000,000,000 | ---D | M] -- C:\EGIS_Drive
[2011.05.05 19:15:37 | 000,000,000 | ---D | M] -- C:\Fraps
[2010.03.18 19:59:40 | 000,000,000 | ---D | M] -- C:\Intel
[2012.06.14 21:11:29 | 000,000,000 | ---D | M] -- C:\League of Legends
[2009.12.12 08:37:48 | 000,000,000 | ---D | M] -- C:\logs
[2011.01.07 08:36:53 | 000,000,000 | ---D | M] -- C:\MyCaptures
[2012.06.26 04:56:13 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2008.01.21 04:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.06.27 08:21:00 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.06.26 12:39:46 | 000,000,000 | ---D | M] -- C:\ProgramData
[2009.08.31 09:00:18 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.09.29 19:07:26 | 000,000,000 | ---D | M] -- C:\Qoobox
[2012.05.18 06:30:09 | 000,000,000 | ---D | M] -- C:\Riot Games
[2012.06.26 19:52:17 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.09.17 14:40:33 | 000,000,000 | ---D | M] -- C:\TIVOLA
[2010.08.21 03:13:02 | 000,000,000 | R--D | M] -- C:\Users
[2012.06.29 14:35:06 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
[2007.01.18 22:09:54 | 000,623,616 | ---- | M] (Ivan Bischof ©2003 - 2005) -- C:\Users\WINSTEAD\AppData\Local\No23 Recorder.exe
 
< %systemroot%\*. /mp /s >
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\ERDNT\cache\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Windows\System32\drivers\iaStor.sys
[2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7b6e77f6\iaStor.sys
[2008.07.20 18:44:54 | 000,402,456 | ---- | M] (Intel Corporation) MD5=FC28E90F2204D8FD147FA9BFA8A51C01 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\ERDNT\cache\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2011.08.16 00:15:24 | 000,107,248 | ---- | M] () -- C:\Users\WINSTEAD\auditore.jpg
[2011.07.25 20:52:06 | 000,000,843 | ---- | M] () -- C:\Users\WINSTEAD\Avidemux 2.5 (32-bit).lnk
[2011.07.19 22:08:40 | 000,001,666 | ---- | M] () -- C:\Users\WINSTEAD\bewerbunggilde.txt
[2011.07.19 22:27:13 | 000,018,187 | ---- | M] () -- C:\Users\WINSTEAD\bewerbungilde.odt
[2010.08.29 05:48:24 | 635,731,968 | ---- | M] () -- C:\Users\WINSTEAD\Call of Duty CD-1.ISO
[2010.08.29 05:45:47 | 669,204,480 | ---- | M] () -- C:\Users\WINSTEAD\Call of Duty CD-2.ISO
[2011.07.16 00:24:27 | 000,000,524 | ---- | M] () -- C:\Users\WINSTEAD\Fraps.lnk
[2011.06.19 18:15:09 | 008,171,520 | ---- | M] () -- C:\Users\WINSTEAD\HitmanBloodMoney.exe
[2008.02.26 20:03:18 | 000,345,088 | ---- | M] () -- C:\Users\WINSTEAD\INFORMATION.doc
[2011.06.08 16:39:19 | 000,000,253 | ---- | M] () -- C:\Users\WINSTEAD\Launch Hitman Blood Money.lnk
[2011.06.18 20:07:01 | 000,123,304 | ---- | M] () -- C:\Users\WINSTEAD\Mutlu__Ornamental.ttf
[2012.06.30 20:13:24 | 008,650,752 | -HS- | M] () -- C:\Users\WINSTEAD\ntuser.dat
[2012.06.30 20:13:24 | 000,262,144 | -H-- | M] () -- C:\Users\WINSTEAD\ntuser.dat.LOG1
[2009.12.01 19:09:54 | 000,000,000 | -H-- | M] () -- C:\Users\WINSTEAD\ntuser.dat.LOG2
[2010.04.04 14:49:12 | 000,065,536 | -HS- | M] () -- C:\Users\WINSTEAD\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.04.04 14:49:12 | 000,524,288 | -HS- | M] () -- C:\Users\WINSTEAD\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2009.12.01 22:30:34 | 000,524,288 | -HS- | M] () -- C:\Users\WINSTEAD\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2012.06.29 14:59:48 | 000,065,536 | -HS- | M] () -- C:\Users\WINSTEAD\ntuser.dat{612640da-3fe7-11df-a314-00ff01000001}.TM.blf
[2011.10.27 21:07:00 | 000,524,288 | -HS- | M] () -- C:\Users\WINSTEAD\ntuser.dat{612640da-3fe7-11df-a314-00ff01000001}.TMContainer00000000000000000001.regtrans-ms
[2012.06.29 14:59:48 | 000,524,288 | -HS- | M] () -- C:\Users\WINSTEAD\ntuser.dat{612640da-3fe7-11df-a314-00ff01000001}.TMContainer00000000000000000002.regtrans-ms
[2009.12.01 19:09:54 | 000,000,020 | -HS- | M] () -- C:\Users\WINSTEAD\ntuser.ini
[2011.05.25 14:25:38 | 000,000,545 | ---- | M] () -- C:\Users\WINSTEAD\prototypef - Verknüpfung.lnk
[2011.07.18 15:20:36 | 000,000,019 | ---- | M] () -- C:\Users\WINSTEAD\tomaacc.txt
[2011.06.14 23:40:43 | 000,037,211 | ---- | M] () -- C:\Users\WINSTEAD\tombstone.jpg
[2011.06.05 21:54:33 | 000,075,647 | ---- | M] () -- C:\Users\WINSTEAD\wayne.xps
[2011.07.28 17:52:50 | 000,000,780 | ---- | M] () -- C:\Users\WINSTEAD\WeGame.lnk
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 
<           >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:8AB6C1D7

< End of report >
         
--- --- ---



Und die Extra Datei
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 30.06.2012 20:13:14 - Run 1
OTL by OldTimer - Version 3.2.53.0     Folder = C:\Users\WINSTEAD\Downloads\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19190)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,96 Gb Total Physical Memory | 2,44 Gb Available Physical Memory | 82,37% Memory free
6,13 Gb Paging File | 5,83 Gb Available in Paging File | 95,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 14,36 Gb Free Space | 9,97% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 263,76 Gb Free Space | 88,48% Space Free | Partition Type: NTFS
Drive E: | 144,04 Gb Total Space | 66,34 Gb Free Space | 46,06% Space Free | Partition Type: NTFS
 
Computer Name: DENIZ-GAMER-PC | User Name: WINSTEAD | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1CB87AF2-0C51-47E0-9437-7AFBFCCAABAB}" = lport=138 | protocol=17 | dir=in | app=system | 
"{2D9E1C29-8D5C-4A57-8454-387B725286E3}" = rport=138 | protocol=17 | dir=out | app=system | 
"{3703D0AF-B84D-40C9-8336-CA16123CF508}" = rport=445 | protocol=6 | dir=out | app=system | 
"{43DC5AD3-1169-498E-BFE9-58FACBC3FD53}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{473CD5D7-3863-4865-8B20-8A505280BA7A}" = lport=445 | protocol=6 | dir=in | app=system | 
"{50DF4002-3B2B-46FC-8207-1E8AE843F302}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{55C550D1-4D5B-475A-86AE-B2FBC8A43D6B}" = lport=24840 | protocol=6 | dir=in | name=bitcomet 24840 tcp | 
"{58A076BD-87F2-4D66-96DB-F28F971815AB}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{58C498C9-DAC3-402D-A8F6-4DC1B6DBFAC9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5AC6DC71-CFC7-4AC9-92D8-A61C297AF108}" = lport=139 | protocol=6 | dir=in | app=system | 
"{6F11105F-4313-4940-B861-7AA63D113B3E}" = lport=137 | protocol=17 | dir=in | app=system | 
"{96070083-2328-43E1-B80D-A9AB13C5D856}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{AEC0B015-C453-4882-BF1A-D1C28EE1A539}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{AFE9BB0F-EF73-4C5F-B7AE-D4DFAFEC3733}" = lport=24840 | protocol=17 | dir=in | name=bitcomet 24840 udp | 
"{B384F014-95FB-47CD-917C-228B12EDD422}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{C2AF3FA6-BE41-4720-AE49-88F963E0B7EF}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe | 
"{C3F0E2DB-64AF-4BDA-B6AC-C2A311EBD8E3}" = rport=139 | protocol=6 | dir=out | app=system | 
"{CB1A35B9-F84D-4574-A0B1-246C888D2B08}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{CE96D12C-9D45-4DA7-B4D9-91C1F8BF2FB9}" = rport=137 | protocol=17 | dir=out | app=system | 
"{D3ABEE67-614B-44AF-A357-AF49E4EABFE9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D510278D-DD06-47A9-AC97-612E2430DE20}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{DFF9D998-63FE-45A1-AE21-01E4380E0E83}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{E62C2D55-CA0C-440A-B841-1DEFAF926406}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F68D0D-FE49-4224-87C3-801A8A84DF56}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\kill_thrill733\counter-strike source\hl2.exe | 
"{05B6396A-F997-4E60-9557-F588FC2E7A35}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{0705F8D7-D8FE-41F9-88DF-3579C158D0A4}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{07F4B2CC-6C63-4B3F-ACBF-96444A58B0A2}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{092CA21D-F14E-47AE-A1A9-D39D3AEDFF9C}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{0D3A032E-7262-4DE6-A43E-402648EB6146}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdpjswx.exe | 
"{0D8AEE10-96C2-498F-AEB7-7902F449EFB9}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{0E17DDC5-B0A5-48E2-A2B5-9EA616D0CF1B}" = protocol=6 | dir=in | app=e:\assassins creed brotherhood\assassinscreedbrotherhood.exe | 
"{0F7FB17B-1B5F-4A35-A5D2-95D1E24EBE98}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
"{15A6BA65-A8A7-476B-83FE-7D8910A395BE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{253F3521-0A28-4842-B84A-97F0BEAE017E}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdptime.exe | 
"{355248D3-6231-4BB5-90E4-B0B8C04C1022}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{3F84CD54-76B8-4E68-B807-D0EF642BFE6B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{40034F73-AEAC-4054-834D-7364E0C9ACC4}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdppswx.exe | 
"{46CF45AF-E6DE-447C-9B30-B8C77D86D1E8}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\kill_thrill733\zombie panic! source\hl2.exe | 
"{491342E1-4B5B-45BB-AD69-D869D02C2B2B}" = protocol=17 | dir=in | app=e:\assassins creed brotherhood\assassinscreedbrotherhood.exe | 
"{4C06676B-2436-445B-9B14-82872CD4DBD4}" = protocol=6 | dir=in | app=e:\assassins creed brotherhood\acbsp.exe | 
"{4E639D2F-1873-4944-98E8-672BB6DD30CD}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"{4F0D7AC6-A8B8-414E-B44D-FF463A2A02F2}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{51084EDE-2F3F-4602-8EBC-4E5966EF13C2}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe | 
"{52F27F4D-1C26-4E5C-9D75-01C4ACDEDDDF}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{5728A53A-BA92-442C-A09F-0F164C187F90}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\mafia ii - public demo\launcher.exe | 
"{5A75CC01-17AA-4D0E-8A3E-56BB67D67FBA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\mafia ii - public demo\launcher.exe | 
"{5D000235-4036-425E-9F37-5759E5E48319}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{5E7E631B-A8F7-4F6D-AF57-1E332FFF5F8E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{62CDA439-6134-430A-97F6-5B0EFD6E2FC4}" = protocol=17 | dir=in | app=c:\windows\system32\lxdpcoms.exe | 
"{646EE326-3810-40FF-AC68-67C5004BD4C6}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{668E6084-8426-4B13-B069-6CA03492B283}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{6A613FD6-622B-49D3-9E61-5CF2BF6FA6B4}" = protocol=6 | dir=in | app=e:\world of warcraft\wow-3.2.0-dede-downloader.exe | 
"{6CC0DD16-E2CB-4B45-95BF-D9C152902ADB}" = protocol=6 | dir=in | app=c:\program files\eslwire\wire.exe | 
"{6D41BBC8-3313-46DE-AE4A-8441CFF5CF1E}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{6E7DE5F0-14F5-4A59-BB02-4AD4F7958F77}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{701B35CA-D94C-4C92-8529-7FF1223EDA4E}" = protocol=6 | dir=in | app=e:\assassins creed brotherhood\acbmp.exe | 
"{76A0196E-1F52-49C4-8FDB-0175E90EE86F}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{7BAD8B4B-2CB8-4585-B37E-CCA5DCDBA283}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{7C1A6D8F-66B8-4DFC-B457-17DD52EAF615}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\hudacs8\condition zero\hl.exe | 
"{7F40A20A-ECCF-4B08-AAE4-34BB517B06C5}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{7FD742B3-CF4D-4B0A-A728-1813D2DBEAA4}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{8037AFB3-875A-4059-8B4E-84B78823B6EC}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe | 
"{86947F6E-F986-4794-94D7-5349E962D43F}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | 
"{86AB5221-F056-4E52-9DC5-F94A59240ECC}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{893159D4-0A9C-4D9B-9A3A-4BC595E3105A}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
"{8AEC2F9D-C7C6-49BC-953F-68D6F0BCEBDE}" = protocol=17 | dir=in | app=c:\program files\lexmark z2300 series\lxdpmon.exe | 
"{91590610-429F-4DC1-BA45-01F9D96360F3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{964E4E81-63D5-40DA-AE95-64DED674E119}" = protocol=6 | dir=in | app=c:\windows\system32\lxdpcoms.exe | 
"{9880F677-ECFD-4FEA-A61C-F213F9959965}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | 
"{9B9B79F0-B62E-43E0-8661-D9C9F2810710}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{A0A38C9D-550A-4BFB-8083-F9F0012F92E9}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{A33B3BD8-457E-4B3F-B3FC-7FBD6B772537}" = protocol=17 | dir=in | app=e:\world of warcraft\wow-3.2.0-dede-downloader.exe | 
"{A4066840-DC5D-401E-8597-B1680155322E}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{A9F392D1-2DC1-4136-A565-7B8B9548C9E3}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{ADF8BE6F-B0F2-44F9-83C6-8AA681937B79}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{B625A0E0-DEC8-459B-A43C-06C5E8BC729C}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{C222D48B-D7FE-4CA8-9635-8688FF631E34}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{C2DFCA4E-03C3-4755-A2C0-DC0B0BB4B201}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"{C64DE381-D71C-440E-B0DF-D73C88828A9E}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe | 
"{CB45E558-95D1-4319-9781-A1359C5FF383}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\hudacs8\condition zero\hl.exe | 
"{CC7919EC-CDA8-4EB5-AA67-4DB9CA85E6E9}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{CD6E6B7A-B11B-4927-8C66-C8943C142300}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdptime.exe | 
"{D1419BC8-C654-42C0-9B6A-2522FEDBBBC2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{D5922E7B-D0BC-4FB1-B1EE-5CF6869C0B9D}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{D80C4913-C2EB-45BF-A35D-1055D5A42FFE}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.admin.exe | 
"{D8CFA560-F77D-47AD-91A6-9AC0322EB60B}" = protocol=17 | dir=in | app=e:\assassins creed brotherhood\uplaybrowser.exe | 
"{DCC1B138-B3E6-41C6-8C47-8E0E6F2C7617}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\kill_thrill733\zombie panic! source\hl2.exe | 
"{DDD72802-2BE4-43E5-8DD1-9940FBA6C1EA}" = protocol=6 | dir=in | app=e:\assassins creed brotherhood\uplaybrowser.exe | 
"{E1CBAB59-0776-42B2-8A29-232ED9CCCF9B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\kill_thrill733\counter-strike source\hl2.exe | 
"{E7BC0F42-8139-48E4-A226-EE254FD3E9F0}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{E9BEF488-52C7-4AB4-94FF-58CB45187A54}" = protocol=17 | dir=in | app=c:\program files\eslwire\wire.exe | 
"{EF06220A-A0FB-47AE-BAC6-B9A2EC0E7752}" = protocol=17 | dir=in | app=e:\assassins creed brotherhood\acbsp.exe | 
"{F08D054A-A864-488C-B911-897AE5E1022C}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdppswx.exe | 
"{F4C5AFD1-7198-40F0-8FE9-9B370179970A}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdpjswx.exe | 
"{F4D407A1-5116-48A5-9338-AF8C1FE7D2A7}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{F58B4368-26DB-4397-A0E3-409D253DF7C7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{F5E3270E-8524-4402-8482-CB46FA93141F}" = protocol=17 | dir=in | app=e:\assassins creed brotherhood\acbmp.exe | 
"{F75C38EB-926D-493A-B8C3-EC8C5CF30A5C}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.admin.exe | 
"{F7614567-AD59-4834-A841-71B9DA83C778}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{FAE34F0F-4211-4E62-AF32-A93EFF0B123E}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{FC1AF62E-72B2-4074-B9BF-5BB7D776F38D}" = protocol=6 | dir=in | app=c:\program files\lexmark z2300 series\lxdpmon.exe | 
"TCP Query User{00BB5841-BB4B-4D83-B060-2B5D4DD57EC0}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"TCP Query User{04DF311E-8D8E-4C05-B01A-0AF399C286AC}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{04F1ECCC-B447-423E-945C-639D985C625E}E:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=e:\world of warcraft\launcher.exe | 
"TCP Query User{2DF4B78F-3ABE-4102-A883-A1346D15342B}C:\users\winstead\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\winstead\appdata\roaming\gameranger\gameranger\gameranger.exe | 
"TCP Query User{39299E62-E009-4003-9010-9241FA9414EC}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | 
"TCP Query User{473FA156-4460-49F6-AC25-1CA276765C99}E:\mw2\call of duty modern warfare 2\iw4mp.dat" = protocol=6 | dir=in | app=e:\mw2\call of duty modern warfare 2\iw4mp.dat | 
"TCP Query User{620B02CA-3B79-46F9-9623-5765986627C3}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe | 
"TCP Query User{706F82CF-AE27-4196-8070-4B82FAA0AA95}D:\utherverse vww client\utherverse.exe" = protocol=6 | dir=in | app=d:\utherverse vww client\utherverse.exe | 
"TCP Query User{71163DA9-9218-404D-9883-136D686DE9C6}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | 
"TCP Query User{7AC3C2DE-1CCD-4183-BA57-9D6F99E6B614}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 
"TCP Query User{973A6876-75EF-4897-A778-45F1D1BEDFD9}D:\world of warcraft\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe | 
"TCP Query User{9D95E160-17FB-4016-806F-7320CEF30761}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe | 
"TCP Query User{A3C92768-6955-4893-944C-E31A86133A23}E:\mw2\call of duty modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=e:\mw2\call of duty modern warfare 2\iw4mp.exe | 
"TCP Query User{BE113D47-95BB-4BC6-9341-BE94ABF8E045}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"TCP Query User{C5A93EE4-DF66-429D-8117-B85F41EDEA1A}D:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"TCP Query User{C9020531-0FEB-4417-AFD4-248E5BE07C0B}C:\program files\steam\steamapps\plettstreetkilla\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\plettstreetkilla\counter-strike source\hl2.exe | 
"TCP Query User{D404AA67-9764-44FC-9382-A9B2F8759C4B}E:\world of warcraft\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe" = protocol=6 | dir=in | app=e:\world of warcraft\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe | 
"TCP Query User{FC10D606-295E-4DFC-B7A5-6F6C47618AC3}D:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe | 
"UDP Query User{02C110F6-2A02-496D-A279-E691B6047A15}E:\mw2\call of duty modern warfare 2\iw4mp.dat" = protocol=17 | dir=in | app=e:\mw2\call of duty modern warfare 2\iw4mp.dat | 
"UDP Query User{14882F66-283F-43C8-9633-4508100F532F}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 
"UDP Query User{1A07CC3C-DA43-47F9-B603-56B062BFEE4C}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{1B231770-CA6C-41C5-AF7A-0B189184C9EE}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe | 
"UDP Query User{488D4AE5-1AEA-446E-B525-2CDB1FA7C5AE}E:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=e:\world of warcraft\launcher.exe | 
"UDP Query User{4E76B4EB-7D82-42CD-8836-CD119E1EFEB7}D:\utherverse vww client\utherverse.exe" = protocol=17 | dir=in | app=d:\utherverse vww client\utherverse.exe | 
"UDP Query User{5C8870CC-3EDE-4964-914C-4D7B6FF33201}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | 
"UDP Query User{5E74609B-F539-492A-9763-D2D715C78D25}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe | 
"UDP Query User{660F752A-B97E-4249-B1BA-C70C9F5B55D5}D:\world of warcraft\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe | 
"UDP Query User{66192A51-FC81-4F22-B59F-4D17383B062E}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | 
"UDP Query User{850FF7A3-7107-4617-BEEC-CD4A1C76E7B0}D:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe | 
"UDP Query User{9EB5303A-ACA8-4627-AB0C-26CFB84E2356}D:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"UDP Query User{BC3B8B20-7481-47B1-A39B-8DC6BC2EB235}C:\program files\steam\steamapps\plettstreetkilla\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\plettstreetkilla\counter-strike source\hl2.exe | 
"UDP Query User{C63888DD-AC9D-448F-A0EB-8629CDAB8681}E:\world of warcraft\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe" = protocol=17 | dir=in | app=e:\world of warcraft\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe | 
"UDP Query User{D89CDB8F-12C7-48FC-8916-38B8E15D622B}C:\users\winstead\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\winstead\appdata\roaming\gameranger\gameranger\gameranger.exe | 
"UDP Query User{E1C3605E-1E1D-4E99-B512-9B6FADAD99C9}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"UDP Query User{E3ECCB73-5324-46B1-87A0-6246AD2997BF}E:\mw2\call of duty modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=e:\mw2\call of duty modern warfare 2\iw4mp.exe | 
"UDP Query User{F0962A17-345E-4210-A4EC-2DFB6879ED1A}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00DDD9E0-E95F-4470-8767-26B76164A315}" = LesefixPRO
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{10F498FF-5392-4DF3-8F73-FE172A9F3800}" = Winbond CIR Device Drivers
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}" = OviMPlatform
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{29F563F4-8807-4496-8463-441EAA0E96AB}" = PC Connectivity Solution
"{2D10FC46-1D96-44C4-8855-85F21B9B011E}" = Ovi Desktop Sync Engine
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31A5ED9F-E07B-4F6E-8179-27325BAAC502}" = AuthenTec Fingerprint Sensor Minimum Install
"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Intel(R) PROSet/Wireless WiFi-Software
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5928359F-BF46-4646-BF19-B64E55171EB5}_is1" = FILSHtray Version 0.11
"{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1" = Driver Sweeper Version 2.6.0
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{639673E9-D53F-44F4-A046-485C8A6ADA15}" = Paint.NET v3.5.6
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{8070452B-15D6-4169-B9B9-FCC3B54588AD}" = Nokia Ovi Suite
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F59C3AE-81B0-4EF6-9762-D674BB079705}" = Nokia Software Updater
"{A0D65C73-F2C5-432F-8788-90F8A2E99B98}" = Nokia Ovi Suite Software Updater
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A64A5576-D862-44F8-89DC-2B17FCC9B86E}" = Broadcom Gigabit Integrated Controller
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7E2A724-2774-4AC2-9F0A-B58C7319B6E6}" = Sony Vegas Pro 8.0
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C05905B9-775A-4894-A4DF-B57C15250958}" = Razer Imperator
"{C4B045DB-C2C0-4A05-8DA5-754B4733EE31}" = Nokia Ovi One Touch Access
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F722209B-739E-40E4-ADB1-062BD032A0DB}" = Personal ID
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"12345_is1" = WeGame Client 2.4.2.0
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"AC3Filter_is1" = AC3Filter 1.63b
"Acer Acer Bio Protection 6.0.00.13" = Acer Bio Protection

AAA 6.0.00.13
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AnalogX AutoTune" = AnalogX AutoTune
"ASIO4ALL" = ASIO4ALL
"aTube Catcher" = aTube Catcher
"Audiograbber" = Audiograbber 1.83 SE 
"Avidemux 2.5" = Avidemux 2.5 (32-bit)
"Avira AntiVir Desktop" = Avira Free Antivirus
"BitComet" = BitComet 1.27
"CamStudio" = CamStudio
"CCleaner" = CCleaner
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"Collab" = Collab
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"dBpowerAMP Music Converter" = dBpowerAMP Music Converter
"Debut" = Debut Video Capture Software
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"EADM" = EA Download Manager
"ESL Wire_is1" = ESL Wire 1.9.6
"eSpeak_is1" = eSpeak version 1.45.03
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"Fraps" = Fraps
"Free FLV Converter_is1" = Free FLV Converter V 6.92.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.17.319
"GridVista" = Acer GridVista
"Gutscheinmieze - Toolbar" = Gutscheinmieze - Toolbar
"ICQToolbar" = ICQ Toolbar
"IL Download Manager" = IL Download Manager
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"IsoBuster_is1" = IsoBuster 2.8
"LameACM" = Lame ACM MP3 Codec
"Lexmark Z2300 Series" = Lexmark Z2300 Series
"LHTTSGED" = L&H TTS3000 Deutsch
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 6.0.2 (x86 de)" = Mozilla Firefox 6.0.2 (x86 de)
"Mumble" = Mumble and Murmur
"NewBlue Art Blends" = NewBlue Art Blends
"NewBlue Art Effects" = NewBlue Art Effects
"NewBlue Motion Blends" = NewBlue Motion Blends
"NewBlue Motion Effects" = NewBlue Motion Effects
"Nokia Ovi One Touch Access" = Nokia Ovi One Touch Access 6.85.3019
"Nokia Ovi Suite" = Nokia Ovi Suite
"NSS" = Norton Security Scan
"PoiZone" = PoiZone
"ProInst" = Intel PROSet Wireless
"PunkBusterSvc" = PunkBuster Services
"Quick Screen Capture 3.0_is1" = Quick Screen Capture 3.0
"Quick Screen Recorder 1.5_is1" = Quick Screen Recorder 1.5
"Secret City" = Secret City
"SnagIt5" = SnagIt 5
"softonic" = Softonic toolbar  on IE and Chrome
"SplitCam" = SplitCam
"ST6UNST #1" = BEWERBUNGS-MASTER
"Steam App 17500" = Zombie Panic Source
"Steam App 240" = Counter-Strike: Source
"Steam App 80" = Counter-Strike: Condition Zero
"Super Mp3 Recorder Professional_is1" = Super Mp3 Recorder Professional v6.2
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Toxic Biohazard" = Toxic Biohazard
"Tunatic" = Tunatic
"TuneUp Utilities" = TuneUp Utilities
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"Unlocker" = Unlocker 1.9.0
"uTorrent" = µTorrent
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Virtual DJ Home - Atomix Productions" = Virtual DJ Home - Atomix Productions
"VLC media player" = VLC media player 1.1.5
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)
"XfireXO Toolbar" = XfireXO Toolbar
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 1.8.1
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"d6b51503b0cbcd0d" = Eternal-WoW! Launcher
"EA SPORTS Game Face Browser Plugin" = EA SPORTS Game Face Browser Plugin 1.5.3.0
"EA SPORTS Gameface Browser Plugin" = EA SPORTS Gameface Browser Plugin 1.3.1.0
"Facebook Plug-In" = Facebook Plug-In
"GameRanger" = GameRanger
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 28.06.2012 20:06:36 | Computer Name = Deniz-Gamer-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 28.06.2012 20:07:04 | Computer Name = Deniz-Gamer-PC | Source = EventSystem | ID = 4609
Description = 
 
Error - 29.06.2012 08:25:02 | Computer Name = Deniz-Gamer-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 29.06.2012 08:25:32 | Computer Name = Deniz-Gamer-PC | Source = EventSystem | ID = 4609
Description = 
 
Error - 29.06.2012 08:33:02 | Computer Name = Deniz-Gamer-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 29.06.2012 08:39:19 | Computer Name = Deniz-Gamer-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 29.06.2012 08:43:51 | Computer Name = Deniz-Gamer-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 29.06.2012 08:44:38 | Computer Name = Deniz-Gamer-PC | Source = EventSystem | ID = 4609
Description = 
 
Error - 30.06.2012 14:00:56 | Computer Name = Deniz-Gamer-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 30.06.2012 14:01:57 | Computer Name = Deniz-Gamer-PC | Source = EventSystem | ID = 4609
Description = 
 
[ Media Center Events ]
Error - 26.10.2009 22:46:32 | Computer Name = Deniz-Gamer-PC | Source = Media Center Guide | ID = 0
Description = 
 
Error - 27.10.2009 02:43:52 | Computer Name = Deniz-Gamer-PC | Source = Media Center Guide | ID = 0
Description = 
 
Error - 27.10.2009 03:05:12 | Computer Name = Deniz-Gamer-PC | Source = Media Center Guide | ID = 0
Description = 
 
Error - 27.10.2009 04:17:36 | Computer Name = Deniz-Gamer-PC | Source = Media Center Guide | ID = 0
Description = 
 
Error - 29.10.2009 10:20:50 | Computer Name = Deniz-Gamer-PC | Source = Media Center Guide | ID = 0
Description = 
 
Error - 29.10.2009 10:21:31 | Computer Name = Deniz-Gamer-PC | Source = Media Center Guide | ID = 0
Description = 
 
Error - 29.10.2009 10:27:51 | Computer Name = Deniz-Gamer-PC | Source = Media Center Guide | ID = 0
Description = 
 
Error - 29.10.2009 10:29:39 | Computer Name = Deniz-Gamer-PC | Source = Media Center Guide | ID = 0
Description = 
 
Error - 29.10.2009 10:31:10 | Computer Name = Deniz-Gamer-PC | Source = Media Center Guide | ID = 0
Description = 
 
Error - 29.10.2009 10:35:47 | Computer Name = Deniz-Gamer-PC | Source = Media Center Guide | ID = 0
Description = 
 
[ System Events ]
Error - 30.06.2012 13:58:49 | Computer Name = Deniz-Gamer-PC | Source = Ntfs | ID = 262281
Description = Der Transaktionsressourcen-Manager auf Volume "D:" konnte aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 30.06.2012 14:00:23 | Computer Name = Deniz-Gamer-PC | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 30.06.2012 14:00:56 | Computer Name = Deniz-Gamer-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 30.06.2012 14:00:56 | Computer Name = Deniz-Gamer-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 30.06.2012 14:01:09 | Computer Name = Deniz-Gamer-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = 
 
Error - 30.06.2012 14:01:50 | Computer Name = Deniz-Gamer-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 30.06.2012 14:01:57 | Computer Name = Deniz-Gamer-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 30.06.2012 14:01:58 | Computer Name = Deniz-Gamer-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 30.06.2012 14:01:59 | Computer Name = Deniz-Gamer-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 30.06.2012 14:01:59 | Computer Name = Deniz-Gamer-PC | Source = DCOM | ID = 10005
Description = 
 
[ TuneUp Events ]
Error - 28.06.2012 19:51:18 | Computer Name = Deniz-Gamer-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-06-29 01:51:18', '\device\harddiskvolume2\program
 files\malwarebytes' anti-malware\mbamservice.exe','3932',0)
 
Error - 28.06.2012 19:56:27 | Computer Name = Deniz-Gamer-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 28.06.2012 19:56:36 | Computer Name = Deniz-Gamer-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-06-29 01:56:36', '\device\harddiskvolume2\program
 files\malwarebytes' anti-malware\mbamgui.exe','4224',0)
 
Error - 28.06.2012 20:01:28 | Computer Name = Deniz-Gamer-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 28.06.2012 20:02:22 | Computer Name = Deniz-Gamer-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-06-29 02:02:22', '\device\harddiskvolume2\program
 files\malwarebytes' anti-malware\mbamgui.exe','1732',0)
 
Error - 29.06.2012 08:33:11 | Computer Name = Deniz-Gamer-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 29.06.2012 08:33:22 | Computer Name = Deniz-Gamer-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-06-29 14:33:22', '\device\harddiskvolume2\program
 files\malwarebytes' anti-malware\mbamgui.exe','4500',0)
 
Error - 29.06.2012 08:35:52 | Computer Name = Deniz-Gamer-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-06-29 14:35:52', '\device\harddiskvolume2\program
 files\malwarebytes' anti-malware\mbamservice.exe','5408',0)
 
Error - 29.06.2012 08:39:33 | Computer Name = Deniz-Gamer-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 29.06.2012 08:39:44 | Computer Name = Deniz-Gamer-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-06-29 14:39:44', '\device\harddiskvolume2\program
 files\malwarebytes' anti-malware\mbamgui.exe','4412',0)
 
 
< End of report >
         
--- --- ---


Edit: Die genaue Fehlermeldung hab ich jetzt herausgefunden sie lautet

C:\Users\WINSTEAD\AppData\Local\Temp\wpbt0.dll

Geändert von deniznpl (30.06.2012 um 19:48 Uhr) Grund: Etwas hat gefehlt

Alt 02.07.2012, 20:15   #5
markusg
/// Malware-holic
 
Computer hängt sich nach dem Start auf! - Standard

Computer hängt sich nach dem Start auf!



hi
öffne malwarebytes, logdateien poste bitte alle berichte.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 03.07.2012, 08:19   #6
deniznpl
 
Computer hängt sich nach dem Start auf! - Standard

Computer hängt sich nach dem Start auf!



Da sind 13 Textdateien soll ich sie alle hier reinposten?

Alt 03.07.2012, 16:55   #7
markusg
/// Malware-holic
 
Computer hängt sich nach dem Start auf! - Standard

Computer hängt sich nach dem Start auf!



kannst ja ein archiv erstellen und dieses anhängen, bzw nur die logs mit funden posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 03.07.2012, 18:41   #8
deniznpl
 
Computer hängt sich nach dem Start auf! - Standard

Computer hängt sich nach dem Start auf!



Hab jetzt mal alle Logs durchgeguckt und hier sind die mit den Funden....

Alt 03.07.2012, 19:21   #9
markusg
/// Malware-holic
 
Computer hängt sich nach dem Start auf! - Standard

Computer hängt sich nach dem Start auf!



C:\Users\WINSTEAD\DATEIENN\SonyVegasKeygen.exe (RiskWare.Tool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
die verwendung von keygens ist nicht legal, dies unterstützen wir nicht, da gibts nur hilfe beim formatieren und neu aufsetzen des pcs
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 03.07.2012, 19:27   #10
deniznpl
 
Computer hängt sich nach dem Start auf! - Standard

Computer hängt sich nach dem Start auf!



Der Fehler kommt aber nicht wegen dieser Datei. Hab das schon länger aufm PC.

Alt 03.07.2012, 20:13   #11
markusg
/// Malware-holic
 
Computer hängt sich nach dem Start auf! - Standard

Computer hängt sich nach dem Start auf!



ist unerheblich. hab dir ja die gründe genannt
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 04.07.2012, 14:25   #12
deniznpl
 
Computer hängt sich nach dem Start auf! - Standard

Computer hängt sich nach dem Start auf!



Was meinst du damit? Du wirst mir nicht helfen weil ich ein illegales Programm aufm Lappy hab ?

Alt 04.07.2012, 14:27   #13
markusg
/// Malware-holic
 
Computer hängt sich nach dem Start auf! - Standard

Computer hängt sich nach dem Start auf!



keygeaja, die software die du damit zur vollversion machen wolltest und die du dank des keygens nicht bezahlen musstest ist dadurch illegal erworben worden, dies ist strafbar und das unterstützen wir nicht.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 04.07.2012, 15:13   #14
deniznpl
 
Computer hängt sich nach dem Start auf! - Standard

Computer hängt sich nach dem Start auf!



Ja das streite ich ja auch nicht ab. Hatte den Keygen für Sony Vegas benutzt ein Videobearbeitungsprogramm. Asche über mein Haupt. Werdet ihr mir jetzt deswegen nicht helfen? Menschen machen nunmal Fehler keiner ist perfekt.

Alt 04.07.2012, 15:37   #15
markusg
/// Malware-holic
 
Computer hängt sich nach dem Start auf! - Standard

Computer hängt sich nach dem Start auf!



du kennst die foren regeln, hättest den thread über keygens lesen können, denn er ist oben angepinnt.
hast du nicht, und deswegen sind das die konsequenzen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Computer hängt sich nach dem Start auf!
.dll, abgesicherten, anti, computer, das angegebene modul wurde nicht gefunden, fake, fehler, gestartet, gvu virus, hinzufügen, hängt, hängt sich auf, klicke, klicken, komische, laden, leute, maus, modul, modus, natürlich, nicht mehr, nichts, programme, sekunden, start, virus, ähnliches



Ähnliche Themen: Computer hängt sich nach dem Start auf!


  1. Computer hängt sich beim ersten Start nach einiger Zeit auf
    Alles rund um Windows - 13.10.2015 (2)
  2. PC hängt sich auf - Windows Benachrichtigungsdienst start nicht
    Plagegeister aller Art und deren Bekämpfung - 11.08.2015 (56)
  3. Laptop hängt sich beim Start auf(Windows 7)
    Alles rund um Windows - 21.05.2014 (9)
  4. Nach Trojaner-Entfernung hängt PC beim Start bei cmd.exe
    Log-Analyse und Auswertung - 20.08.2013 (19)
  5. Nach Trojaner-Entfernung hängt PC beim Start bei cmd.exe
    Log-Analyse und Auswertung - 29.07.2013 (9)
  6. Nach Trojaner-Entfernung hängt PC beim Start in der cmd box
    Log-Analyse und Auswertung - 22.06.2013 (15)
  7. PC hängt nach Start immer ein paar Minuten oder länger
    Log-Analyse und Auswertung - 21.06.2013 (10)
  8. Nach Trojaner-Entfernung hängt PC beim Start bei cmd.exe
    Log-Analyse und Auswertung - 17.06.2013 (5)
  9. Computer hängt sich auf / bluescreen nach einer installtion und deinstalltion von bitdefender
    Plagegeister aller Art und deren Bekämpfung - 31.01.2013 (7)
  10. Computer hängt sich nach dem Start auf!
    Alles rund um Windows - 28.06.2012 (3)
  11. Computer hängt sich beim Start und bei Spielen auf
    Netzwerk und Hardware - 14.04.2010 (62)
  12. mein pc hängt sich nach dem start auf
    Alles rund um Windows - 16.12.2009 (1)
  13. Laptop hängt sich nach Start gleich wieder auf
    Alles rund um Windows - 16.06.2009 (0)
  14. Explorer hängt sich bei fast jedem Start auf
    Alles rund um Windows - 29.03.2008 (9)
  15. inetexplorer hängt sich nach start auf :(
    Log-Analyse und Auswertung - 16.12.2007 (8)
  16. Windows hängt sich kurz nach dem start auf...
    Alles rund um Windows - 29.09.2006 (3)
  17. System hängt nach Start, Log hängt an
    Log-Analyse und Auswertung - 07.04.2006 (2)

Zum Thema Computer hängt sich nach dem Start auf! - Hey Leute also ich hab vor 2 Tagen den GVU Virus bekommen. Wusste natürlich sofort, dass es ein Fake ist da ich so etwas ähnliches schon mal hatte. Ich hab - Computer hängt sich nach dem Start auf!...
Archiv
Du betrachtest: Computer hängt sich nach dem Start auf! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.