Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: ich habe den ICQ-Virus

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.06.2010, 18:43   #1
Julia-G.
 
ich habe den ICQ-Virus - Standard

ich habe den ICQ-Virus



Hallo,
ich hab mir den Icq-virus eingefangen & ich weiß nicht wie ich ihn wieder losbekomme. kann mir jemand helfen?


mfg julia

Alt 10.06.2010, 22:20   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
ich habe den ICQ-Virus - Standard

ich habe den ICQ-Virus



Hallo und

bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 11.06.2010, 15:43   #3
Julia-G.
 
ich habe den ICQ-Virus - Standard

ich habe den ICQ-Virus



OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 11.06.2010 15:30:35 - Run 1
OTL by OldTimer - Version 3.2.6.0     Folder = C:\Users\Julia\Downloads
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,77 Gb Total Space | 5,62 Gb Free Space | 8,05% Space Free | Partition Type: NTFS
Drive D: | 69,52 Gb Total Space | 51,12 Gb Free Space | 73,54% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: JULIA-HOME
Current User Name: Julia
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0 -- ()
"InternetSettingsDisableNotify" = 0 -- ()
"AutoUpdateDisableNotify" = 0 -- ()
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0 -- ()
"AntiSpywareOverride" = 0 -- ()
"FirewallOverride" = 0 -- ()
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0 -- ()
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0 -- ()
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0 -- ()
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\fotobuch.de AG\Designer 2.0\Designer.exe" = C:\Program Files\fotobuch.de AG\Designer 2.0\Designer.exe:*:Designer.exe -- File not found
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0602F28C-F203-4194-8BFB-C1AE0A8B4D44}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{07D93EF9-FA1D-48F3-A662-D0C551EC01E2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0BC3D5C4-80B3-47D3-B8E6-13A1B29BBEB2}" = rport=139 | protocol=6 | dir=out | app=system | 
"{176354AC-0591-4F4F-AE39-315E7A038287}" = lport=138 | protocol=17 | dir=in | app=system | 
"{289B1FEB-9E48-41D0-B740-DD5F8247A4D7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2A636677-52A0-4F90-8FA2-6E1832520A4A}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{2F63B287-54A0-4B31-BC13-D488F91D804B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{36B1BBBC-3FA4-4C8E-B453-6B5B0493CE4E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{4B4BB51D-A51A-4DEB-9FF4-CAABCE8BCA6B}" = lport=137 | protocol=17 | dir=in | app=system | 
"{4EA19635-5532-4776-A66D-59C38DA86AAF}" = rport=445 | protocol=6 | dir=out | app=system | 
"{6E780EA6-DC3D-4A8D-B7BE-16C2121BDAA8}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{70A53153-0644-485C-AA75-3DB0CBC16EB2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{7ACFF061-624A-4D99-9065-AB536965329D}" = lport=445 | protocol=6 | dir=in | app=system | 
"{839F8DB1-DBB9-4EEB-90AC-B0590CF13463}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{887BA9DF-E115-4E8F-9C6F-ADB255415AE2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8F37165A-369E-45D8-8320-0389766D896B}" = lport=139 | protocol=6 | dir=in | app=system | 
"{926B7149-BDC8-4192-A8F6-6C38903CE067}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A2AB894F-2AE3-42A2-B88C-B206764CF702}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{BF83B286-97E6-417F-BC63-79763941FEEC}" = rport=137 | protocol=17 | dir=out | app=system | 
"{C1C03671-8749-4691-9636-0DB1D245670F}" = rport=138 | protocol=17 | dir=out | app=system | 
"{D4A9BEC3-E7E0-464F-9817-3C10272DA5A1}" = lport=10243 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00CF1D9C-62C9-4272-97A8-B22D7B90EC7F}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{01A91341-1583-4993-999E-AA187F019139}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{0E7404BC-82D3-44BA-97D0-C2C4F802073E}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe | 
"{1886FEA2-D083-4853-B24A-BDFEDC4551BB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{20A87C19-4C7D-45EC-AA1D-A4BCACAFCBC5}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{260B5341-1830-4B87-9ACD-4B40D6A75231}" = protocol=6 | dir=out | app=system | 
"{26122130-B5C0-440D-A7C7-F064D0C3FDAB}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe | 
"{2BBBBA9E-A6EA-4028-8CDC-D8149F617319}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | 
"{2CF660F9-043D-4D44-AAA9-CC8BFFA73B08}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\playmovie.exe | 
"{2FE687CD-69B4-4000-9C49-A375970046B5}" = dir=in | app=c:\program files\acer arcade deluxe\dvdivine\dvdivine.exe | 
"{374A9A80-8424-4E97-BA38-80B8485E4FA0}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe | 
"{47B60C99-CD57-4D15-B032-32C2DEB185B2}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\pmvservice.exe | 
"{4A063829-9864-4250-90FB-D03B196307D5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{56C75B83-630D-4A34-B229-C5A031B34093}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6E48BCEF-0A7C-4EAC-8F9D-8FFC7B2E8C9A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{78738716-5FEE-4276-A892-53117EBE7A9F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{87BFA719-F2D7-43B6-BF2A-159AF1CF7283}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{8A8FFA2B-2378-4B33-B107-74CFCECECE02}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{8E7A26BC-4E72-453F-A543-9AAFEC11D844}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{95A42002-EC4B-4023-A653-D32B5A0831FF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{975AFC61-FE68-4CF6-A65A-564A9F5D9D35}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{9ABF3027-2CFA-4824-8121-28DDCF0AF8CB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{9F8F4367-ED82-4C10-8E18-329FFEA0EDBA}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | 
"{A0E0D9ED-FDDA-449E-87CA-C4864C343C4F}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{A81052FD-C9EE-4479-9457-4A27CF3C731F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A9A89D73-24CF-459E-8FC6-A7DEABB9B5D5}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{AC1C30D1-9E32-418A-9020-946BEAE24E4B}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{C953C160-D1E1-40F6-9B5F-63F435EDF951}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{C9A6E4AE-1C25-469A-883C-F31DAAA87F27}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{D3B8284D-42DF-4B36-969D-54DF81218438}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D974DD32-2CFE-4153-AB63-A79ECD2BCDAE}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{E0E15590-6A38-461F-BA54-930C47CD9B0C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{E13DAC76-9080-488E-B14A-A09E8C7C96A0}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | 
"{E1CD9F7E-D5A5-4655-BB03-4FA1D04048A0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E2061A89-8B2B-4C34-A0F5-85D6D996A2B4}" = dir=in | app=c:\program files\acer arcade deluxe\dv wizard\dv wizard.exe | 
"{E76074DF-3EC7-4C1A-B3F6-FA04A497620D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F56A074B-A43B-4EAA-A4E1-28CD8197A223}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{FB05615A-3F6C-48B2-912A-FECB096B4D62}" = dir=in | app=c:\program files\acer arcade deluxe\videomagician\videomagician.exe | 
"{FC35AC74-8D24-478F-A74F-18AFA8C771BB}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"TCP Query User{5E470293-36AE-4C98-9BA9-348E2942B63C}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{93E2721A-B0D3-4B28-9E6B-81D56BE98BD2}C:\program files\icq7.0\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | 
"TCP Query User{A66E222B-C5CF-4B44-AB87-8573773D3E66}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe | 
"TCP Query User{AF8E29D3-A82F-4467-B046-05CD4A05E1EB}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"UDP Query User{93280175-E90C-41A0-A33B-EE3E1ED85C08}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe | 
"UDP Query User{A418CA4F-3206-4F66-8B08-A09545AF5CCE}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{B6A2D2C2-B5B5-4519-B537-97E147B1BF70}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"UDP Query User{BD64CF19-2498-429B-B560-4B05D9ECFC48}C:\program files\icq7.0\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06EA4395-0EB6-4CEB-88D3-4AA320F8F6EA}" = Zlango Pic-Talk Setup
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08021248-88B6-E67B-CFD0-7B2C690CF37F}" = Catalyst Control Center Localization Russian
"{0ABBC013-7CF3-FEAE-8851-A4A290DC3D93}" = Catalyst Control Center Localization Norwegian
"{0E290898-A92A-682B-84BC-791E4B51D39E}" = Catalyst Control Center Localization Finnish
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{196654EB-009F-6E50-7BAB-CE60C89AE403}" = ccc-core-static
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2758691A-2CDE-4942-A4AC-0E8F61FE2067}" = USB Video Device Driver
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2A5050FE-B629-D35A-38F3-89B353477674}" = Catalyst Control Center Localization Spanish
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32D4851C-399A-4C02-A961-6A56178004B9}" = Hama Webcam Suite
"{34ED728D-ECE5-4A0D-9963-B54B318D0932}" = ccc-Branding
"{3838E2BF-91E8-730A-9C1C-4D73A9A08A91}" = Catalyst Control Center Graphics Light
"{3DB8A7B1-2EEB-56AF-A877-5742D2B18BEC}" = Catalyst Control Center Localization Dutch
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{429CEC54-6DE7-C63D-EB89-518AAB6F0E35}" = Catalyst Control Center Localization Korean
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D4C8490-9048-4E2C-AF1B-3866D6BC9EC8}" = WEB.DE Firefox Paket
"{4E55CE14-FC19-0D1F-E603-9CB92DBD9E7E}" = Catalyst Control Center Localization Italian
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{5204EE13-A206-ED46-8AD6-5102491DE3B6}" = Catalyst Control Center Localization Portuguese
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{54ADF8E0-E14A-6C4E-9D60-51637D6576BE}" = Catalyst Control Center Localization Czech
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5D95AD35-368F-47D5-B63A-A082DDF00116}" = Microsoft Foto 2006 Standard Edition Editor
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62355C0D-A1AC-0C50-582A-83F08692D1A4}" = Catalyst Control Center Localization Danish
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{691F4068-81BF-49E3-B32E-FE3E16400112}" = Microsoft Foto 2006 Standard Edition Bibliothek
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A904BEA-D1B5-3077-E82D-239262DCE266}" = Catalyst Control Center Localization Thai
"{6CF2361C-E085-E644-9503-D2755C98D1B7}" = Catalyst Control Center Localization German
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7A2E65F0-FCD3-50F7-CD3A-D17E01D9B22D}" = Catalyst Control Center Localization Japanese
"{7CD88B0E-CC14-20C4-AAD7-310883457848}" = ccc-utility
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{802E72D3-BAD8-44A6-B51C-7E911144A870}" = Hama WEBCAM E110
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111473353}" = Dynasty
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{86D6A20D-3910-4441-A3E5-EB6977251C86}" = Samsung USB Driver
"{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}" = SweetIM Toolbar for Internet Explorer 3.4
"{8DAE66B9-3D2C-870A-AC1F-D98D56B2E48D}" = Catalyst Control Center Localization Chinese Standard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90F1DDBF-0C56-44B0-A920-72CC90C51565}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B850277-4198-1D44-B7BD-CA8D4DCEE620}" = Catalyst Control Center Localization Polish
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{9FDBB8DB-753F-6482-DB5E-2B7DA5577053}" = Catalyst Control Center Localization Chinese Traditional
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6B90148-02C5-4fd3-8D7A-EF2386835CB9}" = F4100_Help
"{A6C265BE-E2C1-483e-843D-6B4C1E912AE0}" = F4100
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AEA296D6-0F45-5B8E-FA16-6D553D5E6149}" = Catalyst Control Center Core Implementation
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B4509BCE-7BAD-4a8c-B1AE-4D0CE7467C42}" = F4100_doccd
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{BFC7B8B9-37A3-F118-8929-8D6C0E52E9B2}" = Catalyst Control Center Localization Hungarian
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C28512D7-66A1-2EF6-94F3-6A458BD76419}" = Catalyst Control Center Localization Greek
"{C99B5FE7-A85C-77A6-64BD-644358B01A45}" = Catalyst Control Center Localization Turkish
"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE28E6F5-4A03-4DED-B954-D0779B47FFBF}" = Works Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{CE992AB2-28A0-4A92-01B8-970606F7B2A4}" = Catalyst Control Center Localization French
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D8FC2439-A2CA-6EEC-523D-8470C7967533}" = Catalyst Control Center Localization Swedish
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E848C9C0-E6FF-4A3F-9D67-AE53AC3628FE}" = SweetIM for Messenger 2.7
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1249136-F629-460E-FC20-F5D4E3F7C180}" = ATI Catalyst Install Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ashampoo ClipFinder HD_is1" = Ashampoo ClipFinder HD 2.03
"ATI Uninstaller" = ATI Uninstaller
"Auto Movie Creator_is1" = Auto Movie Creator 3.2
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"cFosSpeed" = cFosSpeed v5.00
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.3
"Google Updater" = Google Updater
"GridVista" = Acer GridVista
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"ICQToolbar" = ICQ Toolbar
"ICQ-Tools_is1" = mehr ICQ Statussymbole
"Image Analyzer" = Image Analyzer
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"LManager" = Launch Manager
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mobile Partner" = Mobile Partner
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"PictureItPrem_v11" = Microsoft Foto 2006 Standard Edition
"PROR" = Microsoft Office Professional 2007-Testversion
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
"WEB.DE Firefox Browser Update" = WEB.DE Firefox Browser Update
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Works2006Setup" = Setup-Start von Microsoft Works Suite 2006
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Zylom Games Player Plugin" = Zylom Games Player Plugin
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 10.06.2010 13:07:13 | Computer Name = Julia-Home | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description = 
 
Error - 10.06.2010 13:07:14 | Computer Name = Julia-Home | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description = 
 
Error - 10.06.2010 13:50:05 | Computer Name = Julia-Home | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 
 
Error - 10.06.2010 14:03:37 | Computer Name = Julia-Home | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description = 
 
Error - 10.06.2010 14:12:35 | Computer Name = Julia-Home | Source = Avira AntiVir | ID = 4122
Description = Die Datei AVPREF.DLL konnte nicht geladen werden.  Fehlercode: 0x45a
 
Error - 10.06.2010 14:21:30 | Computer Name = Julia-Home | Source = Web.de Update Service (AdminSVC) | ID = 100
Description = SetServiceStatus() failed error: '13'   Modul: adminsvcff     For more information,
 see Help and Support Service at hxxp://www.web.de    
 
Error - 10.06.2010 15:13:22 | Computer Name = Julia-Home | Source = Web.de Update Service (AdminSVC) | ID = 100
Description = SetServiceStatus() failed error: '13'   Modul: adminsvcff     For more information,
 see Help and Support Service at hxxp://www.web.de    
 
Error - 11.06.2010 03:23:54 | Computer Name = Julia-Home | Source = Avira AntiVir | ID = 4122
Description = Die Datei AVPREF.DLL konnte nicht geladen werden.  Fehlercode: 0x45a
 
Error - 11.06.2010 06:07:42 | Computer Name = Julia-Home | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description = 
 
Error - 11.06.2010 06:07:43 | Computer Name = Julia-Home | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description = 
 
[ Media Center Events ]
Error - 18.04.2008 13:01:28 | Computer Name = Julia-Home | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight
 gescheitert.
 
[ System Events ]
Error - 10.06.2010 14:11:58 | Computer Name = JULIA-HOME | Source = WinDefend | ID = 2004
Description = Beim Laden der Signaturen wurde von %%827 ein Fehler festgestellt.
 Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen.     Versuchte
 Signaturen: %%824     Fehlercode: 0x8050a001     Fehlerbeschreibung: Das Programm kann keine
 Definitionsdateien finden, die dazu dienen, unerwünschte Software zu erkennen. 
Überprüfen Sie, ob aktualisierte Definitionsdateien vorhanden sind, und versuchen
 Sie es dann erneut. Weitere Informationen zum Installieren von Updates finden Sie
 unter "Hilfe und Support".      Ladende Signaturen: %%825     Ladene Signaturversion: 1.83.1268.0

	Ladende
 Modulversion: 1.1.5802.0
 
Error - 10.06.2010 14:12:43 | Computer Name = Julia-Home | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 10.06.2010 14:21:27 | Computer Name = Julia-Home | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 10.06.2010 14:21:29 | Computer Name = Julia-Home | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 10.06.2010 14:21:31 | Computer Name = Julia-Home | Source = Service Control Manager | ID = 7016
Description = 
 
Error - 10.06.2010 15:13:20 | Computer Name = Julia-Home | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 10.06.2010 15:13:21 | Computer Name = Julia-Home | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 10.06.2010 15:13:22 | Computer Name = Julia-Home | Source = Service Control Manager | ID = 7016
Description = 
 
Error - 10.06.2010 16:52:22 | Computer Name = Julia-Home | Source = DCOM | ID = 10010
Description = 
 
Error - 11.06.2010 03:24:02 | Computer Name = Julia-Home | Source = Service Control Manager | ID = 7000
Description = 
 
[ TuneUp Events ]
Error - 31.05.2010 03:31:25 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 01.06.2010 10:01:34 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 02.06.2010 10:19:29 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 08.06.2010 09:44:35 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 09.06.2010 14:07:54 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 09.06.2010 15:10:22 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 10.06.2010 03:55:48 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 10.06.2010 12:08:42 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 10.06.2010 12:47:40 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 10.06.2010 14:12:44 | Computer Name = Julia-Home | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
 
< End of report >
         
--- --- ---
__________________

Alt 11.06.2010, 15:52   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
ich habe den ICQ-Virus - Standard

ich habe den ICQ-Virus



Was ist mit Malwarebytes?
__________________
"Ich habe viel Geld für Alkohol, Weiber und schnelle Autos ausgegeben. Den Rest hab’ ich einfach nur verprasst." - George Best

Warum Linux besser als Windows ist!


Das Trojaner-Board unterstützen

Alt 11.06.2010, 16:24   #5
Julia-G.
 
ich habe den ICQ-Virus - Standard

ich habe den ICQ-Virus



was meinst du?'


Alt 11.06.2010, 16:25   #6
Julia-G.
 
ich habe den ICQ-Virus - Standard

ich habe den ICQ-Virus



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 11.06.2010 15:30:35 - Run 1
OTL by OldTimer - Version 3.2.6.0     Folder = C:\Users\Julia\Downloads
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,77 Gb Total Space | 5,62 Gb Free Space | 8,05% Space Free | Partition Type: NTFS
Drive D: | 69,52 Gb Total Space | 51,12 Gb Free Space | 73,54% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: JULIA-HOME
Current User Name: Julia
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Julia\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\cFosSpeed\spd.exe (cFos Software GmbH)
PRC - C:\Programme\cFosSpeed\cfosspeed.exe (cFos Software GmbH)
PRC - C:\Programme\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\TUProgSt.exe (TuneUp Software)
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
PRC - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
PRC - C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
PRC - C:\Acer\ALaunch\ALaunchSvc.exe ()
PRC - C:\Acer\Mobility Center\MobilityService.exe ()
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\ProgramData\Web.de Firefox\adminsvcff.exe (hablamax)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Julia\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\eNetHook.dll (acer)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (LiveUpdate Notice Ex) --  File not found
SRV - (CLTNetCnService) --  File not found
SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (cFosSpeedS) -- C:\Program Files\cFosSpeed\spd.exe (cFos Software GmbH)
SRV - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\System32\TUProgSt.exe (TuneUp Software)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (LiveUpdate) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (Automatisches LiveUpdate - Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
SRV - (WMIService) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
SRV - (eNet Service) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (eLockService) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (ALaunchService) -- C:\Acer\ALaunch\ALaunchSvc.exe ()
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (AdminSVCff) -- C:\ProgramData\Web.de Firefox\adminsvcff.exe (hablamax)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (cFosSpeed) -- C:\Windows\System32\drivers\cfosspeed.sys (cFos Software GmbH)
DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (PSDNServ) -- C:\Windows\system32\drivers\PSDNServ.sys (HiTRUST)
DRV - (psdvdisk) -- C:\Windows\system32\drivers\psdvdisk.sys (HiTRUST)
DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (HiTRUST)
DRV - (ESDCR) -- C:\Windows\System32\drivers\ESD7SK.sys (ENE Technology Inc.)
DRV - (ESMCR) -- C:\Windows\System32\drivers\ESM7SK.sys (ENE Technology Inc.)
DRV - (EMSCR) -- C:\Windows\System32\drivers\EMS7SK.sys (ENE Technology Inc.)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys ()
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Deluxe\Play Movie\000.fcl (Cyberlink Corp.)
DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (DritekPortIO) -- C:\Programme\Launch Manager\DPortIO.sys (Dritek System Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (FiltUSBEMPIA) -- C:\Windows\System32\drivers\emFilter.sys (eMPIA Technology Inc.)
DRV - (DCamUSBEMPIA) -- C:\Windows\System32\drivers\emDevice.sys (eMPIA Technology, Inc.)
DRV - (ScanUSBEMPIA) -- C:\Windows\System32\drivers\emScan.sys (eMPIA Technology, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = hxxp://de.rd.yahoo.com/customize/ycomp/defaults/sp/*hxxp://de.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/skins7/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1006102113\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Suche Deutschland Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2303923&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/webhp?sourceid=navclient-ff"
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=skins7&tb_ver=2.0.0.2&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q="
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.17 14:50:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.06 16:42:45 | 000,000,000 | ---D | M]
 
[2010.04.13 13:48:29 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\mozilla\Extensions
[2010.04.13 13:48:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Julia\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009.03.12 22:50:55 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2010.06.10 20:41:10 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\qgubp9o5.default\extensions
[2009.09.06 13:44:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\qgubp9o5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.04.17 14:56:59 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\qgubp9o5.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.06.10 20:20:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\qgubp9o5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.09.23 21:07:51 | 000,000,000 | ---D | M] (Suche Deutschland Toolbar) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\qgubp9o5.default\extensions\{937f343c-c9c2-4235-b544-7fc4da2f2594}
[2008.12.02 20:08:23 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\qgubp9o5.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009.03.28 18:05:43 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\qgubp9o5.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2009.10.27 17:36:39 | 000,002,235 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\askcom.xml
[2009.06.03 12:14:08 | 000,000,896 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\conduit.xml
[2010.06.08 15:59:06 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-1.xml
[2009.03.28 15:34:55 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-10.xml
[2009.04.23 13:49:06 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-11.xml
[2009.04.29 19:07:01 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-12.xml
[2009.06.14 18:57:49 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-13.xml
[2009.07.23 15:57:35 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-14.xml
[2009.08.05 02:01:11 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-15.xml
[2009.11.07 00:02:06 | 000,000,954 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-16.xml
[2009.11.20 23:36:03 | 000,000,659 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-17.xml
[2010.01.06 17:31:51 | 000,000,954 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-18.xml
[2010.01.26 20:28:55 | 000,000,954 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-19.xml
[2008.07.04 23:09:31 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-2.xml
[2010.03.28 14:34:22 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-20.xml
[2010.03.30 15:20:04 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-21.xml
[2010.04.04 22:50:27 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-22.xml
[2010.04.17 14:57:04 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-23.xml
[2008.07.16 17:02:22 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-3.xml
[2008.09.27 20:00:30 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-4.xml
[2008.09.27 20:44:11 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-5.xml
[2008.11.16 21:24:20 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-6.xml
[2008.12.20 19:42:26 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-7.xml
[2009.02.07 09:23:39 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-8.xml
[2009.03.07 19:08:47 | 000,000,950 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin-9.xml
[2010.04.22 13:33:22 | 000,000,945 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\icqplugin.xml
[2009.03.28 18:05:27 | 000,003,915 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\FireFox\Profiles\qgubp9o5.default\searchplugins\sweetim.xml
[2010.05.06 16:43:00 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.01.26 18:08:35 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.08.07 19:52:41 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}(11)
[2009.06.01 10:53:14 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Programme\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2010.05.06 16:43:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.05.06 16:42:17 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.03.17 17:36:11 | 000,000,569 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (no name) - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - No CLSID value found.
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Programme\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQToolbar\toolbaru.dll (IE Toolbar)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (ZlangoBHO Class) - {C219F6EA-DE74-4E6C-A09F-4EC7DB9DA195} - C:\Programme\Zlango Pic-Talk\Zlango.dll (TODO: <Company name>)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {014DA6C9-189F-421A-88CD-07CFE51CFF10} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1006102113\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1006102113\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [cFosSpeed] C:\Programme\cFosSpeed\cfosspeed.exe (cFos Software GmbH)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: HP Sammelmappe - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Intelligente Auswahl - {700259D7-1666-479a-93B1-3250410481E8} - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Zlango - {F70C2C8A-3CE0-4fd8-8BCA-FC70180CE226} - C:\Programme\Zlango Pic-Talk\ZlangoToolbar.dll (TODO: <Company name>)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (eNetHook.dll) - C:\Windows\System32\eNetHook.dll (acer)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Julia\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Julia\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{13f1f7d0-3f8c-11de-bddb-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{13f1f7d0-3f8c-11de-bddb-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{253b6d55-912a-11dd-b024-d2ae3017c9eb}\Shell - "" = AutoRun
O33 - MountPoints2\{253b6d55-912a-11dd-b024-d2ae3017c9eb}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{253b6d6a-912a-11dd-b024-d2ae3017c9eb}\Shell - "" = AutoRun
O33 - MountPoints2\{253b6d6a-912a-11dd-b024-d2ae3017c9eb}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{73370b15-92bd-11dd-b949-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{73370b15-92bd-11dd-b949-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{bc8b86dc-01df-11de-bfda-001c265c852a}\Shell - "" = AutoRun
O33 - MountPoints2\{bc8b86dc-01df-11de-bfda-001c265c852a}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{bc8b86e9-01df-11de-bfda-a48361ceb13e}\Shell - "" = AutoRun
O33 - MountPoints2\{bc8b86e9-01df-11de-bfda-a48361ceb13e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.06.10 18:32:03 | 000,000,000 | ---D | C] -- C:\Programme\F-Secure
[2010.06.10 18:23:47 | 000,000,000 | ---D | C] -- C:\ProgramData\fssg
[2010.06.10 18:20:19 | 000,000,000 | ---D | C] -- C:\ProgramData\f-secure
[2010.06.09 20:28:10 | 000,000,000 | ---D | C] -- C:\Programme\ICQ7.2
[2007.05.20 00:03:06 | 000,045,056 | ---- | C] ( ) -- C:\Windows\PLFSet.dll
[2007.05.19 15:34:27 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll
[5 C:\Users\Julia\Documents\*.tmp files -> C:\Users\Julia\Documents\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.06.11 15:36:04 | 003,932,160 | -HS- | M] () -- C:\Users\Julia\ntuser.dat
[2010.06.11 15:23:25 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.06.11 15:23:25 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.11 15:19:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.11 15:18:59 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.11 12:41:10 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.06.11 09:39:10 | 000,651,350 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.06.11 09:39:10 | 000,618,470 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.06.11 09:39:10 | 000,121,114 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.06.11 09:39:10 | 000,107,614 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.06.11 09:39:09 | 001,488,910 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.06.11 09:38:44 | 000,087,040 | ---- | M] () -- C:\Users\Julia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.11 09:23:26 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.06.11 09:23:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.06.11 09:22:54 | 2145,509,376 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.10 22:52:17 | 001,773,470 | -H-- | M] () -- C:\Users\Julia\AppData\Local\IconCache.db
[2010.06.10 22:35:11 | 000,019,968 | ---- | M] () -- C:\Users\Julia\Documents\gebliste.doc
[2010.06.10 22:35:10 | 000,015,718 | ---- | M] () -- C:\Users\Julia\AppData\Roaming\wklnhst.dat
[2010.06.10 22:13:07 | 000,002,623 | ---- | M] () -- C:\Users\Julia\Desktop\Microsoft Word.lnk
[2010.06.10 20:21:16 | 000,001,613 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.2.lnk
[2010.05.21 16:23:44 | 000,000,042 | -H-- | M] () -- C:\Users\Julia\Desktop\.picasa.ini
[5 C:\Users\Julia\Documents\*.tmp files -> C:\Users\Julia\Documents\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.06.10 22:16:50 | 000,019,968 | ---- | C] () -- C:\Users\Julia\Documents\gebliste.doc
[2010.06.10 20:21:16 | 000,001,613 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.2.lnk
[2010.05.21 16:23:44 | 000,000,042 | -H-- | C] () -- C:\Users\Julia\Desktop\.picasa.ini
[2010.04.20 14:31:02 | 000,000,736 | ---- | C] () -- C:\Windows\SamsungMaster.INI
[2009.09.18 16:21:08 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2009.09.18 16:21:08 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2008.10.06 16:58:33 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2008.06.17 20:41:41 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2008.06.17 20:41:41 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2008.06.17 20:41:41 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2008.06.17 20:41:40 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2008.06.17 20:41:40 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2008.05.28 16:46:21 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.01.10 20:16:20 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008.01.10 20:15:30 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007.11.18 21:28:13 | 000,394,240 | ---- | C] () -- C:\Windows\System32\Smab.dll
[2007.11.18 21:28:12 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007.08.28 00:54:19 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.08.28 00:54:12 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2007.05.20 02:52:39 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007.05.20 00:03:07 | 001,729,152 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007.05.19 15:36:19 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2007.05.19 15:34:47 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2007.05.19 15:34:47 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2007.05.19 15:34:24 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2007.05.19 15:28:31 | 000,356,352 | ---- | C] () -- C:\Windows\EMCRI.dll
[2007.04.12 17:42:14 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2007.04.12 17:41:48 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2007.04.12 17:41:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2007.04.12 17:40:04 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2007.04.12 17:39:56 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2007.04.12 17:39:48 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2007.02.06 02:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006.12.25 15:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 10:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\System32\SP207.INI
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 16 bytes -> C:\Users\Julia\Downloads:Shareaza.GUID
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:6152D44C
< End of report >
         
--- --- ---

Alt 13.06.2010, 14:18   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
ich habe den ICQ-Virus - Standard

ich habe den ICQ-Virus



Was ist denn jetzt mit Malwarebytes? Nimm Dir doch einfach mal mehr Zeit zum Lesen der Postings und Anleitungen, das würde uns diese unnötige Nachfragerei ersparen!
__________________
"Ich habe viel Geld für Alkohol, Weiber und schnelle Autos ausgegeben. Den Rest hab’ ich einfach nur verprasst." - George Best

Warum Linux besser als Windows ist!


Das Trojaner-Board unterstützen

Antwort

Themen zu ich habe den ICQ-Virus
eingefangen, gefangen, gen, icq-virus, julia



Ähnliche Themen: ich habe den ICQ-Virus


  1. .scr Datei (Virus?) über Steam erhalten, habe ich jetzt einen Virus (oder Passwortscanner, etc.)?
    Log-Analyse und Auswertung - 09.06.2015 (3)
  2. Habe Oxy-Virus auf dem PC
    Plagegeister aller Art und deren Bekämpfung - 05.04.2014 (11)
  3. Ich habe 2 DllHost.exe Prozesse, Habe ich mir einen Virus eingefangen?
    Log-Analyse und Auswertung - 29.08.2013 (9)
  4. Ich habe den GVU Virus
    Plagegeister aller Art und deren Bekämpfung - 07.08.2013 (24)
  5. ich glaub ich habe einen virus(trojaner>JS/Exploit-Blacole.ht< unter anderen.) sorry habe im ersten thema so ziemlich alles falsch gemacht
    Mülltonne - 21.12.2012 (4)
  6. Ich habe mir den 50€ virus eingefangen (habe OTL.txt und Extra.txt
    Log-Analyse und Auswertung - 09.01.2012 (1)
  7. ich habe nen virus
    Log-Analyse und Auswertung - 25.01.2011 (3)
  8. Auch ich habe den ICQ-Virus...
    Plagegeister aller Art und deren Bekämpfung - 10.06.2010 (15)
  9. Habe ich einen Virus?? Bitte um Hilfe - Virus userinit.exe
    Log-Analyse und Auswertung - 20.04.2010 (8)
  10. Guten Morgen ich habe ein Gefühl ich habe nun einen Virus/Trojaner
    Log-Analyse und Auswertung - 23.12.2009 (1)
  11. Ich glaube ich habe ein Virus
    Log-Analyse und Auswertung - 24.06.2009 (1)
  12. Habe ich den nen Virus ??
    Antiviren-, Firewall- und andere Schutzprogramme - 11.04.2009 (7)
  13. Hilfe, habe Virus!! habe HiJachThis Log
    Mülltonne - 03.02.2009 (0)
  14. Habe ich ein Virus? etc.
    Log-Analyse und Auswertung - 12.01.2009 (0)
  15. Habe ich einen Virus?
    Log-Analyse und Auswertung - 18.04.2007 (2)
  16. habe ich nen virus?
    Plagegeister aller Art und deren Bekämpfung - 01.06.2005 (5)
  17. Hallo habe ein Problem weis nicht ob ich ein Virus habe
    Log-Analyse und Auswertung - 26.09.2004 (4)

Zum Thema ich habe den ICQ-Virus - Hallo, ich hab mir den Icq-virus eingefangen & ich weiß nicht wie ich ihn wieder losbekomme. kann mir jemand helfen? mfg julia - ich habe den ICQ-Virus...
Archiv
Du betrachtest: ich habe den ICQ-Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.