| |
| |||||||
Log-Analyse und Auswertung: Drohung Veröffentlichung von Daten, Accounts und Passwörter auf einschlägigen HackerseitenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
03.07.2010, 10:39
| #16 |
 |  Drohung Veröffentlichung von Daten, Accounts und Passwörter auf einschlägigen Hackerseiten Seppl21, dies Forum ist nicht dazu da Leute zu unterstützen die offensichtlich illegal Software nutzen wollen. Dieser Grundsatz hat nichts mit meinem Alter zu tun.  Und mein Niveau, lies meine Sig.  Du bist nicht ungewollt angegriffen worden, wer mit Cracks spielt, nimmt sowas einfach in Kauf, ist so. Wenn Du es anders siehst, mußt Du noch etwas lernen.
__________________ Es ist besser für das, was man ist, gehasst, als für das, was man nicht ist, geliebt zu werden. (Kettcar) |
|
03.07.2010, 10:56
| #17 | |
 | Drohung Veröffentlichung von Daten, Accounts und Passwörter auf einschlägigen HackerseitenZitat:
Es ist richtig das ich ungewollt, aber fahrlässig angegriffen wurden bin und ich bin mir bewusst, deratige Angriffe im Kauf zu nehmen, deswegen "heule" ich aber nicht rum, wie du es so schön versuchst da zustellen. Ich bitte dich jetzt letztmalig den OT sein zulassen, sonst werde ich das einen Moderator melden. Wenn du mir gern durch dein Interpretationswinkel Dinge wie "heulen", "Hilfe suchen um illegale Software" zu nutzen unterstellen magst, dann kannst du das gern in einer privaten Nachricht tun. Da du seit 2001 hier angemeldet bist, sollte dir das nicht schwer fallen. lg Seppl P.S Auf weitere Anfeindungen oder Unterstellungen werde ich nicht mehr antworten, sondern nur noch melden lassen, damit sich ein Moderator darum kümmert. Geändert von Seppl21 (03.07.2010 um 11:06 Uhr) |
|
03.07.2010, 11:04
| #18 |
| | Drohung Veröffentlichung von Daten, Accounts und Passwörter auf einschlägigen Hackerseiten Du gibst zu Cracks benutzt zu haben, melde mich gerne dem Team weil ich es so feststelle.
__________________
__________________ |
|
03.07.2010, 11:12
| #19 | |
| | Drohung Veröffentlichung von Daten, Accounts und Passwörter auf einschlägigen Hackerseiten Nun endlich hier die gefoderten Logs: Zitat:
Code:
ATTFilter OTL logfile created on: 03.07.2010 12:09:07 - Run 3 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\Seppl\Downloads 64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 70,00% Memory free 16,00 Gb Paging File | 13,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 68,36 Gb Total Space | 12,12 Gb Free Space | 17,72% Space Free | Partition Type: NTFS Drive D: | 195,21 Gb Total Space | 34,55 Gb Free Space | 17,70% Space Free | Partition Type: NTFS Drive E: | 202,04 Gb Total Space | 85,57 Gb Free Space | 42,35% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SEPPL-PC Current User Name: Seppl Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010.07.03 09:28:18 | 000,139,264 | ---- | M] (Kaspersky Lab.) -- C:\Users\Seppl\AppData\Local\Temp\jkos-Seppl\binaries\ScanningProcess.exe PRC - [2010.07.02 21:00:29 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Seppl\Downloads\OTL.exe PRC - [2010.06.27 18:57:37 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Internet\Internet Programme\firefox.exe PRC - [2010.06.27 18:57:37 | 000,014,808 | ---- | M] (Mozilla Corporation) -- D:\Internet\Internet Programme\plugin-container.exe PRC - [2010.06.02 16:58:20 | 000,246,520 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe PRC - [2010.04.12 17:29:28 | 000,023,328 | ---- | M] (Sun Microsystems, Inc.) -- C:\PROGRA~2\Java\jre6\bin\jp2launcher.exe PRC - [2010.04.12 17:29:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\java.exe PRC - [2009.09.27 17:48:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2009.07.21 15:34:28 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2009.07.20 05:00:00 | 000,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe PRC - [2009.05.13 17:48:18 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2003.05.15 22:42:26 | 000,529,920 | ---- | M] (ASKEY) -- C:\Windows\SysWOW64\Atray.exe ========== Modules (SafeList) ========== MOD - [2010.07.02 21:00:29 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Seppl\Downloads\OTL.exe MOD - [2009.07.20 05:00:00 | 000,038,912 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPoint\x86\lgscroll.dll MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll MOD - [2009.06.10 23:23:11 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010.06.29 19:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE) SRV:64bit: - [2009.11.15 17:30:19 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:64bit: - [2009.07.14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService) SRV:64bit: - [2009.07.14 03:41:54 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\StorSvc.dll -- (StorSvc) SRV:64bit: - [2009.07.14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc) SRV:64bit: - [2009.07.14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2009.03.30 18:19:56 | 002,297,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.06.02 16:58:20 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2010.03.18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 11:26:08 | 000,172,328 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5) SRV - [2009.12.30 00:59:29 | 000,321,320 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009.11.15 17:30:17 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009.11.09 11:02:42 | 001,053,848 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\ieconfig_1und1_svc.exe -- (serviceIEConfig) SRV - [2009.10.20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2009.09.27 17:48:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2009.07.21 15:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009.07.20 13:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2009.07.14 05:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS) SRV - [2009.07.14 05:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC) SRV - [2009.07.14 03:16:19 | 000,348,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc) SRV - [2009.07.13 22:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds) SRV - [2009.05.13 17:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2008.10.25 12:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) SRV - [2007.05.31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007.05.31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) ========== Driver Services (SafeList) ========== DRV:64bit: - [2010.03.11 11:17:14 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn) DRV:64bit: - [2010.01.27 20:09:04 | 000,007,808 | ---- | M] (SweetLow) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidusbf.sys -- (hidusbf) DRV:64bit: - [2010.01.21 03:03:10 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag) DRV:64bit: - [2010.01.21 03:03:08 | 000,033,280 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem) DRV:64bit: - [2010.01.21 03:03:06 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus) DRV:64bit: - [2009.12.20 15:37:36 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2009.12.07 17:00:50 | 000,074,880 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2009.11.17 18:01:20 | 000,294,400 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.10.27 13:10:18 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem) DRV:64bit: - [2009.10.20 20:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF) DRV:64bit: - [2009.07.14 15:35:40 | 000,226,616 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s) DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus) DRV:64bit: - [2009.07.14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt) DRV:64bit: - [2009.07.14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap) DRV:64bit: - [2009.07.14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID) DRV:64bit: - [2009.07.14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC) DRV:64bit: - [2009.07.08 01:45:50 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009.06.19 18:07:44 | 000,020,992 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp) DRV:64bit: - [2009.06.17 10:54:46 | 000,040,976 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt) DRV:64bit: - [2009.06.17 10:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2009.06.17 10:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.08 12:56:26 | 000,053,632 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motodrv.sys -- (MotDev) DRV:64bit: - [2009.05.04 18:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:64bit: - [2009.01.29 18:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl) DRV:64bit: - [2008.11.04 04:20:56 | 000,098,144 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:64bit: - [2008.06.27 08:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs) DRV:64bit: - [2008.03.13 09:46:00 | 000,027,136 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ManyCam_x64.sys -- (ManyCam) DRV:64bit: - [2008.02.09 21:16:52 | 000,005,152 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\wcafix.sys -- (wcafix) DRV:64bit: - [2007.05.09 22:50:48 | 000,050,208 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64) DRV:64bit: - [2007.05.09 22:46:48 | 001,127,328 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI) DRV:64bit: - [2007.05.09 22:46:36 | 000,016,032 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lv302a64.sys -- (lvpepf64) DRV - [2010.02.17 20:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV) DRV - [2010.02.17 20:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL) DRV - [2009.11.07 20:13:32 | 000,000,000 | ---D | M] [Kernel | System | Running] -- C:\Windows\CSC -- (CSC) DRV - [2009.06.10 23:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv) DRV - [2009.06.10 23:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip) DRV - [2008.08.14 08:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\adfs.sys -- (adfs) DRV - [2007.02.07 20:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google search IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Google search [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 32 24 01 D2 DF 5F CA 01 [binary data] IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {542e4d79-1970-4e95-9862-fdb96f61b280} - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/home" FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1 FF - prefs.js..extensions.enabledItems: 6 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: 48 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3 FF - prefs.js..extensions.enabledItems: {df4e4df5-5cb7-46b0-9aef-6c784c3249f8}:1.0.8 FF - prefs.js..extensions.enabledItems: locationbar2@design-noir.de:1.0.5 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.97 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.6 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.511.0\firefox\extensions FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.06.29 14:34:00 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: D:\Internet Programme\components FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: D:\Internet Programme\plugins FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: D:\Internet\Internet Programme\components [2010.06.29 14:33:59 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: D:\Internet\Internet Programme\plugins [2010.07.01 19:42:30 | 000,000,000 | ---D | M] [2009.11.07 21:37:52 | 000,000,000 | ---D | M] -- C:\Users\Seppl\AppData\Roaming\mozilla\Extensions [2010.07.02 23:28:01 | 000,000,000 | ---D | M] -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions [2010.06.26 10:30:37 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2009.11.08 20:35:24 | 000,000,000 | ---D | M] (TorrentBar) -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions\{7b821b0e-b102-4f9b-b6e3-433ede1fe379} [2010.06.17 13:48:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.05.15 09:13:14 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2009.11.08 20:35:25 | 000,000,000 | ---D | M] () -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions\{a7101e54-830c-4d33-a3ed-bedc17ec44da} [2010.04.16 08:39:30 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.01.08 17:03:45 | 000,000,000 | ---D | M] (Fox!Box) -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8} [2009.11.08 20:35:25 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010.03.06 18:23:11 | 000,000,000 | ---D | M] -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions\locationbar2@design-noir.de [2010.06.27 09:17:04 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-1.xml [2009.09.11 10:44:03 | 000,000,961 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-10.xml [2009.10.13 12:02:28 | 000,000,961 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-11.xml [2009.10.13 12:13:24 | 000,000,961 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-12.xml [2009.10.13 12:13:48 | 000,000,961 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-13.xml [2009.10.13 12:21:50 | 000,000,961 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-14.xml [2009.10.21 21:39:22 | 000,000,961 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-15.xml [2010.06.27 18:57:42 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-16.xml [2009.03.30 17:01:06 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-2.xml [2009.05.05 17:23:41 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-3.xml [2009.06.01 14:08:56 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-4.xml [2009.06.02 00:01:36 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-5.xml [2009.06.08 18:59:31 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-6.xml [2009.07.06 16:07:41 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-7.xml [2009.07.23 22:43:52 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-8.xml [2009.08.05 15:45:19 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-9.xml [2010.06.17 13:48:39 | 000,000,168 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin.gif [2010.06.17 13:48:39 | 000,000,618 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin.src [2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin.xml O1 HOSTS File: ([2010.07.02 17:31:03 | 000,411,522 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 007guard.com - 007guard and Windows Vista O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123haustiereundmehr.com O1 - Hosts: 14217 more lines... O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (1&&1 Internet AG Browser Configuration by mquadr.at) - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\Windows\SysWOW64\ieconfig_1und1.dll (mquadr.at software engineering und consulting GmbH) O3 - HKLM\..\Toolbar: (no name) - {542e4d79-1970-4e95-9862-fdb96f61b280} - No CLSID value found. O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {542E4D79-1970-4E95-9862-FDB96F61B280} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Microsoft Updat] C:\Program Files\Internet Explorer\services.exe File not found O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [atray] atray.exe (ASKEY) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [mumservice] C:\Program Files\Motorola\Software Update\mumservice.exe File not found O4 - HKLM..\Run: [RestartNeroSetup] C:\Program Files (x86)\Common Files\Ahead\Nero Web\SetupX.exe File not found O4 - HKCU..\Run: [\\GOLDBACH\EPSON Stylus DX5000 Series] C:\Windows\SysWow64\spool\DRIVERS\x64\3\E_FATIBVE.EXE File not found O4 - HKCU..\Run: [1&1 EasyLogin] D:\Internet Programme\1&1 EasyLogin\EasyLogin.exe File not found O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe File not found O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Programme\Nützliche Tools\daemon tool\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [EPSON Stylus DX5000 Series] C:\Windows\SysWow64\spool\DRIVERS\x64\3\E_FATIBVE.EXE File not found O4 - HKCU..\Run: [ICQ] D:\Internet\Internet Programme\ICQ6.5\ICQ.exe File not found O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKCU..\Run: [SpybotSD TeaTimer] D:\Internet Programme\Spybot - Search & Destroy\TeaTimer.exe File not found O4 - HKCU..\Run: [Steam] e:\steam\steam.exe (Valve Corporation) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - Startup: C:\Users\Seppl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1&1 EasyLogin.lnk = D:\Internet\Internet Programme\1&1 EasyLogin\EasyLogin.exe (1&1 Internet AG) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://download.bitdefender.com/resources/scanner/sources/de/scan8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.2 O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\LIVESSP.DLL (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\LIVESSP.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.07.02 23:32:27 | 000,000,000 | ---D | C] -- C:\Users\Seppl\AppData\Roaming\SUPERAntiSpyware.com [2010.07.02 23:32:27 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2010.07.02 23:32:25 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE [2010.07.02 23:32:24 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware [2010.07.02 23:22:54 | 000,000,000 | ---D | C] -- C:\_OTL [2010.07.02 20:45:00 | 000,000,000 | ---D | C] -- C:\Users\Seppl\AppData\Roaming\Malwarebytes [2010.07.02 20:44:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.07.02 20:44:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.07.02 20:44:30 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.07.02 20:44:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.07.02 17:36:53 | 000,000,000 | ---D | C] -- C:\Windows\BDOSCAN8 [2010.06.29 15:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2010.06.29 14:37:07 | 000,000,000 | ---D | C] -- C:\Users\Seppl\Documents\Downloads [2010.06.29 14:36:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BabelFish [2010.06.29 14:34:09 | 000,000,000 | ---D | C] -- C:\Users\Seppl\AppData\Local\Real [2010.06.29 14:33:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared [2010.06.29 14:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2010.06.29 14:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real [2010.06.29 14:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Real [2010.06.29 14:33:44 | 000,000,000 | ---D | C] -- C:\Users\Seppl\AppData\Roaming\Real [2010.06.29 14:33:18 | 000,000,000 | ---D | C] -- C:\Users\Seppl\AppData\Local\Google [2010.06.29 14:33:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2010.06.29 14:08:18 | 000,000,000 | ---D | C] -- C:\Users\Seppl\AppData\Local\Apps [2010.06.29 14:08:17 | 000,000,000 | ---D | C] -- C:\Users\Seppl\AppData\Local\Deployment [2010.06.29 14:08:10 | 000,000,000 | ---D | C] -- C:\Users\Seppl\Desktop\Personalausweis [2010.06.24 02:28:13 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll [2010.06.24 02:28:13 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll [2010.06.24 02:28:13 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe [2010.06.24 02:28:13 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe [2010.06.24 02:28:13 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll [2010.06.24 02:28:13 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll [2010.06.24 02:28:13 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll [2010.06.24 02:28:13 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll [2010.06.24 02:03:27 | 001,736,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2010.06.24 02:03:23 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2010.06.24 02:03:22 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2010.06.24 02:03:22 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll [2010.06.24 02:03:22 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax [2010.06.24 02:03:22 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2010.06.24 02:03:22 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax [2010.06.24 02:03:22 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2010.06.23 11:57:30 | 000,000,000 | ---D | C] -- C:\Users\Seppl\Desktop\Fakecam [2010.06.17 13:48:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar [2010.06.17 13:48:39 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ [2010.06.17 13:45:56 | 000,000,000 | ---D | C] -- C:\Users\Seppl\AppData\Local\AOL [2010.06.17 13:45:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2 [2010.06.14 17:21:33 | 000,000,000 | ---D | C] -- C:\Users\Seppl\Desktop\Screens [2010.06.13 01:21:22 | 000,000,000 | ---D | C] -- C:\Users\Seppl\Documents\FIFA 10 [2010.06.09 17:14:57 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2010.06.09 17:14:57 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2010.06.09 17:14:57 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2010.06.09 17:14:57 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll ========== Files - Modified Within 30 Days ========== [2010.07.03 12:11:01 | 010,485,760 | -HS- | M] () -- C:\Users\Seppl\NTUSER.DAT [2010.07.03 09:28:48 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.07.03 09:28:48 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.07.03 09:21:28 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.07.03 09:21:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.07.03 09:21:10 | 2146,099,199 | -HS- | M] () -- C:\hiberfil.sys [2010.07.03 01:37:31 | 003,024,234 | -H-- | M] () -- C:\Users\Seppl\AppData\Local\IconCache.db [2010.07.02 23:32:25 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2010.07.02 20:44:34 | 000,001,016 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.07.02 17:31:03 | 000,411,522 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2010.07.01 19:42:30 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.06.29 14:56:29 | 000,408,679 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100702-173103.backup [2010.06.29 14:41:42 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.06.29 14:34:00 | 000,001,955 | ---- | M] () -- C:\Users\Public\Desktop\Free Games & Music.lnk [2010.06.29 14:34:00 | 000,001,271 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk [2010.06.29 14:33:58 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll [2010.06.29 14:33:57 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll [2010.06.29 14:33:57 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll [2010.06.29 14:33:47 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll [2010.06.29 14:33:47 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll [2010.06.27 19:08:38 | 000,016,384 | ---- | M] () -- C:\Users\Seppl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.06.26 02:15:58 | 001,522,302 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.06.26 02:15:58 | 000,657,438 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.06.26 02:15:58 | 000,618,714 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.06.26 02:15:58 | 000,130,810 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.06.26 02:15:58 | 000,107,034 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.06.20 17:17:17 | 001,245,744 | ---- | M] () -- C:\Users\Seppl\Desktop\IMG_0020.JPG [2010.06.19 20:30:58 | 001,341,830 | ---- | M] () -- C:\Users\Seppl\Desktop\Sample Pictures2.jpg [2010.06.19 20:30:42 | 001,618,145 | ---- | M] () -- C:\Users\Seppl\Desktop\Sample Pictures6.jpg [2010.06.19 20:30:23 | 000,050,348 | ---- | M] () -- C:\Users\Seppl\Desktop\kiss.jpg [2010.06.17 13:48:52 | 000,001,831 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.2.lnk [2010.06.15 14:13:38 | 000,007,603 | ---- | M] () -- C:\Users\Seppl\AppData\Local\Resmon.ResmonCfg [2010.06.09 22:18:50 | 003,017,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.06.03 14:26:29 | 000,353,245 | ---- | M] () -- C:\Users\Seppl\Desktop\Pic4846.jpg ========== Files Created - No Company Name ========== [2010.07.02 23:32:25 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2010.07.02 20:44:34 | 000,001,016 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.06.29 14:41:42 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.06.29 14:34:00 | 000,001,955 | ---- | C] () -- C:\Users\Public\Desktop\Free Games & Music.lnk [2010.06.29 14:34:00 | 000,001,271 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk [2010.06.20 17:16:53 | 001,245,744 | ---- | C] () -- C:\Users\Seppl\Desktop\IMG_0020.JPG [2010.06.19 20:30:30 | 001,341,830 | ---- | C] () -- C:\Users\Seppl\Desktop\Sample Pictures2.jpg [2010.06.19 20:30:21 | 000,050,348 | ---- | C] () -- C:\Users\Seppl\Desktop\kiss.jpg [2010.06.19 20:30:09 | 001,618,145 | ---- | C] () -- C:\Users\Seppl\Desktop\Sample Pictures6.jpg [2010.06.17 13:48:52 | 000,001,831 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.2.lnk [2010.06.13 00:05:11 | 000,149,254 | ---- | C] () -- C:\Users\Seppl\Desktop\Melly453.jpg [2010.06.13 00:05:07 | 000,169,356 | ---- | C] () -- C:\Users\Seppl\Desktop\mel270100000.jpg [2010.06.03 14:26:21 | 000,353,245 | ---- | C] () -- C:\Users\Seppl\Desktop\Pic4846.jpg [2010.04.13 22:41:37 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest [2010.03.03 02:00:00 | 004,555,278 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll [2010.03.03 02:00:00 | 001,449,935 | ---- | C] () -- C:\Windows\SysWow64\ffmpegmt.dll [2010.03.03 02:00:00 | 000,882,688 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010.03.03 02:00:00 | 000,877,385 | ---- | C] () -- C:\Windows\SysWow64\ff_x264.dll [2010.03.03 02:00:00 | 000,556,491 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll [2010.03.03 02:00:00 | 000,336,384 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll [2010.03.03 02:00:00 | 000,324,096 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll [2010.03.03 02:00:00 | 000,248,320 | ---- | C] () -- C:\Windows\SysWow64\ff_kernelDeint.dll [2010.03.03 02:00:00 | 000,216,576 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll [2010.03.03 02:00:00 | 000,169,984 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll [2010.03.03 02:00:00 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll [2010.03.03 02:00:00 | 000,145,408 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll [2010.03.03 02:00:00 | 000,121,856 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll [2010.03.03 02:00:00 | 000,116,736 | ---- | C] () -- C:\Windows\SysWow64\ff_tremor.dll [2010.03.03 02:00:00 | 000,100,864 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll [2010.03.03 02:00:00 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll [2010.03.03 02:00:00 | 000,010,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010.02.06 12:51:15 | 001,499,556 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009.12.30 15:35:33 | 000,000,082 | ---- | C] () -- C:\Windows\VSWizard.ini [2009.11.14 20:37:08 | 000,154,112 | ---- | C] () -- C:\Windows\SysWow64\ts.dll [2009.11.14 20:33:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll [2009.11.14 20:11:50 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll [2009.11.14 20:11:42 | 000,150,016 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll [2009.11.14 20:11:42 | 000,141,824 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll [2009.11.14 20:11:40 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll [2009.11.14 20:11:40 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll [2009.11.14 20:11:38 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll [2009.11.14 20:11:32 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll [2009.11.14 20:11:32 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll [2009.11.07 20:28:34 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2009.11.07 20:28:34 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2009.10.20 20:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll [2009.08.16 12:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2009.08.03 01:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.07 18:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2009.01.11 00:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\mmfinfo.dll [2009.01.05 14:44:10 | 000,000,483 | ---- | C] () -- C:\Windows\bdoscandellang.ini [2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2007.10.13 11:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\SysWow64\Registration.ini [2007.02.05 21:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI < End of report > [QUOTE=Extras.txt]OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 03.07.2010 12:09:07 - Run 3
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\Seppl\Downloads
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 70,00% Memory free
16,00 Gb Paging File | 13,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 68,36 Gb Total Space | 12,12 Gb Free Space | 17,72% Space Free | Partition Type: NTFS
Drive D: | 195,21 Gb Total Space | 34,55 Gb Free Space | 17,70% Space Free | Partition Type: NTFS
Drive E: | 202,04 Gb Total Space | 85,57 Gb Free Space | 42,35% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SEPPL-PC
Current User Name: Seppl
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- D:\Internet\Internet Programme\firefox.exe (Mozilla Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- D:\Internet\Internet Programme\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Internet\Internet Programme\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "D:\Internet\Internet Programme\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\Internet\Internet Programme\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "D:\Programme\Ausführende Programme - Player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "D:\Programme\Ausführende Programme - Player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "D:\Internet\Internet Programme\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\Internet\Internet Programme\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\Ausführende Programme - Player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "D:\Programme\Ausführende Programme - Player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D11240-5C27-4FEF-855E-57AF99C1A538}" = Motorola Driver Installation 4.2.0
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Windows Live ID-Anmelde-Assistent
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"Win7x64 Components_is1" = Win7x64 Components v1.2.3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2EF095CE-24AF-4AAA-BB82-85F988EC51C0}" = 1und1 Internet Explorer Add-On
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}" = Camtasia Studio 7
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A67911E-8EB5-4F9A-8D8E-1C4CC590B914}" = Motorola Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{75C9CA43-7677-4F89-A971-1104A94DF0F2}" = CSE Demoplayer
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A06714C-F24B-4144-9BA2-788B5DD4F270}_is1" = ICQ Ignore Checker 1.3
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8ED35B48-AFBD-4F32-8271-2257AD8B907E}_is1" = Grand Theft Auto IV - Episodes From Liberty City
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_PROR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{993960EE-CA4D-443F-8F88-E24260DD5FD2}" = LG PC Suite
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4FEA924-630D-11D4-B78E-005004566E4D}" = ViewSonic Monitor Drivers
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1
"{CFFCE4FD-0066-4FF4-ACDE-607ED6683841}" = WLAN Card
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D45EC259-4A19-4656-B588-C2C360DD18EA}" = Half-Life(R) 2
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"1&1 EasyLogin" = 1&1 EasyLogin
"1STFREE_is1" = 1st Free Solitaire 1.7.1
"1und1 Internet Explorer Add-On" = 1und1 Internet Explorer Add-On
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CPU-Control_is1" = CPU-Control
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free FLV Converter_is1" = Free FLV Converter V 6.7.5
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"FrostWire" = FrostWire 4.20.3
"ICQToolbar" = ICQ Toolbar
"InstallShield_{CFFCE4FD-0066-4FF4-ACDE-607ED6683841}" = WLAN Card
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.2.5 Standard
"Magic ISO Maker v5.5 (build 0265)" = Magic ISO Maker v5.5 (build 0265)
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.4 (remove only)
"Messenger Plus! Live" = Messenger Plus! Live
"Messenger_Plus_Live_Germany Toolbar" = Messenger_Plus_Live_Germany Toolbar
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PROR" = Microsoft Office Professional 2007-Testversion
"RealPlayer 12.0" = RealPlayer
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 410" = Portal: The First Slice
"TeamViewer 5" = TeamViewer 5
"VLC media player" = VLC media player 1.0.5
"Vuze_Remote Toolbar" = Vuze_Remote Toolbar
"Windows 7 - Codec Pack" = Windows 7 Codec Pack 2.5.0
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 23.06.2010 05:21:27 | Computer Name = Seppl-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 23.06.2010 05:21:59 | Computer Name = Seppl-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\Internet\internet
programme\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"d:\Internet\internet programme\spybot - search & destroy\DelZip179.dll" in Zeile
8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 26.06.2010 08:52:26 | Computer Name = Seppl-PC | Source = Application Hang | ID = 1002
Description = Programm xBBrowser.exe, Version 2.0.0.20 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 914 Startzeit:
01cb152e542fedc7 Endzeit: 0 Anwendungspfad: D:\Programme\Nützliche Tools\XB Browser\XeroBank\xBBrowser.exe
Berichts-ID:
Error - 27.06.2010 18:26:12 | Computer Name = Seppl-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: msnmsgr.exe, Version: 14.0.8089.726,
Zeitstempel: 0x4a6ce533 Name des fehlerhaften Moduls: PresenceIM.dll, Version: 14.0.8089.726,
Zeitstempel: 0x4a6ce51e Ausnahmecode: 0xc0000005 Fehleroffset: 0x000104a9 ID des fehlerhaften
Prozesses: 0x1770 Startzeit der fehlerhaften Anwendung: 0x01cb1647bf925025 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Windows Live\Messenger\PresenceIM.dll
Berichtskennung:
fd9b15c8-823a-11df-a068-4061862e2a88
Error - 29.06.2010 08:33:23 | Computer Name = Seppl-PC | Source = MsiInstaller | ID = 11704
Description =
Error - 29.06.2010 08:36:18 | Computer Name = Seppl-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 1.9.2.3828,
Zeitstempel: 0x4c25a474 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559,
Zeitstempel: 0x4ba9b29c Ausnahmecode: 0xc0000005 Fehleroffset: 0x00022262 ID des fehlerhaften
Prozesses: 0x1818 Startzeit der fehlerhaften Anwendung: 0x01cb17874a8f2411 Pfad der
fehlerhaften Anwendung: D:\Internet\Internet Programme\plugin-container.exe Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: e9aa52c9-837a-11df-8969-4061862e2a88
Error - 29.06.2010 10:14:28 | Computer Name = Seppl-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: EFLC.exe, Version: 1.1.1.0, Zeitstempel:
0x4bb19157 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559, Zeitstempel:
0x4ba9b29c Ausnahmecode: 0xc0000264 Fehleroffset: 0x000a1c92 ID des fehlerhaften Prozesses:
0x560 Startzeit der fehlerhaften Anwendung: 0x01cb17910a638725 Pfad der fehlerhaften
Anwendung: E:\Grand Theft Auto IV - Episodes From Liberty City\EFLC.exe Pfad des
fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: a097c04c-8388-11df-8969-4061862e2a88
Error - 29.06.2010 10:14:53 | Computer Name = Seppl-PC | Source = Application Hang | ID = 1002
Description = Programm EFLC.exe, Version 1.1.1.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 560 Startzeit:
01cb17910a638725 Endzeit: 591 Anwendungspfad: E:\Grand Theft Auto IV - Episodes From
Liberty City\EFLC.exe Berichts-ID:
Error - 02.07.2010 03:48:00 | Computer Name = Seppl-PC | Source = Application Hang | ID = 1002
Description = Programm services.exe, Version 1.3.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 810 Startzeit:
01cb19ba71e929e5 Endzeit: 0 Anwendungspfad: C:\Program Files\Internet Explorer\services.exe
Berichts-ID:
c680e1d7-85ad-11df-8b76-4061862e2a88
Error - 02.07.2010 19:26:09 | Computer Name = Seppl-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
[ System Events ]
Error - 03.05.2010 18:30:10 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "NVIDIA Display Driver Service" hat einen ungültigen aktuellen
Status gemeldet: 32
Error - 04.05.2010 04:05:56 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Cursor Acceleration Fix" wurde aufgrund folgenden
Fehlers nicht gestartet: %%31
Error - 04.05.2010 20:15:07 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "NVIDIA Display Driver Service" hat einen ungültigen aktuellen
Status gemeldet: 32
Error - 05.05.2010 02:24:29 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Cursor Acceleration Fix" wurde aufgrund folgenden
Fehlers nicht gestartet: %%31
Error - 05.05.2010 03:26:43 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "NVIDIA Display Driver Service" hat einen ungültigen aktuellen
Status gemeldet: 32
Error - 05.05.2010 04:41:11 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Cursor Acceleration Fix" wurde aufgrund folgenden
Fehlers nicht gestartet: %%31
Error - 05.05.2010 19:55:04 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "NVIDIA Display Driver Service" hat einen ungültigen aktuellen
Status gemeldet: 32
Error - 06.05.2010 04:41:38 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Cursor Acceleration Fix" wurde aufgrund folgenden
Fehlers nicht gestartet: %%31
Error - 06.05.2010 07:38:07 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "TeamViewer 5" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 06.05.2010 07:38:11 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Volumeschattenkopie" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
< End of report >
|
|
03.07.2010, 20:28
| #20 |
| /// Selecta Jahrusso  | Drohung Veröffentlichung von Daten, Accounts und Passwörter auf einschlägigen Hackerseiten Noch Probleme?
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
03.07.2010, 21:28
| #21 |
| | Drohung Veröffentlichung von Daten, Accounts und Passwörter auf einschlägigen Hackerseiten Ich hatte nie ein Problem bis ich die Mail im Postfach hatte... Kannst du mir eventuell aufschlüsseln anhand welcher Trojaner etc. die Person an die Daten gelangt ist? Wie sicher siehst du mich nun hingegend zu neuen Angriffen dieser Art? Kann ich nun wie gewohnt wieder die Passwörter eingeben? lg Seppl |
|
04.07.2010, 09:17
| #22 | |
| /// Selecta Jahrusso | Drohung Veröffentlichung von Daten, Accounts und Passwörter auf einschlägigen Hackerseiten btw, Zitat:
Und wenn Du im Forum Hilfe suchst, würde ich nicht blöd rummaulen. Schon gar nicht an Personen die schon über 1000 Beiträge rüber sind. Tatsache ist, dass Ich wegen dem einen Fund auch den Support einstellen könnte. Da aber nur der eine Scan es als Adware findet, drücke ich ein Auge zu. Sollte ich nochmals sowas lesen, werde ich mein Auge wieder aufmachen! Wie die Person an deine Daten gelangt ist, ist schwierig. Pishing Fishing, Backdoor, dafür gibt es viele Wege die ich jetzt nicht aufzählen werde. 100% Garantie kann ich nicht geben das ich alles gefunden habe. Die gibt es nur bei Format C: Schritt 1 Teatimer abstellen Mit laufendem TeaTimer von Spybot Search&Destroy lässt sich keine Reinigung durchführen, da er alle gelöschten Einträge wiederherstellt. Der Teatimer muss also während der Reinigungsarbeiten abgestellt werden (lasse den Teatimer so lange ausgeschaltet, bis wir mit der Reinigung fertig sind): Starte Spybot S&D => stelle im Menü "Modus" den "Erweiterten Modus" ein => klicke dann links unten auf "Werkzeuge" => klicke auf "Resident" => das Häkchen entfernen bei Resident "TeaTimer" (Schutz aller Systemeinstellungen) => Spybot Search&Destroy schließen => Rechner neu starten. Bebilderte Anleitung. Schritt 2 Peer to peer oder filesharing software Deine Logfile(s) zeigen mir das Du sogenannte Peer to Peer oder Filesharing Programme verwendest ( Bei Dir Vuze ). Diese Programme erlauben es Dir, Daten mit anderen Usern auszutauschen. Heutzutage bekommt Cyber Crime einen immer höher werdenden Status und die Ausmaße sind enorm. Leider ist auch p2p oder Filesharing davon nicht ausgenommen. Es dient auch dazu, infizierte Dateien zu verbreiten und ist auch ein Grund warum sich Malware so schnell verbreitet. Es ist also möglich, dass Du Dir eine Infizierte Datei herunter ladest. Du kannst niemals wissen, woher diese stammen. Daher sollte diese Art Software mit äusserster Vorsicht benutzt werden. Ein ebenfalls wichtiger Punkt ist, dass das verbreiten von Media und Entertainment Dateien in den meisten Ländern der Welt gegen Copyright Rechte verstößt. Du setzt Dich also selbst dem Risiko einer Anklage durch Orginastionen ( oder dem Author der "Datei" selbst ) die diese Rechte überwachen Natürlich gibt es auch einen legalen Weg zur Nutzung dieses Service. Zum Beispiel zum Downloaden von Linux oder Open Office. Denoch würde ich Dich ersuchen, diese Art von Software nicht weiterhin zu verwenden. Bitte gehe zu Start --> Systemsteuerung --> Software und deinstalliere (falls vorhanden) Vuze Bitte sag bescheid wenn Du eines der gelisteten Software nicht finden kannst. Deinstalliere ebenfalls SuperAntiSpyware Schritt 3
Code:
ATTFilter :OTL
O3 - HKLM\..\Toolbar: (no name) - {542e4d79-1970-4e95-9862-fdb96f61b280} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {542E4D79-1970-4E95-9862-FDB96F61B280} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Microsoft Updat] C:\Program Files\Internet Explorer\services.exe File not found
:reg
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoActiveDesktop"=Dword:00000000
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoActiveDesktopChanges"=Dword:00000000
:services
:files
:Commands
[purity]
[emptytemp]
[resethosts]
[reboot]
Schritt 4 Starte bitte OTL.exe. Wähle unter Extra Registrierung: Benutze Safe List und klicke auf den Scan Button. Bitte poste in Deiner nächsten Antwort OTLFixLog OTL.txt Extras.txt
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
04.07.2010, 10:24
| #23 | |
| | Drohung Veröffentlichung von Daten, Accounts und Passwörter auf einschlägigen Hackerseiten huhu danke das du weiterhin supportest Ich wusste nicht das das hier mit berücksichtigt wird. Nun du meintest ich soll Vuze aufgrund rechtlicher Verfolgung und Virengefahr einstellen... Ich brauche aber diese Art von Netzwerk, da ich mir dort viele brauchbare Datein besorgt habe. Mir wäre es aber lieber und das habe ich nun auch durch diesen Angriff verstanden, wenn ich anonymer sein könnte. Ich hörte das es da eine Möglichkeit mit Tor gibt? Gibt es eventuell ein Netzwerk, indem man nicht gezwungen wird, Daten zu verteilen? Denn soweit ich weiß, steht ausschließlich das im deutschen Recht unter Strafe. Hier nun die gefoderten Logs: Zitat:
OTL Logfile: Code:
ATTFilter OTL logfile created on: 04.07.2010 11:13:04 - Run 4 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\Seppl\Downloads 64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 79,00% Memory free 16,00 Gb Paging File | 14,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 68,36 Gb Total Space | 12,36 Gb Free Space | 18,08% Space Free | Partition Type: NTFS Drive D: | 195,21 Gb Total Space | 34,55 Gb Free Space | 17,70% Space Free | Partition Type: NTFS Drive E: | 202,04 Gb Total Space | 85,57 Gb Free Space | 42,35% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SEPPL-PC Current User Name: Seppl Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010.07.02 21:00:29 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Seppl\Downloads\OTL.exe PRC - [2010.06.27 18:57:37 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Internet\Internet Programme\firefox.exe PRC - [2010.06.27 18:57:37 | 000,014,808 | ---- | M] (Mozilla Corporation) -- D:\Internet\Internet Programme\plugin-container.exe PRC - [2010.06.02 16:58:20 | 000,246,520 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe PRC - [2010.04.12 17:29:28 | 000,023,328 | ---- | M] (Sun Microsystems, Inc.) -- C:\PROGRA~2\Java\jre6\bin\jp2launcher.exe PRC - [2010.04.12 17:29:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\java.exe PRC - [2010.03.18 11:26:08 | 000,172,328 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe PRC - [2009.11.09 11:02:42 | 001,053,848 | ---- | M] () -- C:\Windows\SysWOW64\ieconfig_1und1_svc.exe PRC - [2009.09.30 20:58:42 | 000,026,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe PRC - [2009.09.27 17:48:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2009.07.26 17:44:14 | 003,883,840 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe PRC - [2009.07.21 15:34:28 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2009.07.20 05:00:00 | 000,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe PRC - [2009.05.13 17:48:18 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2009.03.02 14:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2003.05.15 22:42:26 | 000,529,920 | ---- | M] (ASKEY) -- C:\Windows\SysWOW64\Atray.exe ========== Modules (SafeList) ========== MOD - [2010.07.02 21:00:29 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Seppl\Downloads\OTL.exe MOD - [2009.07.20 05:00:00 | 000,038,912 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPoint\x86\lgscroll.dll MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll MOD - [2009.06.10 23:23:11 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2009.11.15 17:30:19 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:64bit: - [2009.07.14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService) SRV:64bit: - [2009.07.14 03:41:54 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\StorSvc.dll -- (StorSvc) SRV:64bit: - [2009.07.14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc) SRV:64bit: - [2009.07.14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2009.03.30 18:19:56 | 002,297,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.06.02 16:58:20 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2010.03.18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 11:26:08 | 000,172,328 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5) SRV - [2009.12.30 00:59:29 | 000,321,320 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009.11.15 17:30:17 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009.11.09 11:02:42 | 001,053,848 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ieconfig_1und1_svc.exe -- (serviceIEConfig) SRV - [2009.10.20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2009.09.27 17:48:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2009.07.21 15:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009.07.20 13:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2009.07.14 05:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS) SRV - [2009.07.14 05:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC) SRV - [2009.07.14 03:16:19 | 000,348,672 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc) SRV - [2009.07.13 22:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds) SRV - [2009.05.13 17:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2008.10.25 12:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) SRV - [2007.05.31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007.05.31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) ========== Driver Services (SafeList) ========== DRV:64bit: - [2010.03.11 11:17:14 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn) DRV:64bit: - [2010.01.27 20:09:04 | 000,007,808 | ---- | M] (SweetLow) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidusbf.sys -- (hidusbf) DRV:64bit: - [2010.01.21 03:03:10 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag) DRV:64bit: - [2010.01.21 03:03:08 | 000,033,280 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem) DRV:64bit: - [2010.01.21 03:03:06 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus) DRV:64bit: - [2009.12.20 15:37:36 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2009.12.07 17:00:50 | 000,074,880 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2009.11.17 18:01:20 | 000,294,400 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.10.27 13:10:18 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem) DRV:64bit: - [2009.10.20 20:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF) DRV:64bit: - [2009.07.14 15:35:40 | 000,226,616 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s) DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus) DRV:64bit: - [2009.07.14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt) DRV:64bit: - [2009.07.14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap) DRV:64bit: - [2009.07.14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID) DRV:64bit: - [2009.07.14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC) DRV:64bit: - [2009.07.08 01:45:50 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009.06.19 18:07:44 | 000,020,992 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp) DRV:64bit: - [2009.06.17 10:54:46 | 000,040,976 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt) DRV:64bit: - [2009.06.17 10:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2009.06.17 10:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.08 12:56:26 | 000,053,632 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motodrv.sys -- (MotDev) DRV:64bit: - [2009.05.04 18:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:64bit: - [2009.01.29 18:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl) DRV:64bit: - [2008.11.04 04:20:56 | 000,098,144 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:64bit: - [2008.06.27 08:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs) DRV:64bit: - [2008.03.13 09:46:00 | 000,027,136 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ManyCam_x64.sys -- (ManyCam) DRV:64bit: - [2008.02.09 21:16:52 | 000,005,152 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\wcafix.sys -- (wcafix) DRV:64bit: - [2007.05.09 22:50:48 | 000,050,208 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64) DRV:64bit: - [2007.05.09 22:46:48 | 001,127,328 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI) DRV:64bit: - [2007.05.09 22:46:36 | 000,016,032 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lv302a64.sys -- (lvpepf64) DRV - [2009.11.07 20:13:32 | 000,000,000 | ---D | M] [Kernel | System | Running] -- C:\Windows\CSC -- (CSC) DRV - [2009.06.10 23:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv) DRV - [2009.06.10 23:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip) DRV - [2008.08.14 08:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\adfs.sys -- (adfs) DRV - [2007.02.07 20:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google search IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Google search [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 32 24 01 D2 DF 5F CA 01 [binary data] IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {542e4d79-1970-4e95-9862-fdb96f61b280} - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/home" FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1 FF - prefs.js..extensions.enabledItems: 6 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: 48 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3 FF - prefs.js..extensions.enabledItems: {df4e4df5-5cb7-46b0-9aef-6c784c3249f8}:1.0.8 FF - prefs.js..extensions.enabledItems: locationbar2@design-noir.de:1.0.5 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.97 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.6 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.511.0\firefox\extensions FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.06.29 14:34:00 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: D:\Internet Programme\components FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: D:\Internet Programme\plugins FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: D:\Internet\Internet Programme\components [2010.06.29 14:33:59 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: D:\Internet\Internet Programme\plugins [2010.07.01 19:42:30 | 000,000,000 | ---D | M] [2009.11.07 21:37:52 | 000,000,000 | ---D | M] -- C:\Users\Seppl\AppData\Roaming\mozilla\Extensions [2010.07.03 21:37:38 | 000,000,000 | ---D | M] -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions [2010.06.26 10:30:37 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2009.11.08 20:35:24 | 000,000,000 | ---D | M] (TorrentBar) -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions\{7b821b0e-b102-4f9b-b6e3-433ede1fe379} [2010.06.17 13:48:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.05.15 09:13:14 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2009.11.08 20:35:25 | 000,000,000 | ---D | M] () -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions\{a7101e54-830c-4d33-a3ed-bedc17ec44da} [2010.04.16 08:39:30 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.01.08 17:03:45 | 000,000,000 | ---D | M] (Fox!Box) -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8} [2009.11.08 20:35:25 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010.03.06 18:23:11 | 000,000,000 | ---D | M] -- C:\Users\Seppl\AppData\Roaming\mozilla\Firefox\Profiles\aoyg1g3i.default\extensions\locationbar2@design-noir.de [2010.06.27 09:17:04 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-1.xml [2009.09.11 10:44:03 | 000,000,961 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-10.xml [2009.10.13 12:02:28 | 000,000,961 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-11.xml [2009.10.13 12:13:24 | 000,000,961 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-12.xml [2009.10.13 12:13:48 | 000,000,961 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-13.xml [2009.10.13 12:21:50 | 000,000,961 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-14.xml [2009.10.21 21:39:22 | 000,000,961 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-15.xml [2010.06.27 18:57:42 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-16.xml [2009.03.30 17:01:06 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-2.xml [2009.05.05 17:23:41 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-3.xml [2009.06.01 14:08:56 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-4.xml [2009.06.02 00:01:36 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-5.xml [2009.06.08 18:59:31 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-6.xml [2009.07.06 16:07:41 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-7.xml [2009.07.23 22:43:52 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-8.xml [2009.08.05 15:45:19 | 000,000,950 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin-9.xml [2010.06.17 13:48:39 | 000,000,168 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin.gif [2010.06.17 13:48:39 | 000,000,618 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin.src [2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Users\Seppl\AppData\Roaming\Mozilla\FireFox\Profiles\aoyg1g3i.default\searchplugins\icqplugin.xml O1 HOSTS File: ([2010.07.04 11:09:24 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (1&&1 Internet AG Browser Configuration by mquadr.at) - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\Windows\SysWOW64\ieconfig_1und1.dll (mquadr.at software engineering und consulting GmbH) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Microsoft Updat] C:\Program Files\Internet Explorer\services.exe File not found O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [atray] atray.exe (ASKEY) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [mumservice] C:\Program Files\Motorola\Software Update\mumservice.exe File not found O4 - HKLM..\Run: [RestartNeroSetup] C:\Program Files (x86)\Common Files\Ahead\Nero Web\SetupX.exe File not found O4 - HKCU..\Run: [\\GOLDBACH\EPSON Stylus DX5000 Series] C:\Windows\SysWow64\spool\DRIVERS\x64\3\E_FATIBVE.EXE File not found O4 - HKCU..\Run: [1&1 EasyLogin] D:\Internet Programme\1&1 EasyLogin\EasyLogin.exe File not found O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe File not found O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Programme\Nützliche Tools\daemon tool\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [EPSON Stylus DX5000 Series] C:\Windows\SysWow64\spool\DRIVERS\x64\3\E_FATIBVE.EXE File not found O4 - HKCU..\Run: [ICQ] D:\Internet\Internet Programme\ICQ6.5\ICQ.exe File not found O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKCU..\Run: [Steam] e:\steam\steam.exe (Valve Corporation) O4 - Startup: C:\Users\Seppl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1&1 EasyLogin.lnk = D:\Internet\Internet Programme\1&1 EasyLogin\EasyLogin.exe (1&1 Internet AG) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://download.bitdefender.com/resources/scanner/sources/de/scan8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.2 O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\LIVESSP.DLL (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\LIVESSP.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.07.02 23:32:27 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2010.07.02 23:32:25 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE [2010.07.02 23:22:54 | 000,000,000 | ---D | C] -- C:\_OTL [2010.07.02 20:45:00 | 000,000,000 | ---D | C] -- C:\Users\Seppl\AppData\Roaming\Malwarebytes [2010.07.02 20:44:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.07.02 20:44:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.07.02 20:44:30 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.07.02 20:44:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.07.02 17:36:53 | 000,000,000 | ---D | C] -- C:\Windows\BDOSCAN8 [2010.06.29 15:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2010.06.29 14:37:07 | 000,000,000 | ---D | C] -- C:\Users\Seppl\Documents\Downloads [2010.06.29 14:36:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BabelFish [2010.06.29 14:34:09 | 000,000,000 | ---D | C] -- C:\Users\Seppl\AppData\Local\Real [2010.06.29 14:33:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared [2010.06.29 14:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2010.06.29 14:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real [2010.06.29 14:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Real [2010.06.29 14:33:44 | 000,000,000 | ---D | C] -- C:\Users\Seppl\AppData\Roaming\Real [2010.06.29 14:33:18 | 000,000,000 | ---D | C] -- C:\Users\Seppl\AppData\Local\Google [2010.06.29 14:33:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2010.06.29 14:08:18 | 000,000,000 | ---D | C] -- C:\Users\Seppl\AppData\Local\Apps [2010.06.29 14:08:17 | 000,000,000 | ---D | C] -- C:\Users\Seppl\AppData\Local\Deployment [2010.06.29 14:08:10 | 000,000,000 | ---D | C] -- C:\Users\Seppl\Desktop\Personalausweis [2010.06.24 02:28:13 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll [2010.06.24 02:28:13 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll [2010.06.24 02:28:13 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe [2010.06.24 02:28:13 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe [2010.06.24 02:28:13 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll [2010.06.24 02:28:13 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll [2010.06.24 02:28:13 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll [2010.06.24 02:28:13 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll [2010.06.24 02:03:27 | 001,736,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2010.06.24 02:03:23 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2010.06.24 02:03:22 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2010.06.24 02:03:22 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll [2010.06.24 02:03:22 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax [2010.06.24 02:03:22 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2010.06.24 02:03:22 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax [2010.06.24 02:03:22 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2010.06.23 11:57:30 | 000,000,000 | ---D | C] -- C:\Users\Seppl\Desktop\Fakecam [2010.06.17 13:48:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar [2010.06.17 13:48:39 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ [2010.06.17 13:45:56 | 000,000,000 | ---D | C] -- C:\Users\Seppl\AppData\Local\AOL [2010.06.17 13:45:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2 [2010.06.14 17:21:33 | 000,000,000 | ---D | C] -- C:\Users\Seppl\Desktop\Screens [2010.06.13 01:21:22 | 000,000,000 | ---D | C] -- C:\Users\Seppl\Documents\FIFA 10 [2010.06.09 17:14:57 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2010.06.09 17:14:57 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2010.06.09 17:14:57 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2010.06.09 17:14:57 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll ========== Files - Modified Within 30 Days ========== [2010.07.04 11:11:52 | 010,485,760 | -HS- | M] () -- C:\Users\Seppl\NTUSER.DAT [2010.07.04 11:10:32 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.07.04 11:10:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.07.04 11:10:11 | 2146,099,199 | -HS- | M] () -- C:\hiberfil.sys [2010.07.04 11:09:31 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.07.04 11:09:30 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.07.04 11:09:28 | 003,118,059 | -H-- | M] () -- C:\Users\Seppl\AppData\Local\IconCache.db [2010.07.04 11:09:24 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts [2010.07.02 20:44:34 | 000,001,016 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.07.01 19:42:30 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.06.29 14:56:29 | 000,408,679 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100702-173103.backup [2010.06.29 14:41:42 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.06.29 14:34:00 | 000,001,955 | ---- | M] () -- C:\Users\Public\Desktop\Free Games & Music.lnk [2010.06.29 14:34:00 | 000,001,271 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk [2010.06.29 14:33:58 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll [2010.06.29 14:33:57 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll [2010.06.29 14:33:57 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll [2010.06.29 14:33:47 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll [2010.06.29 14:33:47 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll [2010.06.27 19:08:38 | 000,016,384 | ---- | M] () -- C:\Users\Seppl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.06.26 02:15:58 | 001,522,302 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.06.26 02:15:58 | 000,657,438 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.06.26 02:15:58 | 000,618,714 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.06.26 02:15:58 | 000,130,810 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.06.26 02:15:58 | 000,107,034 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.06.20 17:17:17 | 001,245,744 | ---- | M] () -- C:\Users\Seppl\Desktop\IMG_0020.JPG [2010.06.19 20:30:58 | 001,341,830 | ---- | M] () -- C:\Users\Seppl\Desktop\Sample Pictures2.jpg [2010.06.19 20:30:42 | 001,618,145 | ---- | M] () -- C:\Users\Seppl\Desktop\Sample Pictures6.jpg [2010.06.19 20:30:23 | 000,050,348 | ---- | M] () -- C:\Users\Seppl\Desktop\kiss.jpg [2010.06.17 13:48:52 | 000,001,831 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.2.lnk [2010.06.15 14:13:38 | 000,007,603 | ---- | M] () -- C:\Users\Seppl\AppData\Local\Resmon.ResmonCfg [2010.06.09 22:18:50 | 003,017,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2010.07.02 20:44:34 | 000,001,016 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.06.29 14:41:42 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.06.29 14:34:00 | 000,001,955 | ---- | C] () -- C:\Users\Public\Desktop\Free Games & Music.lnk [2010.06.29 14:34:00 | 000,001,271 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk [2010.06.20 17:16:53 | 001,245,744 | ---- | C] () -- C:\Users\Seppl\Desktop\IMG_0020.JPG [2010.06.19 20:30:30 | 001,341,830 | ---- | C] () -- C:\Users\Seppl\Desktop\Sample Pictures2.jpg [2010.06.19 20:30:21 | 000,050,348 | ---- | C] () -- C:\Users\Seppl\Desktop\kiss.jpg [2010.06.19 20:30:09 | 001,618,145 | ---- | C] () -- C:\Users\Seppl\Desktop\Sample Pictures6.jpg [2010.06.17 13:48:52 | 000,001,831 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.2.lnk [2010.06.13 00:05:11 | 000,149,254 | ---- | C] () -- C:\Users\Seppl\Desktop\Melly453.jpg [2010.06.13 00:05:07 | 000,169,356 | ---- | C] () -- C:\Users\Seppl\Desktop\mel270100000.jpg [2010.04.13 22:41:37 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest [2010.03.03 02:00:00 | 004,555,278 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll [2010.03.03 02:00:00 | 001,449,935 | ---- | C] () -- C:\Windows\SysWow64\ffmpegmt.dll [2010.03.03 02:00:00 | 000,882,688 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010.03.03 02:00:00 | 000,877,385 | ---- | C] () -- C:\Windows\SysWow64\ff_x264.dll [2010.03.03 02:00:00 | 000,556,491 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll [2010.03.03 02:00:00 | 000,336,384 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll [2010.03.03 02:00:00 | 000,324,096 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll [2010.03.03 02:00:00 | 000,248,320 | ---- | C] () -- C:\Windows\SysWow64\ff_kernelDeint.dll [2010.03.03 02:00:00 | 000,216,576 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll [2010.03.03 02:00:00 | 000,169,984 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll [2010.03.03 02:00:00 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll [2010.03.03 02:00:00 | 000,145,408 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll [2010.03.03 02:00:00 | 000,121,856 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll [2010.03.03 02:00:00 | 000,116,736 | ---- | C] () -- C:\Windows\SysWow64\ff_tremor.dll [2010.03.03 02:00:00 | 000,100,864 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll [2010.03.03 02:00:00 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll [2010.03.03 02:00:00 | 000,010,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010.02.06 12:51:15 | 001,499,556 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009.12.30 15:35:33 | 000,000,082 | ---- | C] () -- C:\Windows\VSWizard.ini [2009.11.14 20:37:08 | 000,154,112 | ---- | C] () -- C:\Windows\SysWow64\ts.dll [2009.11.14 20:33:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll [2009.11.14 20:11:50 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll [2009.11.14 20:11:42 | 000,150,016 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll [2009.11.14 20:11:42 | 000,141,824 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll [2009.11.14 20:11:40 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll [2009.11.14 20:11:40 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll [2009.11.14 20:11:38 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll [2009.11.14 20:11:32 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll [2009.11.14 20:11:32 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll [2009.11.07 20:28:34 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2009.11.07 20:28:34 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2009.10.20 20:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll [2009.08.16 12:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2009.08.03 01:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.07 18:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2009.01.11 00:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\mmfinfo.dll [2009.01.05 14:44:10 | 000,000,483 | ---- | C] () -- C:\Windows\bdoscandellang.ini [2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2007.10.13 11:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\SysWow64\Registration.ini [2007.02.05 21:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI < End of report > |
|
04.07.2010, 10:25
| #24 |
| | Drohung Veröffentlichung von Daten, Accounts und Passwörter auf einschlägigen Hackerseiten Hier der Extras.txt OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 04.07.2010 11:13:04 - Run 4
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\Seppl\Downloads
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 79,00% Memory free
16,00 Gb Paging File | 14,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 68,36 Gb Total Space | 12,36 Gb Free Space | 18,08% Space Free | Partition Type: NTFS
Drive D: | 195,21 Gb Total Space | 34,55 Gb Free Space | 17,70% Space Free | Partition Type: NTFS
Drive E: | 202,04 Gb Total Space | 85,57 Gb Free Space | 42,35% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SEPPL-PC
Current User Name: Seppl
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- D:\Internet\Internet Programme\firefox.exe (Mozilla Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- D:\Internet\Internet Programme\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Internet\Internet Programme\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "D:\Internet\Internet Programme\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\Internet\Internet Programme\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "D:\Programme\Ausführende Programme - Player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "D:\Programme\Ausführende Programme - Player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "D:\Internet\Internet Programme\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\Internet\Internet Programme\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\Ausführende Programme - Player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "D:\Programme\Ausführende Programme - Player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D11240-5C27-4FEF-855E-57AF99C1A538}" = Motorola Driver Installation 4.2.0
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Windows Live ID-Anmelde-Assistent
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"Win7x64 Components_is1" = Win7x64 Components v1.2.3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2EF095CE-24AF-4AAA-BB82-85F988EC51C0}" = 1und1 Internet Explorer Add-On
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}" = Camtasia Studio 7
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A67911E-8EB5-4F9A-8D8E-1C4CC590B914}" = Motorola Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{75C9CA43-7677-4F89-A971-1104A94DF0F2}" = CSE Demoplayer
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A06714C-F24B-4144-9BA2-788B5DD4F270}_is1" = ICQ Ignore Checker 1.3
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8ED35B48-AFBD-4F32-8271-2257AD8B907E}_is1" = Grand Theft Auto IV - Episodes From Liberty City
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_PROR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{993960EE-CA4D-443F-8F88-E24260DD5FD2}" = LG PC Suite
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4FEA924-630D-11D4-B78E-005004566E4D}" = ViewSonic Monitor Drivers
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1
"{CFFCE4FD-0066-4FF4-ACDE-607ED6683841}" = WLAN Card
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D45EC259-4A19-4656-B588-C2C360DD18EA}" = Half-Life(R) 2
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"1&1 EasyLogin" = 1&1 EasyLogin
"1STFREE_is1" = 1st Free Solitaire 1.7.1
"1und1 Internet Explorer Add-On" = 1und1 Internet Explorer Add-On
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CPU-Control_is1" = CPU-Control
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free FLV Converter_is1" = Free FLV Converter V 6.7.5
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"FrostWire" = FrostWire 4.20.3
"ICQToolbar" = ICQ Toolbar
"InstallShield_{CFFCE4FD-0066-4FF4-ACDE-607ED6683841}" = WLAN Card
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.2.5 Standard
"Magic ISO Maker v5.5 (build 0265)" = Magic ISO Maker v5.5 (build 0265)
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.4 (remove only)
"Messenger Plus! Live" = Messenger Plus! Live
"Messenger_Plus_Live_Germany Toolbar" = Messenger_Plus_Live_Germany Toolbar
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PROR" = Microsoft Office Professional 2007-Testversion
"RealPlayer 12.0" = RealPlayer
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 410" = Portal: The First Slice
"TeamViewer 5" = TeamViewer 5
"VLC media player" = VLC media player 1.0.5
"Vuze_Remote Toolbar" = Vuze_Remote Toolbar
"Windows 7 - Codec Pack" = Windows 7 Codec Pack 2.5.0
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 23.06.2010 05:21:27 | Computer Name = Seppl-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 23.06.2010 05:21:59 | Computer Name = Seppl-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\Internet\internet
programme\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"d:\Internet\internet programme\spybot - search & destroy\DelZip179.dll" in Zeile
8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 26.06.2010 08:52:26 | Computer Name = Seppl-PC | Source = Application Hang | ID = 1002
Description = Programm xBBrowser.exe, Version 2.0.0.20 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 914 Startzeit:
01cb152e542fedc7 Endzeit: 0 Anwendungspfad: D:\Programme\Nützliche Tools\XB Browser\XeroBank\xBBrowser.exe
Berichts-ID:
Error - 27.06.2010 18:26:12 | Computer Name = Seppl-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: msnmsgr.exe, Version: 14.0.8089.726,
Zeitstempel: 0x4a6ce533 Name des fehlerhaften Moduls: PresenceIM.dll, Version: 14.0.8089.726,
Zeitstempel: 0x4a6ce51e Ausnahmecode: 0xc0000005 Fehleroffset: 0x000104a9 ID des fehlerhaften
Prozesses: 0x1770 Startzeit der fehlerhaften Anwendung: 0x01cb1647bf925025 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Windows Live\Messenger\PresenceIM.dll
Berichtskennung:
fd9b15c8-823a-11df-a068-4061862e2a88
Error - 29.06.2010 08:33:23 | Computer Name = Seppl-PC | Source = MsiInstaller | ID = 11704
Description =
Error - 29.06.2010 08:36:18 | Computer Name = Seppl-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 1.9.2.3828,
Zeitstempel: 0x4c25a474 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559,
Zeitstempel: 0x4ba9b29c Ausnahmecode: 0xc0000005 Fehleroffset: 0x00022262 ID des fehlerhaften
Prozesses: 0x1818 Startzeit der fehlerhaften Anwendung: 0x01cb17874a8f2411 Pfad der
fehlerhaften Anwendung: D:\Internet\Internet Programme\plugin-container.exe Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: e9aa52c9-837a-11df-8969-4061862e2a88
Error - 29.06.2010 10:14:28 | Computer Name = Seppl-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: EFLC.exe, Version: 1.1.1.0, Zeitstempel:
0x4bb19157 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559, Zeitstempel:
0x4ba9b29c Ausnahmecode: 0xc0000264 Fehleroffset: 0x000a1c92 ID des fehlerhaften Prozesses:
0x560 Startzeit der fehlerhaften Anwendung: 0x01cb17910a638725 Pfad der fehlerhaften
Anwendung: E:\Grand Theft Auto IV - Episodes From Liberty City\EFLC.exe Pfad des
fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: a097c04c-8388-11df-8969-4061862e2a88
Error - 29.06.2010 10:14:53 | Computer Name = Seppl-PC | Source = Application Hang | ID = 1002
Description = Programm EFLC.exe, Version 1.1.1.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 560 Startzeit:
01cb17910a638725 Endzeit: 591 Anwendungspfad: E:\Grand Theft Auto IV - Episodes From
Liberty City\EFLC.exe Berichts-ID:
Error - 02.07.2010 03:48:00 | Computer Name = Seppl-PC | Source = Application Hang | ID = 1002
Description = Programm services.exe, Version 1.3.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 810 Startzeit:
01cb19ba71e929e5 Endzeit: 0 Anwendungspfad: C:\Program Files\Internet Explorer\services.exe
Berichts-ID:
c680e1d7-85ad-11df-8b76-4061862e2a88
Error - 02.07.2010 19:26:09 | Computer Name = Seppl-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
[ System Events ]
Error - 03.05.2010 18:30:10 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "NVIDIA Display Driver Service" hat einen ungültigen aktuellen
Status gemeldet: 32
Error - 04.05.2010 04:05:56 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Cursor Acceleration Fix" wurde aufgrund folgenden
Fehlers nicht gestartet: %%31
Error - 04.05.2010 20:15:07 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "NVIDIA Display Driver Service" hat einen ungültigen aktuellen
Status gemeldet: 32
Error - 05.05.2010 02:24:29 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Cursor Acceleration Fix" wurde aufgrund folgenden
Fehlers nicht gestartet: %%31
Error - 05.05.2010 03:26:43 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "NVIDIA Display Driver Service" hat einen ungültigen aktuellen
Status gemeldet: 32
Error - 05.05.2010 04:41:11 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Cursor Acceleration Fix" wurde aufgrund folgenden
Fehlers nicht gestartet: %%31
Error - 05.05.2010 19:55:04 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "NVIDIA Display Driver Service" hat einen ungültigen aktuellen
Status gemeldet: 32
Error - 06.05.2010 04:41:38 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Cursor Acceleration Fix" wurde aufgrund folgenden
Fehlers nicht gestartet: %%31
Error - 06.05.2010 07:38:07 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "TeamViewer 5" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 06.05.2010 07:38:11 | Computer Name = Seppl-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Volumeschattenkopie" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
< End of report >
|
|
04.07.2010, 10:36
| #25 |
| /// Selecta Jahrusso | Drohung Veröffentlichung von Daten, Accounts und Passwörter auf einschlägigen Hackerseiten Vuze ist noch vorhanden. Ebenfalls Frostwire (p2p Cleint). Ist deine Entscheidung. Deinstalliere bitte Vuze_Remote Toolbar Logfile ist sauber  Hier noch die letzten paar Schritte zur Säuberung Deines Rechners. Schritt 1 Tool CleanUp Starte bitte die OTL.exe. Klicke nun auf den Bereinigung Button. Dies wird die meisten Tools und Logfiles entfernen. Sollte denoch etwas bestehen bleiben, bitte manuell entfernen sowie den Papierkorb leeren. Schritt 2 Automatische Updates Sehen wir nach ob die Updates für Windows sich automatisch downloaden. Das ist der beste Weg um all die Sicherheits- Patches und Fixes zu erhalten. Windows + R Taste drücken. Kopiere nun folgenden Text in die Kommandozeile RunDll32.exe shell32.dll,Control_RunDLL wscui.cpl und klicke auf OK. Stelle sicher das die automatischen Updates aktiviert sind. Schritt 3 Um Dich für die Zukunft vor weiteren Infizierungen zu schützen empfehle ich Dir noch ein paar Programme.
Schritt 4 Tipps für sicheres Surfen Das sind meine Vorschläge. Verwende einen alternativen Browser statt den IE. Ich empfehle Mozilla Firefox. Für Firefox gibt es verschiedenste AddOns um sicher durch das WWW zu kommen.
Don'ts
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
04.07.2010, 11:56
| #26 |
| | Drohung Veröffentlichung von Daten, Accounts und Passwörter auf einschlägigen Hackerseiten Wow danke für die zahlreichen Tipps. Ich bin für sowas sehr denkbar, denn ich war vorkurzem noch selbst Admin, in einen deutschsprachigen Chat und dort kam es oft vor, das Nicks entwendet wurden. Bereits schon da hat das APT = Anti Phishing Team Aufklärung geleistet, doch auf solche Kleinigkeiten ging niemand ein. Ich habe die Vuze_Remote Toolbar erfolgreich entfernt, die anderen zwei p2p Clients entferne ich erst dann, wenn ich bessere gefunden habe. Leider konntest du mir zwecks Rechtssicherheit und Anonymität keine Hilfestellung bieten (Wie wäre es denn mit rapidshare?). Aber ich kann mich dazu ja nochmal im Netz schlau machen. Windows habe ich immer auf dem neusten Stand und automatische Updates sind bei mir an der Tagesordnung. Was sagst du eigentlich zu den Vorwürfen, Windows würde durch diverse Updates und Programme, die bspw. Fehlermeldung zurück zur Zentrale schicken, Nutzerverhalten analysieren oder anderweitige Daten schicken, die Datenschutzrechtlich relevant wären? -lach- hättest du mir gesagt das bei dem Button Bereinigung das ganze Tool entfernt werden würde und ein Neustart zur Folge hätte, hätte ich mich drauf einstellen können gg. Da der spywareblaster nur in der kommerziellen Version automatische updates bietet und der Hintergrundwächter nur bei Spybot Search and Destroy + den Teatimer läuft , wäre es da ratsam, dass weiterhin laufen zu lassen oder ist das Programm nur deshalb so oft von Zeitschriten angepriesen wurden, da es sich gut verkauft? Denn soweit ich weiß sollte man keine Antivirenprogramme gleichzeitig laufen lassen und ich denke das gilt auch bei Antispywareprogrammen. Schade das du die Zusammenfassung von dem - MVPs hosts file - nur in englisch gefunden hast, denn ich war in Englisch schon immer schlecht. Dieses TUT da, besteht aber ausschließlich nur aus englisch. Wäre dir sehr dankbar wenn du da eine gute Übersetzung finden, anbieten oder anderweite Erklärung auf deutsch mir vorlegen könntest. Tipp 4 hatte ich bereits als Admin bei mir konfiguriert, da mal etliche Admins durch Java/Javascript, schon beim betreten einer Phinshingseite ihr PW ungewollt weitergegeben haben. Da aktive Elemente eigenständig agieren, ist das natürlich eine hohe Sicherheitsgefahr. Nun ich hätte noch eine Frage zu dem Speichern von PW in Firefox. Als Regel gilt ja, das man diese nicht speichern soll. Was ist denn, wenn ich ein Masterpasswort festgelegt hätte, hätte dann der Erpresser trotzdem an alle PW gelangen können oder nur dann wenn ich sie selbst eingebe? lg Marco P.S derzeit bin ich in ein Chat durch ein Häckchen im Kästchen, mit einen festen Passwort belegt, welches nun natürlich nicht mehr stimmt und automatisch generiert wird. Wie schaffe ich das PW zu löschen, sodass es nicht mehr generiert wurde? Im Chat konnte man mir bis jetzt da noch nicht helfen. Wenn das Häckchen im Kästchen entfernt wird, wird es denoch beim neuladen der Seite generiert.. Geändert von Seppl21 (04.07.2010 um 12:16 Uhr) |
|
04.07.2010, 12:20
| #27 | |||||||||
| /// Selecta Jahrusso | Drohung Veröffentlichung von Daten, Accounts und Passwörter auf einschlägigen Hackerseiten Sorry, die Frage hab ich übersehen. Zitat:
 Zitat:
Ich halte von Tor etc nichts. Ich hab nur gelesen das es die Geschwindigkeit von Netz erheblich einschränkt. Persönlich hab ich keine Erfahrung damit. Zitat:
Zitat:
Ich (und viele andere) persönlich empfehlen Spybot nicht, erkennungsrate ist schlecht, entfernen vom Gefunden schon bei 0%. Und der TeaTimer nervt. Zitat:
Zitat:
Zitat:
Zitat:
Zitat:
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
04.07.2010, 12:51
| #28 | ||||
| | Drohung Veröffentlichung von Daten, Accounts und Passwörter auf einschlägigen HackerseitenZitat:
Und, warum sollte ein Proxyserver, da wo meinetwegen die Spur endet, den Strafverfolgungsbehörden/gar Hackern entsprechende Auskunft geben, wenn dieser z. B im Ausland steht? Zitat:
Zitat:
Dazu habe ich auch folgendes gefunden: Zitat:
BTW: Noch einmal rechtvielen Dank für den kompetenten und schnellen Support, denn mein PC ist jetzt nicht nur sauber, sondern auch (merkbar) schneller und sicherer- Danke lg Seppl |
|
04.07.2010, 12:59
| #29 | |||||
| /// Selecta Jahrusso | Drohung Veröffentlichung von Daten, Accounts und Passwörter auf einschlägigen HackerseitenZitat:
Zitat:
Zitat:
 Zitat:
Zitat:
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
04.07.2010, 13:11
| #30 |
| | Drohung Veröffentlichung von Daten, Accounts und Passwörter auf einschlägigen Hackerseiten Ich bin eben dabei das mit dem MVP Host File einzustellen und habe da nun die Intstruktionen für das OS Windows 7 auf Hier gefunden. Nur leider stößt auch hier mein Englisch an seine Grenzen, weshalb ich dich auch hier um Hilfe bitte. Hast du eventuell ein Instantmessenger, indem wir uns dessen annehmen können? Natürlich nur wenn du willst. lg Seppl P.S Ich darf kein Link einfügen... ist eine Unterseite von der Seite die du mir gegeben hast. |
|
| Themen zu Drohung Veröffentlichung von Daten, Accounts und Passwörter auf einschlägigen Hackerseiten |
| adobe, antivir, antivir guard, avg, avira, bho, desktop, dsl, excel, explorer, hijackthis, icq, internet, internet explorer, local\temp, microsoft, nvidia, object, personen, plug-in, programdata, programme, scan, server, skype.exe, software, suche, syswow64, temp, web.de, windows, windows internet, windows internet explorer, wmp |
Textbox.
.
Linear-Darstellung
