Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: trojanisches Programm Exploit.Java.Agent.bb etc

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 25.08.2010, 21:44   #1
Hicke
 
trojanisches Programm Exploit.Java.Agent.bb	etc - Standard

trojanisches Programm Exploit.Java.Agent.bb etc



Hallo habe leider Trojaner auf einen Rechner eines bekannten, welche mal entsorgt werden müssten dringend, Problem bin Laie:

anbei die Zeile von Kaspersky Anti Virus:

25.08.2010 21:30:47 Gefunden trojanisches Programm Exploit.Java.Agent.be
c:\users\asus\anwendungsdaten\tuneup software\tuneup utilities\backups\00000021.rcb

25.08.2010 21:30:47 Gefunden trojanisches Programm Exploit.Java.Agent.be

c:\users\asus\anwendungsdaten\tuneup software\tuneup utilities\backups\00000021.rcb

25.08.2010 00:16:27 Infiziert trojanisches Programm Packed.Win32.Krap.ar
C:\Users\Asus\AppData\Roaming\Heicbe\opzew.exe


wie kann ich das löschen, bitte um Hilfe

Alt 25.08.2010, 22:03   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
trojanisches Programm Exploit.Java.Agent.bb	etc - Standard

trojanisches Programm Exploit.Java.Agent.bb etc



Hallo und

Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
  • Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.



Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 25.08.2010, 22:24   #3
Hicke
 
trojanisches Programm Exploit.Java.Agent.bb	etc - Standard

trojanisches Programm Exploit.Java.Agent.bb etc



Vielen dank für Deine Hilfe, malware läuft gerad über den rechner und dauert ein wenig

Wow das dauert ja ewig mit den Programmprüfungen, werde es heut nacht durchlaufen lassen und morgen posten, ich muss morgen sehr früh an die Arbeit.

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4478

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18882

26.08.2010 18:14:28
mbam-log-2010-08-26 (18-14-28).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 262140
Laufzeit: 2 Stunde(n), 59 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 26.08.2010 18:33:43 - Run 1
OTL by OldTimer - Version 3.2.10.0     Folder = C:\Users\Asus\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55,89 Gb Total Space | 6,92 Gb Free Space | 12,37% Space Free | Partition Type: NTFS
Drive D: | 49,06 Gb Total Space | 36,42 Gb Free Space | 74,24% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ASUS-PC
Current User Name: Asus
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Asus\Downloads\OTL(2).exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtblfs.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\Google\Update\1.2.183.27\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\pdfforge Toolbar\SearchSettings.exe (GreenTree Applications, Inc.)
PRC - C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
PRC - C:\Program Files\P4G\BatteryLife.exe (ATK)
PRC - C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100)
PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()
PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Windows\System32\StkCSrv.exe (Syntek America Inc.)
PRC - C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUSTeK Computer INC.)
PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)
PRC - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Asus\Downloads\OTL(2).exe (OldTimer Tools)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (LiveUpdate Notice Ex) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe File not found
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe File not found
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (LiveUpdate) -- C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (Symantec Corporation)
SRV - (Automatic LiveUpdate Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
SRV - (StkSSrv) -- C:\Windows\System32\StkCSrv.exe (Syntek America Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (pccsmcfd) -- C:\Windows\System32\DRIVERS\pccsmcfd.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (ipswuio) -- C:\Windows\System32\DRIVERS\ipswuio.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (kl2) -- C:\Windows\System32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (KL1) -- C:\Windows\system32\DRIVERS\kl1.sys (Kaspersky Lab ZAO)
DRV - (mfenlfk) -- C:\Windows\System32\drivers\mfenlfk.sys (McAfee, Inc.)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (pavboot) -- C:\Windows\system32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (MODEMCSA) -- C:\Windows\System32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (SIVDRIVER) -- C:\Windows\System32\drivers\SIVX32.sys (Ray Hinchliffe)
DRV - (WCPU) -- C:\Program Files\P4G\WCPU.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (StkCMini) -- C:\Windows\System32\drivers\StkCMini.sys (Syntek)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (MIINPazX) -- C:\PROGRA~1\COMMON~1\MARMIK~1\MInfraIS\MIINPazX.SYS (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
DRV - (MTOnlPktAlyX) -- C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (k750bus) Sony Ericsson 750 driver (WDM) -- C:\Windows\System32\drivers\k750bus.sys (MCCI)
DRV - (k750mdfl) -- C:\Windows\System32\drivers\k750mdfl.sys (MCCI)
DRV - (k750mdm) -- C:\Windows\System32\drivers\k750mdm.sys (MCCI)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dailymotion - Online Videos, Musik und Filme. Schau dir gleich die Videos an!
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Scroogle Scraper
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = 192.168.2.1
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://de.ask.com?o=15015&l=dis"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.4.4.118
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.30
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.1.400
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=DVSV5&o=15012&locale=de_DE&apn_uid=184A4C6C-CC3F-4CFE-9488-78D483844C68&apn_ptnrs=U9&apn_sauid=7886F2F4-9FD9-4828-B529-C565E83992E8&apn_dtid=&q="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.09.12 09:23:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.08.24 21:25:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.08.19 20:44:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\THBExt [2010.08.24 23:29:34 | 000,000,000 | ---D | M]
 
[2009.10.12 12:54:59 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\mozilla\Extensions
[2010.08.25 21:43:29 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\id7gz4la.default\extensions
[2010.08.11 21:40:18 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\id7gz4la.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.08.11 21:24:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\id7gz4la.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010.08.11 21:24:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\id7gz4la.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}-trash
[2010.08.10 11:29:41 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\id7gz4la.default\extensions\toolbar@ask.com
[2010.08.25 21:33:32 | 000,002,385 | ---- | M] () -- C:\Users\Asus\AppData\Roaming\Mozilla\FireFox\Profiles\id7gz4la.default\searchplugins\askcom.xml
[2010.08.25 21:43:29 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010.08.24 23:31:46 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru
[2010.08.19 20:44:25 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.08.19 20:44:25 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.08.19 20:44:25 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.08.18 11:58:27 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2010.08.19 20:44:25 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.08.19 20:44:25 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE (ASUSTeK Computer INC.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe (GreenTree Applications, Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [ToADiMon.exe] C:\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: tfguxxawqkggqamzerpsTaskMgr = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: xmihsndpubondhlclybtTaskMgr = 0
O8 - Extra context menu item: Easy-WebPrint - Drucken - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Vorschau - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} hxxp://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab (CKAVWebScan Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://dl8-cdn-09.sun.com/s/ESD7/JSCDL/jdk/6u13-b03/jinstall-6u13-windows-i586-jc.cab?e=1239646001457&h=866862cb450b898fe00bc7775d0b2ba9/&filename=jinstall-6u13-windows-i586-jc.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Landschaft.JPG
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Landschaft.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{34a5b1e8-0fc7-11de-97dc-0018dec42d8b}\Shell\AutoRun\command - "" = F:\programs\nu2menu\nu2menu.exe -- File not found
O33 - MountPoints2\{fa8b216e-0f11-11de-aa13-0018dec42d8b}\Shell\AutoRun\command - "" = F:\programs\nu2menu\nu2menu.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: dfrgconv - (C:\Windows\system32\bitsraid.dll) - C:\Windows\System32\bitsraid.dll File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.08.25 20:52:31 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.08.25 20:52:31 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.08.25 20:52:31 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.08.24 23:28:34 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2010.08.24 23:27:55 | 000,495,192 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010.08.24 22:14:05 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2010.08.24 21:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2010.08.24 20:36:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.08.24 20:35:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\Kaspersky Lab
[2010.08.18 10:23:07 | 000,000,000 | ---D | C] -- C:\Users\Asus\Desktop\diverse Fotos
[2010.08.16 20:08:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.08.16 20:08:40 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010.08.16 20:06:18 | 001,704,744 | ---- | C] (Skype Technologies S.A.) -- C:\Users\Asus\Desktop\SkypeSetup.exe
[2010.08.12 19:40:36 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.08.12 19:40:36 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.08.12 19:40:36 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.08.12 19:40:36 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.08.12 19:40:35 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.08.12 19:40:35 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.08.12 19:40:35 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010.08.12 19:40:34 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.08.12 19:40:34 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.08.12 19:40:26 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010.08.12 19:40:12 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.08.12 19:40:12 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010.08.12 19:39:16 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010.08.12 19:39:16 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010.08.12 19:39:16 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2010.08.12 19:39:15 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.08.12 19:39:13 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.08.12 19:38:17 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010.08.12 19:38:12 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.08.11 22:14:40 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\WindowsUpdate
[2010.08.11 19:10:42 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010.08.11 19:10:40 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010.08.11 19:10:38 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010.08.11 19:10:38 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010.08.11 19:10:37 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010.08.11 19:10:33 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010.08.11 18:50:34 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010.08.11 18:50:25 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010.08.11 18:16:26 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\Malwarebytes
[2010.08.11 18:14:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.08.11 18:14:57 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.08.11 18:14:57 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.08.11 18:14:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.11 05:58:17 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.08.11 05:56:00 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010.08.11 05:55:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010.08.11 00:31:11 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010.08.11 00:31:11 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2010.08.11 00:31:10 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010.08.11 00:31:00 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010.08.11 00:31:00 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010.08.11 00:30:59 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010.08.11 00:30:59 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010.08.11 00:30:42 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010.08.11 00:30:42 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010.08.11 00:30:19 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.08.11 00:30:19 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.08.11 00:30:18 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.08.11 00:30:17 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.08.11 00:30:16 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.08.11 00:30:15 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.08.11 00:30:14 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.08.11 00:30:14 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.08.11 00:30:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.08.11 00:30:12 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.08.11 00:30:12 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.08.11 00:30:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.08.11 00:30:11 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.08.11 00:30:11 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.08.11 00:29:06 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010.08.11 00:29:05 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010.08.11 00:29:04 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010.08.11 00:29:04 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010.08.11 00:29:04 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010.08.11 00:29:04 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010.08.11 00:29:04 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2010.08.11 00:29:03 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010.08.11 00:29:03 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010.08.11 00:24:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.08.11 00:21:50 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2010.08.11 00:21:50 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2010.08.11 00:21:09 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.08.11 00:20:51 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010.08.11 00:20:50 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010.08.11 00:20:50 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010.08.11 00:20:46 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010.08.11 00:20:46 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010.08.11 00:20:36 | 003,598,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.08.11 00:20:36 | 003,545,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.08.11 00:20:20 | 001,256,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010.08.11 00:20:04 | 002,035,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.08.11 00:19:43 | 000,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010.08.11 00:19:28 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2010.08.11 00:19:28 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2010.08.11 00:19:13 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010.08.11 00:19:13 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010.08.11 00:19:13 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010.08.11 00:19:13 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2010.08.11 00:19:13 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2010.08.11 00:19:01 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.08.11 00:19:01 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.08.11 00:19:01 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.08.11 00:19:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010.08.11 00:18:27 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010.08.11 00:18:27 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2010.08.11 00:18:20 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.08.11 00:17:27 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010.08.11 00:17:27 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010.08.11 00:07:04 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010.08.11 00:07:04 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010.08.11 00:06:27 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010.08.10 23:56:54 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.08.10 23:56:53 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.08.10 23:56:49 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010.08.10 23:56:49 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.08.10 23:56:48 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2010.08.10 23:56:05 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010.08.10 23:26:41 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010.08.10 23:26:41 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010.08.10 23:13:33 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2010.08.10 23:13:33 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2010.08.10 23:13:33 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2010.08.10 23:12:54 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010.08.10 23:12:54 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010.08.10 22:34:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.08.10 22:11:55 | 000,064,304 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys
[2010.08.10 17:40:05 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.08.26 20:09:31 | 003,670,016 | -HS- | M] () -- C:\Users\Asus\NTUSER.DAT
[2010.08.26 19:18:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.26 18:47:04 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.26 18:47:04 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.26 16:47:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.25 21:29:32 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.08.25 21:19:34 | 000,595,506 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.08.25 21:19:33 | 001,445,774 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.08.25 21:19:33 | 000,628,436 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.08.25 21:19:33 | 000,127,056 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.08.25 21:19:33 | 000,104,940 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.08.25 21:12:57 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.25 21:12:52 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.25 21:12:07 | 2144,657,408 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.25 21:07:16 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.08.25 21:07:09 | 000,524,288 | -HS- | M] () -- C:\Users\Asus\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.08.25 21:07:09 | 000,065,536 | -HS- | M] () -- C:\Users\Asus\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.08.25 21:06:49 | 003,115,398 | -H-- | M] () -- C:\Users\Asus\AppData\Local\IconCache.db
[2010.08.25 20:56:34 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2010.08.25 06:13:55 | 000,002,489 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.08.24 23:55:55 | 000,113,933 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2010.08.24 23:55:55 | 000,097,549 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2010.08.24 23:27:55 | 000,495,192 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010.08.24 22:26:06 | 000,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest
[2010.08.24 22:20:11 | 000,254,480 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.08.24 21:39:40 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2010.08.24 21:39:34 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2010.08.23 18:27:02 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.08.23 18:15:37 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2010.08.21 18:07:16 | 000,074,240 | ---- | M] () -- C:\Users\Asus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.21 13:48:47 | 000,000,104 | ---- | M] () -- C:\Users\Asus\Desktop\Papierkorb - Verknüpfung.lnk
[2010.08.16 20:06:29 | 001,704,744 | ---- | M] (Skype Technologies S.A.) -- C:\Users\Asus\Desktop\SkypeSetup.exe
[2010.08.16 09:23:44 | 000,099,840 | ---- | M] () -- C:\Users\Asus\Desktop\Detailansicht Zwischenhalte.doc
[2010.08.14 22:12:09 | 000,188,928 | ---- | M] () -- C:\Users\Asus\Desktop\Madagascar.doc
[2010.08.14 08:00:43 | 000,056,168 | ---- | M] () -- C:\Users\Asus\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.08.11 19:10:17 | 046,792,704 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010.08.11 19:10:17 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010.08.11 19:10:17 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010.08.11 18:27:36 | 000,004,265 | ---- | M] () -- C:\Users\Asus\AppData\Local\abvpkwql_navps.dat
[2010.08.11 18:27:07 | 000,003,445 | ---- | M] () -- C:\Users\Asus\AppData\Local\abvpkwql.dat
[2010.08.11 18:15:02 | 000,000,825 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.11 18:01:14 | 000,000,090 | ---- | M] () -- C:\Users\Asus\AppData\Local\atvicwjc.bat
[2010.08.10 21:15:47 | 000,248,725 | ---- | M] () -- C:\Users\Asus\AppData\Local\abvpkwql_nav.dat
[2010.08.02 22:07:10 | 000,001,409 | ---- | M] () -- C:\Windows\QTFont.for
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.08.24 23:31:18 | 000,113,933 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2010.08.24 23:31:18 | 000,097,549 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010.08.21 13:48:47 | 000,000,104 | ---- | C] () -- C:\Users\Asus\Desktop\Papierkorb - Verknüpfung.lnk
[2010.08.16 20:09:14 | 000,002,489 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.08.16 09:23:42 | 000,099,840 | ---- | C] () -- C:\Users\Asus\Desktop\Detailansicht Zwischenhalte.doc
[2010.08.14 22:12:08 | 000,188,928 | ---- | C] () -- C:\Users\Asus\Desktop\Madagascar.doc
[2010.08.11 19:02:31 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010.08.11 19:02:31 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010.08.11 19:02:30 | 046,792,704 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010.08.11 18:15:02 | 000,000,825 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.11 00:19:14 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010.08.11 00:19:11 | 000,015,181 | ---- | C] () -- C:\Windows\System32\gatherWirelessInfo.vbs
[2010.08.10 18:08:12 | 2144,657,408 | -HS- | C] () -- C:\hiberfil.sys
[2010.08.02 22:07:10 | 000,054,156 | -H-- | C] () -- C:\Windows\QTFont.qfn
[2010.08.02 22:07:10 | 000,001,409 | ---- | C] () -- C:\Windows\QTFont.for
[2010.08.01 22:21:47 | 000,248,725 | ---- | C] () -- C:\Users\Asus\AppData\Local\abvpkwql_nav.dat
[2010.08.01 22:21:47 | 000,004,265 | ---- | C] () -- C:\Users\Asus\AppData\Local\abvpkwql_navps.dat
[2010.08.01 22:21:47 | 000,003,445 | ---- | C] () -- C:\Users\Asus\AppData\Local\abvpkwql.dat
[2010.06.19 23:38:59 | 000,074,240 | ---- | C] () -- C:\Users\Asus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.19 15:00:10 | 000,000,090 | ---- | C] () -- C:\Users\Asus\AppData\Local\atvicwjc.bat
[2010.06.13 22:51:37 | 000,000,032 | ---- | C] () -- C:\Windows\WM2010.INI
[2009.06.11 18:18:27 | 000,000,009 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\mdb.bin
[2009.05.09 21:08:49 | 000,031,007 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\UserTile.png
[2009.04.25 11:24:21 | 000,008,398 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2009.04.12 22:57:52 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.03.29 17:05:16 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2009.03.26 20:30:17 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009.03.22 12:33:06 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.01.05 15:44:10 | 000,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2007.04.18 11:06:01 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2007.03.06 22:55:03 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.03.09 04:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[1999.04.30 01:00:00 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL
< End of report >
         
--- --- ---


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 26.08.2010 18:33:43 - Run 1
OTL by OldTimer - Version 3.2.10.0     Folder = C:\Users\Asus\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55,89 Gb Total Space | 6,92 Gb Free Space | 12,37% Space Free | Partition Type: NTFS
Drive D: | 49,06 Gb Total Space | 36,42 Gb Free Space | 74,24% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ASUS-PC
Current User Name: Asus
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Asus\Downloads\OTL(2).exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtblfs.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\Google\Update\1.2.183.27\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\pdfforge Toolbar\SearchSettings.exe (GreenTree Applications, Inc.)
PRC - C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
PRC - C:\Program Files\P4G\BatteryLife.exe (ATK)
PRC - C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100)
PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()
PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Windows\System32\StkCSrv.exe (Syntek America Inc.)
PRC - C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUSTeK Computer INC.)
PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)
PRC - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Asus\Downloads\OTL(2).exe (OldTimer Tools)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (LiveUpdate Notice Ex) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe File not found
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe File not found
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (LiveUpdate) -- C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (Symantec Corporation)
SRV - (Automatic LiveUpdate Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
SRV - (StkSSrv) -- C:\Windows\System32\StkCSrv.exe (Syntek America Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (pccsmcfd) -- C:\Windows\System32\DRIVERS\pccsmcfd.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (ipswuio) -- C:\Windows\System32\DRIVERS\ipswuio.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (kl2) -- C:\Windows\System32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (KL1) -- C:\Windows\system32\DRIVERS\kl1.sys (Kaspersky Lab ZAO)
DRV - (mfenlfk) -- C:\Windows\System32\drivers\mfenlfk.sys (McAfee, Inc.)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (pavboot) -- C:\Windows\system32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (MODEMCSA) -- C:\Windows\System32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (SIVDRIVER) -- C:\Windows\System32\drivers\SIVX32.sys (Ray Hinchliffe)
DRV - (WCPU) -- C:\Program Files\P4G\WCPU.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (StkCMini) -- C:\Windows\System32\drivers\StkCMini.sys (Syntek)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (MIINPazX) -- C:\PROGRA~1\COMMON~1\MARMIK~1\MInfraIS\MIINPazX.SYS (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
DRV - (MTOnlPktAlyX) -- C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (k750bus) Sony Ericsson 750 driver (WDM) -- C:\Windows\System32\drivers\k750bus.sys (MCCI)
DRV - (k750mdfl) -- C:\Windows\System32\drivers\k750mdfl.sys (MCCI)
DRV - (k750mdm) -- C:\Windows\System32\drivers\k750mdm.sys (MCCI)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dailymotion - Online Videos, Musik und Filme. Schau dir gleich die Videos an!
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Scroogle Scraper
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = 192.168.2.1
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://de.ask.com?o=15015&l=dis"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.4.4.118
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.30
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.1.400
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=DVSV5&o=15012&locale=de_DE&apn_uid=184A4C6C-CC3F-4CFE-9488-78D483844C68&apn_ptnrs=U9&apn_sauid=7886F2F4-9FD9-4828-B529-C565E83992E8&apn_dtid=&q="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.09.12 09:23:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.08.24 21:25:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.08.19 20:44:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\THBExt [2010.08.24 23:29:34 | 000,000,000 | ---D | M]
 
[2009.10.12 12:54:59 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\mozilla\Extensions
[2010.08.25 21:43:29 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\id7gz4la.default\extensions
[2010.08.11 21:40:18 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\id7gz4la.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.08.11 21:24:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\id7gz4la.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010.08.11 21:24:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\id7gz4la.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}-trash
[2010.08.10 11:29:41 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\id7gz4la.default\extensions\toolbar@ask.com
[2010.08.25 21:33:32 | 000,002,385 | ---- | M] () -- C:\Users\Asus\AppData\Roaming\Mozilla\FireFox\Profiles\id7gz4la.default\searchplugins\askcom.xml
[2010.08.25 21:43:29 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010.08.24 23:31:46 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru
[2010.08.19 20:44:25 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.08.19 20:44:25 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.08.19 20:44:25 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.08.18 11:58:27 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2010.08.19 20:44:25 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.08.19 20:44:25 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE (ASUSTeK Computer INC.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe (GreenTree Applications, Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [ToADiMon.exe] C:\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: tfguxxawqkggqamzerpsTaskMgr = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: xmihsndpubondhlclybtTaskMgr = 0
O8 - Extra context menu item: Easy-WebPrint - Drucken - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Vorschau - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} hxxp://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab (CKAVWebScan Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://dl8-cdn-09.sun.com/s/ESD7/JSCDL/jdk/6u13-b03/jinstall-6u13-windows-i586-jc.cab?e=1239646001457&h=866862cb450b898fe00bc7775d0b2ba9/&filename=jinstall-6u13-windows-i586-jc.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Landschaft.JPG
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Landschaft.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{34a5b1e8-0fc7-11de-97dc-0018dec42d8b}\Shell\AutoRun\command - "" = F:\programs\nu2menu\nu2menu.exe -- File not found
O33 - MountPoints2\{fa8b216e-0f11-11de-aa13-0018dec42d8b}\Shell\AutoRun\command - "" = F:\programs\nu2menu\nu2menu.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: dfrgconv - (C:\Windows\system32\bitsraid.dll) - C:\Windows\System32\bitsraid.dll File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.08.25 20:52:31 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.08.25 20:52:31 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.08.25 20:52:31 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.08.24 23:28:34 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2010.08.24 23:27:55 | 000,495,192 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010.08.24 22:14:05 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2010.08.24 21:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2010.08.24 20:36:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.08.24 20:35:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\Kaspersky Lab
[2010.08.18 10:23:07 | 000,000,000 | ---D | C] -- C:\Users\Asus\Desktop\diverse Fotos
[2010.08.16 20:08:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.08.16 20:08:40 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010.08.16 20:06:18 | 001,704,744 | ---- | C] (Skype Technologies S.A.) -- C:\Users\Asus\Desktop\SkypeSetup.exe
[2010.08.12 19:40:36 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.08.12 19:40:36 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.08.12 19:40:36 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.08.12 19:40:36 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.08.12 19:40:35 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.08.12 19:40:35 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.08.12 19:40:35 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010.08.12 19:40:34 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.08.12 19:40:34 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.08.12 19:40:26 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010.08.12 19:40:12 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.08.12 19:40:12 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010.08.12 19:39:16 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010.08.12 19:39:16 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010.08.12 19:39:16 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2010.08.12 19:39:15 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.08.12 19:39:13 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.08.12 19:38:17 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010.08.12 19:38:12 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.08.11 22:14:40 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\WindowsUpdate
[2010.08.11 19:10:42 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010.08.11 19:10:40 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010.08.11 19:10:38 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010.08.11 19:10:38 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010.08.11 19:10:37 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010.08.11 19:10:33 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010.08.11 18:50:34 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010.08.11 18:50:25 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010.08.11 18:16:26 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\Malwarebytes
[2010.08.11 18:14:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.08.11 18:14:57 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.08.11 18:14:57 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.08.11 18:14:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.11 05:58:17 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.08.11 05:56:00 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010.08.11 05:55:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010.08.11 00:31:11 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010.08.11 00:31:11 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2010.08.11 00:31:10 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010.08.11 00:31:00 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010.08.11 00:31:00 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010.08.11 00:30:59 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010.08.11 00:30:59 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010.08.11 00:30:42 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010.08.11 00:30:42 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010.08.11 00:30:19 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.08.11 00:30:19 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.08.11 00:30:18 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.08.11 00:30:17 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.08.11 00:30:16 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.08.11 00:30:15 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.08.11 00:30:14 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.08.11 00:30:14 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.08.11 00:30:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.08.11 00:30:12 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.08.11 00:30:12 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.08.11 00:30:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.08.11 00:30:11 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.08.11 00:30:11 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.08.11 00:29:06 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010.08.11 00:29:05 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010.08.11 00:29:04 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010.08.11 00:29:04 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010.08.11 00:29:04 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010.08.11 00:29:04 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010.08.11 00:29:04 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2010.08.11 00:29:03 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010.08.11 00:29:03 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010.08.11 00:24:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.08.11 00:21:50 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2010.08.11 00:21:50 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2010.08.11 00:21:09 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.08.11 00:20:51 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010.08.11 00:20:50 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010.08.11 00:20:50 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010.08.11 00:20:46 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010.08.11 00:20:46 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010.08.11 00:20:36 | 003,598,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.08.11 00:20:36 | 003,545,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.08.11 00:20:20 | 001,256,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010.08.11 00:20:04 | 002,035,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.08.11 00:19:43 | 000,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010.08.11 00:19:28 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2010.08.11 00:19:28 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2010.08.11 00:19:13 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010.08.11 00:19:13 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010.08.11 00:19:13 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010.08.11 00:19:13 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2010.08.11 00:19:13 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2010.08.11 00:19:01 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.08.11 00:19:01 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.08.11 00:19:01 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.08.11 00:19:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010.08.11 00:18:27 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010.08.11 00:18:27 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2010.08.11 00:18:20 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.08.11 00:17:27 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010.08.11 00:17:27 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010.08.11 00:07:04 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010.08.11 00:07:04 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010.08.11 00:06:27 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010.08.10 23:56:54 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.08.10 23:56:53 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.08.10 23:56:49 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010.08.10 23:56:49 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.08.10 23:56:48 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2010.08.10 23:56:05 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010.08.10 23:26:41 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010.08.10 23:26:41 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010.08.10 23:13:33 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2010.08.10 23:13:33 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2010.08.10 23:13:33 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2010.08.10 23:12:54 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010.08.10 23:12:54 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010.08.10 22:34:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.08.10 22:11:55 | 000,064,304 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys
[2010.08.10 17:40:05 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.08.26 20:09:31 | 003,670,016 | -HS- | M] () -- C:\Users\Asus\NTUSER.DAT
[2010.08.26 19:18:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.26 18:47:04 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.26 18:47:04 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.26 16:47:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.25 21:29:32 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.08.25 21:19:34 | 000,595,506 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.08.25 21:19:33 | 001,445,774 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.08.25 21:19:33 | 000,628,436 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.08.25 21:19:33 | 000,127,056 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.08.25 21:19:33 | 000,104,940 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.08.25 21:12:57 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.25 21:12:52 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.25 21:12:07 | 2144,657,408 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.25 21:07:16 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.08.25 21:07:09 | 000,524,288 | -HS- | M] () -- C:\Users\Asus\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.08.25 21:07:09 | 000,065,536 | -HS- | M] () -- C:\Users\Asus\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.08.25 21:06:49 | 003,115,398 | -H-- | M] () -- C:\Users\Asus\AppData\Local\IconCache.db
[2010.08.25 20:56:34 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2010.08.25 06:13:55 | 000,002,489 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.08.24 23:55:55 | 000,113,933 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2010.08.24 23:55:55 | 000,097,549 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2010.08.24 23:27:55 | 000,495,192 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010.08.24 22:26:06 | 000,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest
[2010.08.24 22:20:11 | 000,254,480 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.08.24 21:39:40 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2010.08.24 21:39:34 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2010.08.23 18:27:02 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.08.23 18:15:37 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2010.08.21 18:07:16 | 000,074,240 | ---- | M] () -- C:\Users\Asus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.21 13:48:47 | 000,000,104 | ---- | M] () -- C:\Users\Asus\Desktop\Papierkorb - Verknüpfung.lnk
[2010.08.16 20:06:29 | 001,704,744 | ---- | M] (Skype Technologies S.A.) -- C:\Users\Asus\Desktop\SkypeSetup.exe
[2010.08.16 09:23:44 | 000,099,840 | ---- | M] () -- C:\Users\Asus\Desktop\Detailansicht Zwischenhalte.doc
[2010.08.14 22:12:09 | 000,188,928 | ---- | M] () -- C:\Users\Asus\Desktop\Madagascar.doc
[2010.08.14 08:00:43 | 000,056,168 | ---- | M] () -- C:\Users\Asus\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.08.11 19:10:17 | 046,792,704 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010.08.11 19:10:17 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010.08.11 19:10:17 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010.08.11 18:27:36 | 000,004,265 | ---- | M] () -- C:\Users\Asus\AppData\Local\abvpkwql_navps.dat
[2010.08.11 18:27:07 | 000,003,445 | ---- | M] () -- C:\Users\Asus\AppData\Local\abvpkwql.dat
[2010.08.11 18:15:02 | 000,000,825 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.11 18:01:14 | 000,000,090 | ---- | M] () -- C:\Users\Asus\AppData\Local\atvicwjc.bat
[2010.08.10 21:15:47 | 000,248,725 | ---- | M] () -- C:\Users\Asus\AppData\Local\abvpkwql_nav.dat
[2010.08.02 22:07:10 | 000,001,409 | ---- | M] () -- C:\Windows\QTFont.for
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.08.24 23:31:18 | 000,113,933 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2010.08.24 23:31:18 | 000,097,549 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010.08.21 13:48:47 | 000,000,104 | ---- | C] () -- C:\Users\Asus\Desktop\Papierkorb - Verknüpfung.lnk
[2010.08.16 20:09:14 | 000,002,489 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.08.16 09:23:42 | 000,099,840 | ---- | C] () -- C:\Users\Asus\Desktop\Detailansicht Zwischenhalte.doc
[2010.08.14 22:12:08 | 000,188,928 | ---- | C] () -- C:\Users\Asus\Desktop\Madagascar.doc
[2010.08.11 19:02:31 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010.08.11 19:02:31 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010.08.11 19:02:30 | 046,792,704 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010.08.11 18:15:02 | 000,000,825 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.11 00:19:14 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010.08.11 00:19:11 | 000,015,181 | ---- | C] () -- C:\Windows\System32\gatherWirelessInfo.vbs
[2010.08.10 18:08:12 | 2144,657,408 | -HS- | C] () -- C:\hiberfil.sys
[2010.08.02 22:07:10 | 000,054,156 | -H-- | C] () -- C:\Windows\QTFont.qfn
[2010.08.02 22:07:10 | 000,001,409 | ---- | C] () -- C:\Windows\QTFont.for
[2010.08.01 22:21:47 | 000,248,725 | ---- | C] () -- C:\Users\Asus\AppData\Local\abvpkwql_nav.dat
[2010.08.01 22:21:47 | 000,004,265 | ---- | C] () -- C:\Users\Asus\AppData\Local\abvpkwql_navps.dat
[2010.08.01 22:21:47 | 000,003,445 | ---- | C] () -- C:\Users\Asus\AppData\Local\abvpkwql.dat
[2010.06.19 23:38:59 | 000,074,240 | ---- | C] () -- C:\Users\Asus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.19 15:00:10 | 000,000,090 | ---- | C] () -- C:\Users\Asus\AppData\Local\atvicwjc.bat
[2010.06.13 22:51:37 | 000,000,032 | ---- | C] () -- C:\Windows\WM2010.INI
[2009.06.11 18:18:27 | 000,000,009 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\mdb.bin
[2009.05.09 21:08:49 | 000,031,007 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\UserTile.png
[2009.04.25 11:24:21 | 000,008,398 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2009.04.12 22:57:52 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.03.29 17:05:16 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2009.03.26 20:30:17 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009.03.22 12:33:06 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.01.05 15:44:10 | 000,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2007.04.18 11:06:01 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2007.03.06 22:55:03 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.03.09 04:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[1999.04.30 01:00:00 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL
< End of report >
         
--- --- ---
__________________

Alt 26.08.2010, 20:20   #4
Hicke
 
trojanisches Programm Exploit.Java.Agent.bb	etc - Standard

trojanisches Programm Exploit.Java.Agent.bb etc



OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 26.08.2010 18:33:43 - Run 1
OTL by OldTimer - Version 3.2.10.0     Folder = C:\Users\Asus\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55,89 Gb Total Space | 6,92 Gb Free Space | 12,37% Space Free | Partition Type: NTFS
Drive D: | 49,06 Gb Total Space | 36,42 Gb Free Space | 74,24% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ASUS-PC
Current User Name: Asus
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\program files\t-online\t-online_software_6\browser\Browser.exe (Deutsche Telekom AG, T-Com)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- C:\program files\t-online\t-online_software_6\browser\Browser.exe "%1" (Deutsche Telekom AG, T-Com)
htmlfile [opennew] -- C:\program files\t-online\t-online_software_6\browser\Browser.exe "%1" (Deutsche Telekom AG, T-Com)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\T-Online\T-Online_Software_6\Browser\Browser.exe" "%1" (Deutsche Telekom AG, T-Com)
https [open] -- "C:\Program Files\T-Online\T-Online_Software_6\Browser\Browser.exe" "%1" (Deutsche Telekom AG, T-Com)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-4186507801-287623148-3281869339-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C840E1-6D09-4B8F-AF22-819FB0A4E436}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe | 
"{35AE24DE-73DD-44A6-A73A-6A1EEDEC1375}" = lport=5358 | protocol=6 | dir=in | app=system | 
"{6D54C45A-DF86-45B5-B69B-BB961D899DC8}" = rport=5357 | protocol=6 | dir=out | app=system | 
"{9F97E809-318B-480A-9083-5BA796AFA3D2}" = rport=5358 | protocol=6 | dir=out | app=system | 
"{A330D298-F6CC-474B-9952-7FDE80617A5F}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe | 
"{BD098DFD-DCDA-4E5D-9252-5C95268E06AD}" = lport=5357 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00720277-9EF3-4B46-AFFE-2E26AB78C206}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{00A83F98-6BBD-4805-8773-E83BFC71998E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{01C9F4F9-4E70-41CE-A012-0AE53B1A6A8A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{01F61449-E7EA-4244-983D-D8E43D90DE19}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{032E6D40-5524-4BAC-9A83-45C6EFA5A7F1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0390DB18-080D-424D-BF77-AEC79DF80250}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{04346E7D-EE88-4411-A7CC-A7A8CA4ED9DD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{04441F90-FE19-4EB4-BAFE-7E297AABF8E0}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0525C946-33C3-4D2A-963F-881674072034}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{053742BF-DFA3-46B6-AD43-A3F621821171}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{054C37CD-5B4F-4824-884C-62A99A02A15D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{06E44657-A748-4B9E-8C0E-B84F2CEAA7F3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0A50292C-A12C-4F77-8CF4-6DBD122066D1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0A5B8D5C-BC5B-4DF2-B369-7016B24A8243}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0BBA967E-5058-4A35-BF5B-6FF1196304E1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0C77F199-D03B-4F4E-9AA6-A11E96E22BD1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0D53FBDB-E440-4D66-9C21-B34CA2D81E22}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0E21C837-BA50-4D27-A4B9-1601CDE4B512}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0E83D7C2-EEFA-48F5-AC4B-D1A0F27E6D08}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0E95074D-91F6-47C7-A1F6-23079AE806C4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0EB8E580-6DFD-4535-9045-C3D0255E0144}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0FF7FF4A-77CA-4CBC-94D8-8AE5B4C924E3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{10C4E437-12B2-4C2A-B9F5-407230328980}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{13525866-810F-4B79-A86C-7F3D986BDDBC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{13F18B24-2D32-49E6-8531-2FA8F6DD7BEB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1417E093-4ED2-4196-AAE2-FD92971C248D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1457C2C8-FE89-419D-B745-91B8534C5F8B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{14839761-3EFF-4B0D-92F0-9FCFA8FE2754}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{154D7AD6-C121-437E-8354-D37C8B9A7E84}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{15A89860-3EA3-493F-AC2F-91F132D6FC6B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{161C11E1-D7C3-4EB1-9D13-6DF821C470B3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{165D82BC-101C-44F0-AF02-DFB79958C94F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1761D85D-898F-4895-B1E5-3D947FEACB19}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{17742E11-D90F-4E6E-BBD2-78E56FEE96D6}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{179644D6-342D-4802-AB58-B7938EAEA41D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{17A53149-72C5-43BB-8437-B93C3AC76980}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{17DA3619-6518-4D50-A10E-3CDBF2533C23}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1883FB18-E30B-4B2E-8025-E9F46BED1DAF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{18D1F6A5-F89E-48B8-BE37-79F96DF2EC12}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1952A2EF-AF36-4FFC-8BA4-2E2D2F7C412E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{19AF5733-4609-406D-8702-3E7B48FD369A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1A61BBDB-3A49-4C7E-B019-665F5C90D9D3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1A75C0FF-AC0C-4FAD-BF38-72825B7E88BF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1CB509B3-F380-4409-AA96-A8633EF7611B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1CD4799C-A177-4249-AF76-74D564C7D284}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1D46406B-3FC4-4518-A097-9F70D9769EB1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1D468EBC-36DE-4DEF-81A8-1DB85A1E67C9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1D879806-2767-4999-B784-99C80D53FC61}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1E25FF67-4163-4B55-A156-D4778D2D3B7E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1E2F870C-1D60-491F-8CB3-EC4FCCF69C0D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1FA6DFAA-E851-47C2-B36B-02F33A95B742}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{20F3DDDF-78D0-4E5C-A2A2-E04F37710EF2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{21FC70E7-68AC-4BC8-A83A-C21CFF2FB5F9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{22276FB9-9B60-464A-9F2B-8D7D4D6C68FE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{224DD74A-2707-493F-BD56-0A44E087F7B5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{22632337-B4AD-4CD9-8D2A-7AF36A115FD6}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{22A08F24-CF4F-4DF2-8E69-ACA4410C553F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{23ED6A51-7093-4D24-BEBA-0D52058D4900}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{24E0E1FE-22A9-404F-9C29-1673774176C4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{24ED6634-2CEE-4B99-B561-94953E5966B4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{255FFD29-B129-422E-A928-0383FA4695C3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{257F616B-5232-48F2-BF66-09B6F09F656B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{25DB294B-2ED4-4023-ABC4-EE890C15456B}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | 
"{277D8791-85E0-476B-A88B-2D811D316052}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2822C565-A5D4-4563-98E2-A5BDD01A14E7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{291FB1E2-1D8B-4445-AB09-AD026332E313}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2A32797A-420E-4B39-B08D-C12622F29F6A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2B43B7A5-C30B-4CD4-9CC4-BE57CECDD9AC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2D1CABF4-DA68-4EE5-A116-6D39E389A5EE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2D7F0BFB-9075-46CF-8ACD-2888B3DD34EF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2EFAD313-605C-4692-B706-91421F3C91B4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2F499DCC-0726-4A4D-B828-53F25B2C8E4B}" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"{2F5D7372-5DC8-4865-AC23-8F45BEB738A3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2F9DB0A6-AD4F-46A7-8345-F1F73F54F39F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{300DB12E-529B-42F2-BFF2-A12A0E65B5BC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{304C7F34-E8A5-4419-A761-860CE972B477}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{31689600-8154-48E4-8B09-CAC47ECFCFEE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{31860250-480E-4558-B80D-7A4FBEBBD0A2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{32BB1CD4-0FA4-4F0E-B71F-2004582C45C5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{330D650E-EC04-4AC3-A1C8-9E4D033C6819}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3388AD78-3129-407B-94E7-3533A6794C7D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3443BFC3-123C-441D-9545-17ADF5D4FA84}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{34E88E95-1CC5-49DD-B984-602D702E8854}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{351F8495-20F2-4DCF-8653-B0B78C9AE70C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{35532C3F-AB84-46CA-8D50-6D959433176B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{35E73602-2F9F-4F78-B4E9-A0D15061CCD6}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{368CCE6C-78F6-4BED-BD67-AAB61A06BE25}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{36B90168-7179-418C-8D54-E6AFF862F1C9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{37366850-79F5-48BE-B52D-2A15EADEAD53}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3818C9AB-9F5C-4FF2-AD40-0A0767992A8B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3858C36E-777E-4CB8-B70F-E92852AAFEB6}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{38B73A8C-CFBB-4182-868C-F42B5AC815FB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{392EBD88-A9ED-468F-A880-98F6C6EFF8B6}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{39E48A82-0783-4238-A599-35674E3F33A4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3B4A86A0-F603-4A5A-9798-4CA68CCD764C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3B98C9C1-BF93-47E7-9282-E0DC9C978213}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3BAF7F26-C4EC-4C56-A56D-88485B27EC45}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3C0A7896-7758-4A41-A9BF-E37122AC51E7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3C109712-107C-4E90-885F-9C860953742F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3C1EC37C-9A19-496C-A719-5D542BC867BB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3D30AC8C-F9A8-42F7-B74C-891DB70EDF7A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3DF22A44-9716-489E-8009-D2560DF5E444}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3E9FAD93-0D9D-4DD3-A113-3A02F41D97BE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3F1F88D4-BB32-494E-A1E9-835E6701529C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3F375E3D-C917-4E0B-A32C-D66FE0F875D2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{40682C3B-76FF-429A-BBB9-6A7D83D28C75}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{408501D4-2CE8-4D93-AAB1-0F33FA64D50F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{418C5845-0D0F-4D83-874A-193A50C41075}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4257FC0C-54FF-46F8-AACB-D0ACDD9388F9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{43BA3497-DBF6-4A37-A63D-19E11E10B182}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4481602D-CEA2-4182-8599-27727C1957B1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{44882A48-C165-46B9-B108-57980F033A9F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{44BFC552-FD5E-4733-9BD3-A4367EF14387}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4526CE59-DD6F-4A0E-A0BC-C4D825C61251}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{46075448-5D76-4FAF-B1AC-50A6B85FBAB4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{474D6A14-CFB7-45CA-9CB7-61D4E6ECA4F7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{484A5919-D4D4-4DB4-9DEC-A4993FC90DE4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{48F50CA9-6A1C-4037-AD93-514DBFE614D8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{49393AE5-176F-4EE0-BB50-EE84966AE178}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{49AD0793-37EB-4E6B-B134-6FAE98FE9F01}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4A1E9C8C-6658-42B1-AE39-CC7E2C4719EF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4A447A50-8DBE-4258-8E81-F7E946909E8D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4ACCC427-BA27-4E10-B292-1E7F3E4EBC44}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4B96BFE5-2738-441C-9616-AA7921BA8894}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4CDC0D38-A490-47C9-9406-295347EAB884}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4D8CAA52-C212-4591-9126-5118D5975866}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4DD5B33E-9095-4D30-AB03-AE1B22CFE71E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4E7FD545-6238-44F5-9759-6EB5E4023A7F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4EC8242A-4CFE-4DB4-BE97-D78591F24A61}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4F0A675D-6CC0-4075-A0A4-BB36E4C56F3F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{50D9D611-C273-48BF-9367-E70BB7A85FA7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{50ED2F58-004E-4677-B46B-FE3A68A43561}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{51588849-F2DE-4BB6-A83D-C9F9BF29C963}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{529ABF98-8A4E-432D-8D50-D585FC5ECA85}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{529E813F-EDC1-44DB-9891-73E2AFA6FECB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{544E1737-DB95-4C54-81EA-0C54C08AFD13}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{55917BA6-B51E-415C-83C0-33C2CA3AB77E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{55C76C16-2477-4EED-8546-32FB59B19E91}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{578FDB9B-B7D2-4ABD-9A89-3D8BF8E2BF35}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{57CC1B59-437A-4B6A-91D9-1B119196AD2B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{58034C27-5832-45AE-8283-466350CB602B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5A8C71F9-1590-46C8-B28E-B2B89CF236E2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5C18D2ED-28EE-4410-940B-B7BED7D15A72}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5C1D611F-AC87-4DE9-B8BD-0F065B40014C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5C6BBC88-5267-4798-9B34-EEB0739F426F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5D65AFA4-33A0-406B-9214-30F94F0E2AC9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5E51E3D2-22D9-4A0D-8EDA-C16CC48D417E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5E6B0CC1-0389-4FE8-9C00-B40A6D9228B4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5F8ED060-E6B2-4B65-9064-2833835F9D73}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5FA26B9F-8D7A-427D-908D-87AECA69DEDE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{61410024-1917-4CCA-8CF3-85A53845AA52}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{618ECD92-EDA4-4918-A3DF-517AC0B89E64}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{632C4C35-3566-4E33-9332-5B3E6901CFF9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{64C1608B-4A1B-4CD6-8726-1DDAB50F59D4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6590E0E3-0FF7-473E-8CF1-6E08F769A426}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{66A416BE-52AE-41DF-A846-18A613A16768}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{67014F78-2A3A-488E-93CC-360B243C3D8C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6800940B-5FBD-41BD-B147-5D3FCAAE20C3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{688324C5-CFF1-4F7E-A895-AB477075E0CC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{694C5738-430E-4A62-94C2-7BD84E2D4BF1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6999F104-347C-4AFD-A460-51521599B8CB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6A3DDBB2-AE88-4FBA-AA50-33A0EE1545A8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6B335A5F-AF6A-4160-A0EC-6F4FF3D11E1D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6B68AFBF-925B-48D8-82B1-EF4286606C7E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6C353571-5893-48D5-9479-A2810DF9910E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6C8EE939-5E74-4983-9545-552277FC6FF5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6D2F86BA-7E27-43EE-811C-EAE2062984D0}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6F9B8A89-69FF-4C0E-B4B5-AE602A3380A1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6FFCF464-B4D0-4837-A0A0-3BB6D2A0D3ED}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{701A2C02-13EA-4097-BE7E-B62B461697AF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{704C39CF-D400-47E3-80D2-71FEB7FE8756}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{707D54B9-879E-4FB6-9124-BD0C610918D7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{725C69F9-EE65-41EA-A9BB-39A4412D73C7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{727E36A5-2A89-4CA5-B483-C03F14D9AEF5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{72E85F2E-C539-47A3-8FAB-0104C0226719}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{75857E90-3B52-40CE-8D0A-1F49836104E1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{75C577A2-3CFF-4873-9AE5-53B3FBEE4FA5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7619315E-D8A8-4B7D-9875-6EE728F5D3E5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{76D962A5-E1DD-4041-9217-9C641995DB15}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{77EF34DD-8AB2-4391-8966-3C8981D51255}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{77FFCEF7-5F80-4E0A-B77D-7E4429386013}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{78D9EB35-DDCE-4372-8589-12F1DB58BD8A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7AE8DC95-CC91-412C-9BCE-0E0A8D99A0A9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7B97F76A-FE3B-4E35-8DD2-7A8329E1A131}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe | 
"{7BAA20AF-ECED-4FFE-8823-A72B7EF900C5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7CC2B4DA-B19B-445E-877F-07C7FDA5C38C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7CE89BE4-15E0-4300-8D61-086181892D78}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7D152493-CEF3-4BA5-8174-82013ED336DD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7ECCA9A1-B35A-4026-97A9-C2482E3A4286}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7F5BF052-E589-4C32-9D67-D8A87D415930}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7FEEFDB0-B624-4E7A-B5B4-8077E0558E2A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{801660AB-2F1A-4FAC-A31A-E3BF5B7F4559}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{81A0ADEA-5AB4-45FC-83FF-37EA78CFCCB7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8326033A-4ECE-44B3-8344-00165E0DE6FC}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | 
"{83BDB8AA-0BD1-4B43-BBE6-06C0E902A79E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{83F7457C-A7E4-41AB-99FC-8FD30AF5C639}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{84450271-3650-43C0-85DB-C7B996953C55}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{852A0DF0-B953-42DD-B21B-FE924D3395B6}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{852C4BE7-9BF8-43B2-B9EE-8B515CB96D86}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{85317A9F-0FA4-44AC-B73C-B86FCFDAFE2C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{859FC994-6C20-4FAC-AFD2-6243B0D42694}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{85CA5FF0-CB8C-4207-9FDF-06EC88021A0A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{860703B3-5C88-4F96-A286-C42064699260}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{87AFEF98-E09D-4623-B9E9-C63729B3A61C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{88F4FD84-9FCD-4CE4-81C9-4BF5DF3D0DD7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{89A051B8-0085-4947-9FB3-38A84708F9CC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8A03816C-2987-48D0-8DF9-859EBBA8D563}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8A1E974D-C1CA-4D88-B3B3-A6F5278CE237}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8A794A40-6212-4C79-8533-F968E6C7FC86}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8A9676BF-9C58-4112-A08D-D4DDD3A00BBC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8B41D03A-0A16-4DD3-81B7-32381C207965}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8BC6210F-49EF-4D24-A8E1-B7743F306AF8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8D258EAE-43F8-4525-B364-3E46A975BDB1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8DF8FF24-E5E8-41B1-B98E-969124AA1DA8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8DFB1C3A-0B19-458E-AAB0-4522AD0FF6CD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8E09D456-E3C9-4EAB-9CE1-F0A6E86EBA06}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8E2898B5-C4A2-48C0-8F99-8C7922DDEE4E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8F2A50B8-405A-4712-AC38-D9FF0AF61A79}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8FC5428B-028A-444E-9E86-68103487BE02}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8FF2A616-89D0-40F1-8C71-DF359BEB7935}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9010A5B2-D889-42D9-ABD3-176597B9AA82}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{912278D3-91D2-465C-83BA-9F17151A21E8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{924BC85F-F135-4CED-8D94-79A5F73EEE1B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{92AF094B-578E-4245-91C6-438C5F24DD30}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{92C17B53-B64B-4366-B7F7-AE81B43B3DE8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{93D24255-B602-4C0F-8C31-5A4C957E3642}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{9423D51C-9483-4AA5-8AC1-CAE1E3F203E5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9439B06E-A57A-4795-AB7D-2A6CA399EA4E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{949A5B5E-9D13-43DF-8D91-2520033CCE09}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{95C66314-B359-4694-91DE-ECB5A109E288}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{964C0E5D-5FE2-4AC3-97B0-3E911FB296EA}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{966C2895-590A-4332-BFC5-F4DFCD01BC28}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{99783F6B-4C52-45DF-8267-00AA1531BE33}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9995A054-1B5C-486B-926C-172B09CDA14F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{99AFA6E8-6927-4598-A311-397A9095ADA4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9AB930E5-89E2-498B-A627-82C9D45650E5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9AFE69ED-D3C8-4CBB-87CA-80CE2D1CCDE9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9C8C7AAC-EDCF-4FC9-AA27-12CBC582665C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9D196AE4-3003-408A-AE5B-D644EC4C540A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9D731346-A772-46B7-AE74-C3A9BF631A12}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9DAB34AB-B7AF-4036-9863-C125D6097D49}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9E98D406-4988-4A61-B29E-4359458F97FE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9F033CD6-B943-4020-BD6A-73D654684A36}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A0305448-4D8F-4EDA-B8AE-0684DC047B84}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A06F2427-BB4A-45B5-85BE-0E4E105204BE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A0C2DBE1-BB2F-4628-9D42-7E6362719FFD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A268C1F6-6E59-4B14-9B70-0701E3911CF6}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A2A5B439-2D5D-4380-B4B3-79410E47538B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A2E4EE00-0C3B-4BDF-9F8E-9A02F0AA4B9A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A36A2D26-2FC2-44D4-BEC8-2BE75E31EE4C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A38A7F04-2411-47CA-A2CC-EBD59930F9AD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A3ADEA32-14A6-4258-A797-4AAAC2610408}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A3D78E95-19CF-48E7-ADC9-139AA6283170}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A426E5F8-3B7A-449B-A041-4BA113580B95}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A44BB390-4D4F-4D7F-871F-4D832F331954}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A46BC364-80DD-4E01-8789-98BACBB06EF7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A5AE4EE1-C5BD-48D3-9345-14A685C8B722}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A5D6FE0D-6B90-4242-88D6-C47BDA425247}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A66BBC30-AC7C-434E-A48C-3B0AB5A7DCB7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A7B84F07-BB12-4FBC-9953-57B74EAD41C2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A7BA8E4C-3B0C-4C88-B241-873631AFFA6B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A7E56A3D-154E-4F82-8DF6-40EEE00A3761}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AAB58272-EB47-4E4C-8A3C-10A596086DD3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AAF873E9-B60C-4D53-9BE5-7358701BC452}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{ADCBCBF7-16AC-4B79-918D-3B75DDD24E1D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{ADDAC003-5B60-4086-AC85-244FC016AF31}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{ADE206E1-AB54-43B4-BFBA-21C1180F5888}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AE45DA63-D6FD-4692-888D-A82269AE5103}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AE4D7B33-C905-4E5E-BFB7-9068BCD1DCD7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AF09A85F-D905-4FC3-8975-3C4BB1E1D526}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AFC8CE7B-DEEC-4371-84D5-28609EBC6E53}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AFEDC19E-0B58-4FCD-B7AC-83CBC5C83196}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AFF5871C-9417-4D09-93B7-81670C7DA868}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B1090254-41BD-4928-87F9-5A935128A689}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B2C77BA7-CF30-43D3-8A45-D6B2A9B46152}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B2CF10E5-8EDA-4BDE-B285-F2B80E69E5CB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B3713CC6-FF0B-4D19-9799-FE553EFBA224}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B5534392-64A6-46A9-A214-7D41195384D1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B5B97613-2D84-40CB-8AA2-8F1EC49B729F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B5E310FF-78B2-47A8-A10B-F58DDE18CCDA}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B757DE59-7AAD-423B-91CE-B6E57C8BCCDA}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B82668DA-C46E-454D-8B24-1CED785CD298}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B83F54C6-96AE-44B8-85B6-D2B5C2270DAB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B86307A8-D518-4A81-84D6-85F42ABEF534}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B8A806F0-166A-4D8D-ABAE-C6DFC3065D3A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B914E78C-65C8-4FFA-A022-E3D7A337185F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B9F118B3-240B-43D2-9BB2-665C3772685E}" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
"{BA014862-E34A-4AB6-A8A1-B0CDC8C70B74}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BC8E7EC1-5F10-476E-8DBC-E0734D4F4E03}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BE5B3D3F-16A1-499B-890C-4C72686EA2F9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BE8BEDF4-D560-4977-A1F0-E01F122C7D7B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C11F63CE-D287-426B-A5DA-656B1997AE92}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C18F1D62-89C4-450D-A841-1074D2F9176D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C3C3EE66-F70D-4159-BD48-EF206F1356A9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C5888C42-4CB7-4F43-8B2B-70D045515D11}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C5EF8672-A5A8-4194-A949-13485121C041}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C733C410-93BF-4CDF-9589-DF131DC11201}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C7CE7832-BC1E-40A6-AD4B-F3FD2F58790D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C7D499D8-0ACD-4E71-924A-A92D4BCA2778}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C99783C1-1E20-4A69-845E-5E3F3E9D70A8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CB20BD0F-04FF-427A-ABD7-1E661D2E7C9F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CC73278F-95EF-4C88-ACB6-F3387A1AA377}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CCC96AA5-8D7F-41EE-A7B1-8A300A13F4FD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CD305ABB-5A07-4321-BA24-7A475DD1D62F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CD64D1B4-0BB0-4646-8BDC-704433B9A6A6}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D045B449-9F29-4C19-8CD0-8590D56E7E2A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D10A0A1C-E233-48A4-A602-D9E70D88CC8B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D1310F1B-9CB2-489A-BD7E-38EE8B138BD7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D1B203A6-5DD6-4A4C-9845-78B23918E78A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D1C700C3-2B30-4B5D-A360-8209147CE8FA}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D47AA842-F79A-4564-9F21-081878F06273}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D569E92E-350B-4069-A444-1D49C92A054D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D5C0ECE2-B094-472C-B84E-9F18A4C1614C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D5DF84D2-DB99-4655-A1D0-BA0BB4C7002F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D69905A9-7E62-48CC-9560-CC2A8FA9C4F5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D6B8DF9C-1F24-4119-BB01-13AD521F5128}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D723C27A-2D38-49EC-910E-F9D5922BD8B3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D74771B7-0DE0-4C5E-BCE8-A3D9A76D6C4D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D781F44E-175E-4BBD-83A7-96941A09E279}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D7844045-EF67-4291-9D32-45007876B11F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D88A16E2-62B3-4577-898A-D59082CFB612}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D8F1BD62-D3AB-495A-AB16-C393573F41C3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D95BBADF-ED8D-461A-9DF4-D390A030B1F4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D9857061-20EB-4967-B0D2-4836FB7B2CD5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DB222F45-3A23-4BE8-B5C6-5EAEC9BA6461}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DBD0FF11-E512-4090-88C7-5608A20987C2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DC25E133-F6C0-4BE9-8465-E38DBB39F596}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DCDA22BF-7B27-44D7-9D27-EB0A99C4255E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DD23A7A1-123D-4D5A-88FB-7DE8A672A03F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DD75358A-7247-409E-BCF6-D9D4DE73B86A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DE89043F-9B69-4632-A37D-7763EECBD246}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DE90282B-D047-4DC5-9498-EF832B6E4CE2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DF9719FB-D311-4EE1-906E-0B3E58D46A02}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DFAACABB-3A1D-485E-A4B2-2148040C8A5A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E14B74A3-4665-473A-845E-060625C6D05E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E1C1BB0A-8AC0-471B-9236-FA17C7A4B88A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E2056CCE-076C-449C-841E-331317B45BCE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E385A96E-4510-4CEA-9F1C-DAF1BAFEA7A5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E42FB55A-4D8E-496C-83A4-C471E519CEFF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E5331A4E-645B-4DEA-A30F-61A18BB870F1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E55F0F6B-6E29-48F3-BC12-88DF39961B5B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E5984C6F-B68F-43FD-9C0D-88354ED47399}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E62F4B06-CB9F-4050-9CD6-D7FCD8A7C8C6}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E757C69D-00B8-4BF0-9D72-5368908DD779}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E75FD7F5-CD75-40F3-86A3-B6A8B721BFDA}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E8BD64BF-C07D-405B-9FAC-0A280AB7AB17}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E965E5CD-65B5-464F-B4EE-E0E72E5448FE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E9F2ED29-B76A-4C60-B00F-313E5828E9C3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EA225735-19AD-47DA-A1DD-A558FFD8FDF4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EC1BA47D-B4E4-4CC3-8CD4-BDB63CFD1C7E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EC403269-510D-44EA-A384-13F1FCE27026}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{ED455C95-CFED-4A38-A6EC-EC65275B1F4B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EDFB7C35-23A1-4146-97AA-4786573D941D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EE5E7D4B-8E41-4843-9547-E8030BC52EF7}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe | 
"{EF4DFBC4-EFF6-428C-9162-B5E5F2D7B126}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EFDA0447-67A6-456D-9C52-15125FEB266F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F143A550-0335-43E1-B2C0-0D5AB57C2196}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F1ADC63F-B25F-4994-932A-E317C2539B8D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F1C7646A-20CC-4D2C-A7A5-89C0724B0744}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F1EB3FDC-2265-4D59-9677-B7F6A708D185}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F212F993-D645-470D-A6CE-479CA4C0464B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F2A5E555-5E76-4A88-A51D-AB517F0A96E5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F35A1688-754B-4DB7-B7BB-19C7D7770472}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F38AFD69-01CD-476A-B390-9676BFE58DBF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F4B258FE-FD2B-4BE5-B2AD-0D3A02C2B78A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F4B9E0E6-9111-416E-804C-9A7A19BA7A95}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F5BDE6F2-4158-4920-BD30-D3F1FDE0E503}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F5E1AA57-1EC5-43CB-8FB7-57D22F24D38D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F6E418F0-1ED3-4FA7-9356-9DE74E59CF3F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F7BABDFD-302E-4853-9F42-FC96A8038282}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F825AE0E-BC3A-4953-9170-9E3C6FE1CF36}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F83B2F0D-D82C-4355-952F-410DA8463286}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F89BF2BD-56A3-4AF5-B937-C10D937AB166}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F961BF3A-36DC-48D6-AC39-7280D8743571}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F9A546C3-52EF-4EB9-9031-7AC6D3A0062D}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{FA088EA0-CC13-40B8-A678-D977A1C27B49}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FA89409E-11AF-4C55-9E1E-177F9A9CDDBB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FB2769F8-638D-42C0-B8AD-73922A78BEA7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FBF9D2DF-489E-43AE-ACC9-6986D6F871E2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FC8B86AE-EA79-4797-8A7E-3A72113D9FF5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FCA50D3B-B798-4245-885F-5E92BF68625B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FDAC6247-FCA6-4A3F-AC2E-528FBA10F3D5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FDE92185-DE39-4191-9875-29FE0458A256}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FE178C91-D3E2-4C98-B785-82DE59636E4F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FE2CF06B-7305-4B87-82CF-DC61429EEB96}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FE80BB63-C770-41DD-BD9B-21C37FC45E38}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FF2CCC15-36D5-469C-BDD5-86348E88E775}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FFFF7BA9-F010-429F-94F3-61BF768C0E30}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{1320DA34-1C76-4ED4-82B7-A09E9865D4AD}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 
"TCP Query User{9AFA69A5-78F0-4350-B78E-7DA5DBC2DA20}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"TCP Query User{A0FCBA8F-1E5D-4B5D-B482-8CC8E9EA62D5}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{4CCDF7F7-C5C1-43E6-941A-2F657721E340}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{C71B84A6-972C-481C-B689-956E782B317B}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 
"UDP Query User{E5EB674A-3F2D-4BD4-ADFA-41FDD4457110}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04F707AE-1AFD-FCB3-15FB-678EB18E5276}" = Catalyst Control Center Graphics Light
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0B75F2BE-EA34-C35E-795B-14B6AD05EF33}" = CCC Help English
"{0C352FE8-D3C7-5679-3916-94B703AE2568}" = Catalyst Control Center Localization Portuguese
"{0CEF967E-5776-AAB4-24B7-B77B1CFD1F1B}" = ccc-utility
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3300" = Canon iP3300
"{12127C0A-4364-AF17-890A-161497C7C445}" = CCC Help Polish
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = LifeFrame2
"{1F1D117B-2819-5686-F837-6F573CD98D1B}" = Catalyst Control Center Localization Thai
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{26DBD556-77EA-04E4-ED34-9C341ECBCD10}" = Catalyst Control Center Localization Turkish
"{2DE63F00-FDAA-54A5-CB0D-14CE878A6BEB}" = Catalyst Control Center Localization Czech
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{34B92C91-1B7F-CA25-A565-D7B93050A7E5}" = Catalyst Control Center Localization Spanish
"{363AA734-FEDD-B361-AC59-99F8F323881A}" = CCC Help Norwegian
"{36CEB090-7231-0532-59A3-3D5CD5EBB689}" = Catalyst Control Center Graphics Previews Vista
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{3E46600E-8E92-AE52-F505-2552A0EA1697}" = CCC Help Danish
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{4385133D-4A33-2565-7B46-80A89EA0E888}" = Catalyst Control Center Localization Italian
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4E5E22C2-1386-47AE-8EDE-32DDCDCD6653}" = QuickTime
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{61F128C7-59EB-98EA-FE59-2BE6332DF04B}" = CCC Help Chinese Traditional
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{63B3A1B7-DE32-A193-486A-6A39D08C235C}" = CCC Help Chinese Standard
"{63EC2860-FAC7-5BC0-5F6A-BCE20C0EBC80}" = Catalyst Control Center Localization Norwegian
"{666472B6-06A7-0C3A-6165-9A133013BDB2}" = Catalyst Control Center Localization Chinese Traditional
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Anti-Virus 2011
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6B387AB8-A460-5B93-0517-0A9B0D4318B9}" = Catalyst Control Center Graphics Full New
"{6CF08F61-9C7D-8F20-ADED-7A40AEE6F2B7}" = Catalyst Control Center Localization Chinese Standard
"{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}" = ccc-Branding
"{6E65247F-58F9-41CA-BE69-0316F7907170}" = Disc2Phone
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72DCA752-2EAC-3FC8-60C9-19A0D3884302}" = CCC Help Hungarian
"{7463A3EB-F88E-00FC-6081-AD02FB321C54}" = Catalyst Control Center Localization Swedish
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{780950E3-008C-FE5E-AEE6-5EF77D81B31F}" = Catalyst Control Center Core Implementation
"{7D83D3A4-0F45-8075-0AB6-B6D1106CF1B8}" = CCC Help Dutch
"{83A40382-EA9B-A1DF-C2E9-32D65E0B8C23}" = Catalyst Control Center Localization Hungarian
"{83E06C1E-B97B-2679-5EFA-7D0D7FA1ADF1}" = CCC Help Swedish
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{863373A8-5B31-2CBA-16E2-6780AE724DB4}" = CCC Help Portuguese
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{876FF807-179D-663C-3989-B9E97DD7DF43}" = Catalyst Control Center Localization Russian
"{88F36928-8B64-08CB-983A-8B2042CF15D0}" = Catalyst Control Center Localization Dutch
"{8A8C4EAC-9AB7-45FA-9480-5716FD261031}" = Nero 7 Essentials
"{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme
"{937EC4CC-5B69-2990-FC5B-512E1520D0DA}" = CCC Help Russian
"{93DDECDF-0AA0-B360-6A6F-288099DD2D98}" = CCC Help Finnish
"{99D9B4EB-FE36-8A77-ABA9-1FA02E635E63}" = Catalyst Control Center Localization Danish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = Asus MultiFrame
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{A3103F91-39CE-BEDE-680A-D41F26F97D8F}" = CCC Help Thai
"{A6752CB8-1FA2-070B-C80E-B3B67781603C}" = CCC Help Spanish
"{A7714FC2-BFEC-31A6-AA47-321676B73DFA}" = CCC Help German
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{AD757BEF-0720-BA67-FD34-5FB5D950BD60}" = Catalyst Control Center Localization French
"{B01C55C2-37BC-3B95-CAE2-4D12F50FAF8F}" = Catalyst Control Center Localization Korean
"{B021DB07-517A-1FE9-05E1-2FF29870C53D}" = Catalyst Control Center Localization German
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B5D76EC0-13E1-DFEE-9DA4-5F8BC9F4C5CF}" = Catalyst Control Center Graphics Previews Common
"{B8B0FC8B-E69B-4215-AF1A-4BDFF20D794B}" = pdfforge Toolbar v1.0
"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology
"{C3834E9A-09EE-3809-3479-0A2E0487EB64}" = CCC Help Greek
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD54A3A7-2CE4-CB17-F5BC-ED6F48501AF8}" = CCC Help French
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEF65258-EB04-DA25-3C8B-93E44F2321C6}" = CCC Help Italian
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1371B55-1ABB-113F-980B-5531C9529416}" = CCC Help Czech
"{D36A399D-5F74-F01C-3102-3768514B2383}" = ccc-core-static
"{DB5C6904-E162-3DA7-8D92-9F5D70FA9E7F}" = CCC Help Japanese
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E0C2FD92-2054-781C-7719-F3FE978B571A}" = Catalyst Control Center Localization Finnish
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe  1.4.124.1
"{E36D7B40-4411-3B38-DAC0-4CF6574C1DB9}" = Skins
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{ED03EBC3-0621-1ED7-11FA-E22D8FC79909}" = Catalyst Control Center Localization Polish
"{F33B21FC-D4B9-522A-5B67-F87A0BAA3268}" = CCC Help Korean
"{F36828A9-4231-579E-2393-E43B299D77B8}" = Catalyst Control Center Localization Japanese
"{F6D1EEB6-544C-7071-DB1B-11FA4A9AC432}" = Catalyst Control Center Graphics Full Existing
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{FC9CCB53-0EC6-A64E-52C2-68C70858AA56}" = CCC Help Turkish
"{FF216817-DAE6-3280-28EF-C4F12A88E33F}" = Catalyst Control Center Localization Greek
"abvpkwql" = Favorit
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ATI Uninstaller" = ATI Uninstaller
"Canon iP3300 Benutzerregistrierung" = Canon iP3300 Benutzerregistrierung
"Canon Setup Utility 2.3" = Canon Setup Utility 2.3
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Windows-Treiberpaket - Nokia Modem  (06/01/2009 4.1)
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"Easy-WebPrint" = Easy-WebPrint
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Windows-Treiberpaket - Nokia Modem  (06/01/2009 7.01.0.3)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"FreePDF_XP" = FreePDF XP (Remove only)
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"InstallShield_{4E5E22C2-1386-47AE-8EDE-32DDCDCD6653}" = QuickTime
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Anti-Virus 2011
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"KigoVideoConverter_is1" = KigoVideoConverter 1.1.0
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.11)" = Mozilla Firefox (3.5.11)
"Nokia PC Suite" = Nokia PC Suite
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"Sony Ericsson" = Sony Ericsson Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"USB2.0 1.3M WebCam" = USB2.0 1.3M WebCam
"WinRAR archiver" = WinRAR
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 02.08.2010 15:29:40 | Computer Name = Asus-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 02.08.2010 15:38:15 | Computer Name = Asus-PC | Source = VSS | ID = 8193
Description = 
 
Error - 02.08.2010 15:38:16 | Computer Name = Asus-PC | Source = System Restore | ID = 8193
Description = 
 
Error - 02.08.2010 15:38:20 | Computer Name = Asus-PC | Source = VSS | ID = 8193
Description = 
 
Error - 02.08.2010 15:38:20 | Computer Name = Asus-PC | Source = System Restore | ID = 8193
Description = 
 
Error - 02.08.2010 15:38:32 | Computer Name = Asus-PC | Source = VSS | ID = 8193
Description = 
 
Error - 02.08.2010 15:38:32 | Computer Name = Asus-PC | Source = System Restore | ID = 8193
Description = 
 
Error - 02.08.2010 15:38:38 | Computer Name = Asus-PC | Source = VSS | ID = 8193
Description = 
 
Error - 02.08.2010 15:38:38 | Computer Name = Asus-PC | Source = System Restore | ID = 8193
Description = 
 
Error - 02.08.2010 15:39:36 | Computer Name = Asus-PC | Source = VSS | ID = 8193
Description = 
 
[ System Events ]
Error - 24.08.2010 18:25:02 | Computer Name = Asus-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 24.08.2010 23:32:08 | Computer Name = Asus-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 25.08.2010 00:11:51 | Computer Name = Asus-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 25.08.2010 12:14:08 | Computer Name = Asus-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.08.2010 um 06:55:42 unerwartet heruntergefahren.
 
Error - 25.08.2010 12:14:20 | Computer Name = Asus-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 25.08.2010 14:47:47 | Computer Name = Asus-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 25.08.2010 14:48:12 | Computer Name = Asus-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 25.08.2010 14:56:05 | Computer Name = Asus-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 25.08.2010 15:07:06 | Computer Name = Asus-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 25.08.2010 15:12:53 | Computer Name = Asus-PC | Source = HTTP | ID = 15016
Description = 
 
 
< End of report >
         
--- --- ---

Alt 26.08.2010, 20:35   #5
Hicke
 
trojanisches Programm Exploit.Java.Agent.bb	etc - Standard

trojanisches Programm Exploit.Java.Agent.bb etc



So Dateien wären jetzt vorhanden. Jetzt benötige ich Eure Hilfe


Alt 26.08.2010, 21:25   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
trojanisches Programm Exploit.Java.Agent.bb	etc - Standard

trojanisches Programm Exploit.Java.Agent.bb etc



malwarebytes hat wirklich nichts gefunden? Gibt es noch mehr Logs davon?
__________________
--> trojanisches Programm Exploit.Java.Agent.bb etc

Alt 26.08.2010, 21:27   #7
Hicke
 
trojanisches Programm Exploit.Java.Agent.bb	etc - Standard

trojanisches Programm Exploit.Java.Agent.bb etc



Ah da ist er ja. Hallo, schön guten Abend. Ne mehr gab es da nicht

Alt 26.08.2010, 21:29   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
trojanisches Programm Exploit.Java.Agent.bb	etc - Standard

trojanisches Programm Exploit.Java.Agent.bb etc



Sieht alles recht unauffällig aus.
Noch Probleme oder weitere Funde in der Zwischenzeit?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 26.08.2010, 21:33   #9
Hicke
 
trojanisches Programm Exploit.Java.Agent.bb	etc - Standard

trojanisches Programm Exploit.Java.Agent.bb etc



Also Probleme insofern das jder Virenscanner maleware meldet und irgendwas retten will. Ich dachte die otl dateien sehen eher komisch aus.
Probleme hinsichtlich hochfahren etc. gibt es eigentlich auch nciht, jedoch meldet der Virenscanner diese 3 anfangs genannten Trojaner..

und die löscht das programm auch nicht. Ich denke ja der PC hat noch Probleme, man kann sie aber einfach so nicht greifen..

Alt 26.08.2010, 21:34   #10
Hicke
 
trojanisches Programm Exploit.Java.Agent.bb	etc - Standard

trojanisches Programm Exploit.Java.Agent.bb etc



meldeung kaspersky
26.08.2010 21:28:28 Gefunden trojanisches Programm Exploit.Java.Agent.be c:\users\asus\anwendungsdaten\tuneup software\tuneup utilities\backups\00000021.rcb Hoch

Alt 26.08.2010, 21:34   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
trojanisches Programm Exploit.Java.Agent.bb	etc - Standard

trojanisches Programm Exploit.Java.Agent.bb etc



Zitat:
Also Probleme insofern das jder Virenscanner maleware meldet und irgendwas retten will. Ich dachte die otl dateien sehen eher komisch aus.
Malwarebytes hat nichts gefunden!
OTL Logs sind unauffällig!

Was genau wird außer das von Dir zuerst genannte gefunden? Wurde das in Quarantäne verschoben?!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 26.08.2010, 21:45   #12
Hicke
 
trojanisches Programm Exploit.Java.Agent.bb	etc - Standard

trojanisches Programm Exploit.Java.Agent.bb etc



hi, mist hab das mit der Seite 2 nicht so schnell gesehen Mh kenne kaspersky nicht so sehr. in quarantäne ist nichts drin
das jedoch steht unter erkannte bedrohung
26.08.2010 21:43:23 Gefunden trojanisches Programm Exploit.Java.Agent.be c:\users\asus\anwendungsdaten\tuneup software\tuneup utilities\backups\00000021.rcb Hoch

Alt 26.08.2010, 21:54   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
trojanisches Programm Exploit.Java.Agent.bb	etc - Standard

trojanisches Programm Exploit.Java.Agent.bb etc



Lass die Finger von TuneUp! Das Programm ist der allerletzte Müll! Alle Einstellungen rückgängig machen und deinstallieren! => TuneUp: Wundermittel oder Placebo Reloaded | DerFisch.de
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 26.08.2010, 21:54   #14
Hicke
 
trojanisches Programm Exploit.Java.Agent.bb	etc - Standard

trojanisches Programm Exploit.Java.Agent.bb etc



was soll ich nun tun?

Alt 26.08.2010, 21:56   #15
Hicke
 
trojanisches Programm Exploit.Java.Agent.bb	etc - Standard

trojanisches Programm Exploit.Java.Agent.bb etc



tune up habe ich schon deinstalliert, weil ich dachte der virus hängt darin ggf. irgendwie drin. kann nichts mehr rückgängig machen. bin verwundert, dachte tune up wäre ein gutes programm

Antwort

Themen zu trojanisches Programm Exploit.Java.Agent.bb etc
anti, anwendungsdaten, appdata, asus, backups, bekannte, bitte um hilfe, dringend, kaspersky, löschen, problem, programm, rechner, roaming, software, troja, trojaner, trojaner java agent und, trojanisches, trojanisches programm, tuneup, users, utilities, virus, zeile



Ähnliche Themen: trojanisches Programm Exploit.Java.Agent.bb etc


  1. Währens trovigo-Virus-Entfernung Java-Virus Java/Exploit.Agent.OHY trojan entdeckt, den ich nicht loswerde.
    Plagegeister aller Art und deren Bekämpfung - 06.06.2014 (11)
  2. Kaspersky findet 2 trojanische Programme (Windows 7): HEUR:Exploit.Java.CVE-2012-1723.gen und Exploit.Java.CVE-2012-1723.nh
    Plagegeister aller Art und deren Bekämpfung - 18.09.2013 (14)
  3. Win 7: Java/Exploit.Agent.PFI trojan von ESET gefunden
    Plagegeister aller Art und deren Bekämpfung - 26.08.2013 (9)
  4. Trojaner HEUR:Exploit.Java.CVE-2012-0507.gen und HEUR:Exploit.Java.Generic
    Log-Analyse und Auswertung - 26.01.2013 (24)
  5. Mehrere Trojaner gefunden (Java/Exploit.Agent.NDM)
    Plagegeister aller Art und deren Bekämpfung - 18.12.2012 (7)
  6. HEUR:Exploit.Java.CVE-2012-4681.gen" sowie mehrfach Exploit.Java.CVE-2012-0507.ou mit kaspersky gefunden in C:Dokumente und Einstellungen ge
    Plagegeister aller Art und deren Bekämpfung - 21.11.2012 (11)
  7. Trijaner-Downloader.JS.Agent.gmg+Heur:Exploit.Java.CVE.2012-4681.ger
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (38)
  8. EXP/CVE-2010-0840.HG(Exploit), EXP/JAVA.Ternub.Gen(Exploit) und TR/Agent.464.4(Trojaner) - nicht totzukriegen
    Plagegeister aller Art und deren Bekämpfung - 14.08.2012 (12)
  9. Desinfec't 2012/Kaspersky findet Exploit.Java.CVE-2011-3544.** und Exploit.Java.CVE-2012-0507.**
    Plagegeister aller Art und deren Bekämpfung - 22.06.2012 (21)
  10. Desinfec't 2012/Kaspersky findet Exploit.Java.CVE-2011-3544.** und Exploit.Java.CVE-2012-0507.**
    Mülltonne - 11.06.2012 (0)
  11. gen.trojan.heur!ik exploit.java.agent!ik trojan.bat.drive by!ik....
    Plagegeister aller Art und deren Bekämpfung - 24.02.2011 (3)
  12. Avira findet 2 Trojaner Java-Virus JAVA/Agent.BH und Exploit EXP/Pidief.coi
    Plagegeister aller Art und deren Bekämpfung - 07.01.2011 (29)
  13. Trojaner Exploit.Java.Agent.cs
    Plagegeister aller Art und deren Bekämpfung - 30.08.2010 (38)
  14. Kaspersky Gefunden: trojanisches Programm Exploit.Win32.IMG-WMF.bvv
    Plagegeister aller Art und deren Bekämpfung - 06.03.2010 (10)
  15. Exploit.Java.Agent.~A@95823236 im Opera Cache und Temp Verzeichnis
    Plagegeister aller Art und deren Bekämpfung - 24.02.2010 (3)
  16. trojanisches Programm Trojan-Clicker.HTML.Agent.a
    Plagegeister aller Art und deren Bekämpfung - 05.11.2006 (14)
  17. infekt mit: exploit.wmf + exploit.java.ByteVerify + sploit[1].anr
    Plagegeister aller Art und deren Bekämpfung - 29.03.2006 (15)

Zum Thema trojanisches Programm Exploit.Java.Agent.bb etc - Hallo habe leider Trojaner auf einen Rechner eines bekannten, welche mal entsorgt werden müssten dringend, Problem bin Laie: anbei die Zeile von Kaspersky Anti Virus: 25.08.2010 21:30:47 Gefunden trojanisches Programm - trojanisches Programm Exploit.Java.Agent.bb etc...
Archiv
Du betrachtest: trojanisches Programm Exploit.Java.Agent.bb etc auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.