Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Misteriöse Viren/Backdoor Trojaner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 16.11.2010, 21:53   #16
lilwhoa
 
Misteriöse Viren/Backdoor Trojaner - Standard

Misteriöse Viren/Backdoor Trojaner



OTL.txd:

Code:
ATTFilter
OTL logfile created on: 16.11.2010 21:47:31 - Run 2
OTL by OldTimer - Version 3.2.17.3     Folder = c:\Users\INTERNET\Downloads
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16916)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221,39 Gb Total Space | 40,60 Gb Free Space | 18,34% Space Free | Partition Type: NTFS
Drive D: | 11,49 Gb Total Space | 2,15 Gb Free Space | 18,73% Space Free | Partition Type: NTFS
 
Computer Name: IRA-PC | User Name: INTERNET | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - c:\Users\INTERNET\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe (Matt Holwood)
PRC - C:\Program Files\Replay Media Catcher\FLVSrvc.exe (Applian Technologies, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\McAfee Security Scan\1.0.150\mcuicnt.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - c:\Users\INTERNET\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_4176eef.dll ()
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (ICQ Service) -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (SymIMMP) -- C:\Windows\System32\DRIVERS\SymIM.sys File not found
DRV - (SymIM) -- C:\Windows\System32\DRIVERS\SymIM.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
DRV - (cpuz130) -- C:\Users\IRA\AppData\Local\Temp\cpuz130\cpuz_x32.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (nvlddmkm) -- C:\WINDOWS\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (UsbDiag) -- C:\WINDOWS\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (USBModem) -- C:\WINDOWS\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\WINDOWS\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (ggsemc) -- C:\WINDOWS\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\WINDOWS\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (avgntflt) -- C:\WINDOWS\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (SCREAMINGBDRIVER) -- C:\WINDOWS\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (hwdatacard) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ssmdrv) -- C:\WINDOWS\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (FlashUSB) -- C:\WINDOWS\System32\drivers\FlashUsb.sys (Danish Wireless Design A/S)
DRV - (avipbb) -- C:\WINDOWS\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (DgiVecp) -- C:\WINDOWS\System32\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.)
DRV - (SSPORT) -- C:\WINDOWS\System32\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (athr) -- C:\WINDOWS\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (btwavdt) -- C:\WINDOWS\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (btwaudio) -- C:\WINDOWS\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwrchid) -- C:\WINDOWS\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (SynTP) -- C:\WINDOWS\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (HdAudAddService) -- C:\WINDOWS\System32\drivers\CHDART.sys (Conexant Systems Inc.)
DRV - (HpqRemHid) -- C:\WINDOWS\System32\drivers\HpqRemHid.sys (Hewlett-Packard Development Company, L.P.)
DRV - (XAudio) -- C:\WINDOWS\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (HSF_DPV) -- C:\WINDOWS\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\WINDOWS\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (HpqKbFiltr) -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (rismxdp) -- C:\WINDOWS\System32\drivers\rixdptsk.sys (REDC)
DRV - (NVENETFD) -- C:\WINDOWS\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (xusb21) -- C:\WINDOWS\System32\drivers\xusb21.sys (Microsoft Corporation)
DRV - (rimmptsk) -- C:\WINDOWS\System32\drivers\rimmptsk.sys (REDC)
DRV - (nvsmu) -- C:\WINDOWS\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (rimsptsk) -- C:\WINDOWS\System32\drivers\rimsptsk.sys (REDC)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (HSFHWAZL) -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\WINDOWS\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (BCM43XV) -- C:\WINDOWS\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (ialm) -- C:\WINDOWS\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (ASPI) -- C:\WINDOWS\System32\drivers\ASPI32.SYS (Adaptec)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=laptop
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {8b86149f-01fb-4842-9dd8-4d7eb02fd055}:0.21.1
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.6&q="
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.28 19:38:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.10.28 19:38:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 
[2010.01.10 11:59:34 | 000,000,000 | ---D | M] -- C:\Users\INTERNET\AppData\Roaming\mozilla\Extensions
[2010.11.16 18:49:47 | 000,000,000 | ---D | M] -- C:\Users\INTERNET\AppData\Roaming\mozilla\Firefox\Profiles\vvt0tdyf.default\extensions
[2010.01.10 15:06:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\INTERNET\AppData\Roaming\mozilla\Firefox\Profiles\vvt0tdyf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.17 14:30:13 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\INTERNET\AppData\Roaming\mozilla\Firefox\Profiles\vvt0tdyf.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010.10.11 15:05:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\INTERNET\AppData\Roaming\mozilla\Firefox\Profiles\vvt0tdyf.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.10.29 20:24:54 | 000,000,000 | ---D | M] (All-in-One Gestures) -- C:\Users\INTERNET\AppData\Roaming\mozilla\Firefox\Profiles\vvt0tdyf.default\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
[2010.07.27 18:17:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\INTERNET\AppData\Roaming\mozilla\Firefox\Profiles\vvt0tdyf.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.17 14:31:18 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\INTERNET\AppData\Roaming\mozilla\Firefox\Profiles\vvt0tdyf.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010.11.11 16:28:57 | 000,000,950 | ---- | M] () -- C:\Users\INTERNET\AppData\Roaming\Mozilla\FireFox\Profiles\vvt0tdyf.default\searchplugins\icqplugin-1.xml
[2010.07.22 18:26:20 | 000,000,961 | ---- | M] () -- C:\Users\INTERNET\AppData\Roaming\Mozilla\FireFox\Profiles\vvt0tdyf.default\searchplugins\icqplugin-2.xml
[2010.08.27 21:42:30 | 000,000,950 | ---- | M] () -- C:\Users\INTERNET\AppData\Roaming\Mozilla\FireFox\Profiles\vvt0tdyf.default\searchplugins\icqplugin-3.xml
[2010.09.09 13:47:44 | 000,000,950 | ---- | M] () -- C:\Users\INTERNET\AppData\Roaming\Mozilla\FireFox\Profiles\vvt0tdyf.default\searchplugins\icqplugin-4.xml
[2010.09.16 19:13:52 | 000,000,950 | ---- | M] () -- C:\Users\INTERNET\AppData\Roaming\Mozilla\FireFox\Profiles\vvt0tdyf.default\searchplugins\icqplugin-5.xml
[2010.10.11 15:05:23 | 000,000,950 | ---- | M] () -- C:\Users\INTERNET\AppData\Roaming\Mozilla\FireFox\Profiles\vvt0tdyf.default\searchplugins\icqplugin-6.xml
[2010.10.28 19:27:47 | 000,000,950 | ---- | M] () -- C:\Users\INTERNET\AppData\Roaming\Mozilla\FireFox\Profiles\vvt0tdyf.default\searchplugins\icqplugin-7.xml
[2010.10.28 19:38:31 | 000,000,950 | ---- | M] () -- C:\Users\INTERNET\AppData\Roaming\Mozilla\FireFox\Profiles\vvt0tdyf.default\searchplugins\icqplugin-8.xml
[2010.06.21 16:35:24 | 000,001,042 | ---- | M] () -- C:\Users\INTERNET\AppData\Roaming\Mozilla\FireFox\Profiles\vvt0tdyf.default\searchplugins\icqplugin.xml
[2010.10.28 19:38:19 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.09.10 22:05:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.09.10 22:04:28 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.02.03 19:57:22 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010.10.27 06:44:13 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.10.27 06:44:13 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.10.27 06:44:13 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.10.27 06:44:13 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.10.27 06:44:13 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.11.14 19:24:59 | 000,425,428 | R--- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 14659 more lines...
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [Ask and Record FLV Service] C:\Program Files\Replay Media Catcher\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\INTERNET\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Windows\system32\install\MSAScu.exe File not found
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Windows\system32\install\MSAScu.exe File not found
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\INTERNET\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Lokales Intranet)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
O24 - Desktop WallPaper: C:\Users\INTERNET\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O24 - Desktop BackupWallPaper: C:\Users\INTERNET\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.11.16 13:36:06 | 000,000,000 | ---D | C] -- C:\Users\INTERNET\AppData\Roaming\Malwarebytes
[2010.11.16 13:35:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.11.16 13:35:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.16 13:35:41 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.11.16 13:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.11.16 13:20:44 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.11.15 18:23:26 | 000,000,000 | ---D | C] -- C:\Users\INTERNET\Desktop\Neuer Ordner (4)
[2010.11.14 18:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010.11.14 18:09:29 | 000,000,000 | ---D | C] -- C:\Users\INTERNET\Documents\Simply Super Software
[2010.11.14 18:09:22 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ztvcabinet.dll
[2010.11.14 18:09:20 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2010.11.14 18:09:20 | 000,000,000 | ---D | C] -- C:\Users\INTERNET\AppData\Roaming\Simply Super Software
[2010.11.14 18:09:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2010.11.13 22:13:18 | 000,000,000 | ---D | C] -- C:\Users\INTERNET\Desktop\Neuer Ordner (3)
[2010.11.13 20:43:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.11.13 20:43:19 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010.11.13 01:36:57 | 000,000,000 | ---D | C] -- C:\Users\INTERNET\Desktop\Neuer Ordner (2)
[2010.11.12 21:38:10 | 000,000,000 | ---D | C] -- C:\Users\INTERNET\Desktop\Get Rich Or Die Try In
[2010.11.12 19:06:51 | 000,000,000 | ---D | C] -- C:\Users\INTERNET\AppData\Roaming\Canneverbe Limited
[2010.11.12 19:06:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2010.11.12 19:06:41 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2010.11.08 20:15:39 | 000,000,000 | ---D | C] -- C:\Program Files\Multi-ICQ
[2010.11.07 13:42:11 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.10.22 23:30:45 | 000,024,960 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbmodem.sys
[2010.10.22 23:30:45 | 000,020,864 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbdiag.sys
[2010.10.22 23:30:45 | 000,013,056 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbbus.sys
[2010.10.22 23:29:23 | 000,258,048 | ---- | C] (LG Electronics Inc.) -- C:\Windows\esn.dll
[2010.10.22 23:29:23 | 000,180,224 | ---- | C] (LG Electronics) -- C:\Windows\AuthDll.dll
[2010.10.22 23:29:23 | 000,090,112 | ---- | C] (LG Electronics) -- C:\Windows\LGMobileDL.dll
[2010.10.20 15:54:26 | 000,000,000 | ---D | C] -- C:\Users\INTERNET\Desktop\Bearbeitungen
[1 C:\Users\INTERNET\*.tmp files -> C:\Users\INTERNET\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.11.16 21:45:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3AAADA73-853B-4D5C-9278-CEDDC1EC17B3}.job
[2010.11.16 21:45:00 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{65885F25-4CAE-462F-9149-D62D188D82AA}.job
[2010.11.16 21:45:00 | 000,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9A337FFF-25C4-45C8-A0C0-3E929A40817E}.job
[2010.11.16 21:03:49 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.16 21:03:49 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.16 19:11:35 | 000,651,350 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.11.16 19:11:35 | 000,618,470 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.16 19:11:35 | 000,121,114 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.11.16 19:11:35 | 000,107,614 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.16 19:04:32 | 000,243,696 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.11.16 19:04:32 | 000,243,696 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.11.16 19:03:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.16 19:02:40 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.11.16 14:11:24 | 000,075,264 | ---- | M] () -- C:\Users\INTERNET\Desktop\SystemLook.exe
[2010.11.16 13:35:46 | 000,000,778 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.16 13:16:52 | 000,364,032 | ---- | M] () -- C:\Users\INTERNET\Desktop\rkill.com
[2010.11.14 19:51:10 | 000,115,579 | ---- | M] () -- C:\Users\INTERNET\Desktop\Aufzeichnen2.JPG
[2010.11.14 19:50:45 | 000,110,446 | ---- | M] () -- C:\Users\INTERNET\Desktop\Aufzeichnen1.JPG
[2010.11.14 19:41:37 | 000,296,448 | ---- | M] () -- C:\Users\INTERNET\Desktop\cqkwl60f.exe
[2010.11.14 19:24:59 | 000,425,428 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.11.12 23:02:30 | 000,026,112 | ---- | M] () -- C:\Users\INTERNET\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.12 19:06:43 | 000,001,694 | ---- | M] () -- C:\Users\INTERNET\Desktop\CDBurnerXP.lnk
[2010.10.28 19:38:23 | 000,001,684 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.10.27 18:21:29 | 000,000,680 | ---- | M] () -- C:\Users\INTERNET\AppData\Local\d3d9caps.dat
[2010.10.23 19:51:01 | 000,002,413 | ---- | M] () -- C:\Windows\System32\lgAxconfig.ini
[2010.10.23 19:49:29 | 000,000,767 | ---- | M] () -- C:\Users\INTERNET\Desktop\LGMobile update.lnk
[1 C:\Users\INTERNET\*.tmp files -> C:\Users\INTERNET\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.11.16 14:11:23 | 000,075,264 | ---- | C] () -- C:\Users\INTERNET\Desktop\SystemLook.exe
[2010.11.16 13:35:46 | 000,000,778 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.16 13:16:49 | 000,364,032 | ---- | C] () -- C:\Users\INTERNET\Desktop\rkill.com
[2010.11.14 19:51:08 | 000,115,579 | ---- | C] () -- C:\Users\INTERNET\Desktop\Aufzeichnen2.JPG
[2010.11.14 19:50:42 | 000,110,446 | ---- | C] () -- C:\Users\INTERNET\Desktop\Aufzeichnen1.JPG
[2010.11.14 19:41:36 | 000,296,448 | ---- | C] () -- C:\Users\INTERNET\Desktop\cqkwl60f.exe
[2010.11.14 18:09:22 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010.11.14 18:09:22 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2010.11.14 18:09:22 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2010.11.14 18:09:22 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2010.11.12 19:06:43 | 000,001,694 | ---- | C] () -- C:\Users\INTERNET\Desktop\CDBurnerXP.lnk
[2010.10.28 19:38:23 | 000,001,684 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.10.22 23:29:23 | 000,221,291 | ---- | C] () -- C:\Windows\Imei_dll.dll
[2010.10.22 23:29:23 | 000,040,960 | ---- | C] () -- C:\Windows\Sublock.dll
[2010.10.22 23:24:24 | 000,000,767 | ---- | C] () -- C:\Users\INTERNET\Desktop\LGMobile update.lnk
[2010.09.04 21:53:47 | 000,243,696 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.09.04 21:53:31 | 000,243,696 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.07.30 18:40:20 | 000,000,431 | ---- | C] () -- C:\Windows\BeatBox.INI
[2010.06.15 10:48:07 | 000,138,968 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.06.01 23:08:37 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2010.04.09 23:42:52 | 000,000,096 | ---- | C] () -- C:\Users\INTERNET\AppData\Local\fusioncache.dat
[2010.03.02 21:19:15 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010.03.02 20:44:06 | 000,237,568 | ---- | C] () -- C:\Windows\System32\rmc_rtspdl.dll
[2010.03.01 17:47:56 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2010.03.01 17:47:56 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2009.12.26 02:00:37 | 000,049,152 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll
[2009.12.26 01:58:51 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009.12.26 01:58:22 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009.12.13 15:33:46 | 000,022,723 | ---- | C] () -- C:\Windows\System32\SUGG1l3.DLL
[2009.12.13 15:33:46 | 000,022,723 | ---- | C] () -- C:\Windows\System32\SUGD1l3.DLL
[2009.09.02 17:46:15 | 000,000,680 | ---- | C] () -- C:\Users\INTERNET\AppData\Local\d3d9caps.dat
[2009.07.01 17:21:37 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.07.01 12:23:17 | 000,026,112 | ---- | C] () -- C:\Users\INTERNET\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.27 21:12:48 | 000,027,503 | ---- | C] () -- C:\Users\INTERNET\AppData\Roaming\UserTile.png
[2009.06.14 18:23:09 | 000,027,620 | ---- | C] () -- C:\Users\INTERNET\AppData\Roaming\nvModes.001
[2009.06.14 15:28:43 | 000,027,620 | ---- | C] () -- C:\Users\INTERNET\AppData\Roaming\nvModes.dat
[2009.06.14 13:49:25 | 000,000,000 | ---- | C] () -- C:\Users\INTERNET\AppData\Local\QSwitch.txt
[2009.06.14 13:49:25 | 000,000,000 | ---- | C] () -- C:\Users\INTERNET\AppData\Local\DSwitch.txt
[2009.06.14 13:49:25 | 000,000,000 | ---- | C] () -- C:\Users\INTERNET\AppData\Local\AtStart.txt
[2008.05.12 12:00:50 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007.09.05 11:52:04 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.03.09 23:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

< End of report >
         
Extras.Txt
Code:
ATTFilter
OTL Extras logfile created on: 16.11.2010 21:47:31 - Run 2
OTL by OldTimer - Version 3.2.17.3     Folder = c:\Users\INTERNET\Downloads
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16916)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221,39 Gb Total Space | 40,60 Gb Free Space | 18,34% Space Free | Partition Type: NTFS
Drive D: | 11,49 Gb Total Space | 2,15 Gb Free Space | 18,73% Space Free | Partition Type: NTFS
 
Computer Name: IRA-PC | User Name: INTERNET | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3120398495-1105111145-1556652119-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 2
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3120398495-1105111145-1556652119-1001]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Free Video Zilla\FVZilla.exe" = C:\Program Files\Free Video Zilla\FVZilla.exe:*:Enabled:FVZilla -- ()
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FF6E273-F4FF-4016-9348-F01CD745B78F}" = rport=139 | protocol=6 | dir=out | app=system | 
"{131D2B3E-2B40-4153-B3E0-B6163E4CCA7C}" = rport=137 | protocol=17 | dir=out | app=system | 
"{1D3AB463-0A1F-4095-89B6-406931B5620F}" = lport=49161 | protocol=6 | dir=in | name=akamai netsession interface | 
"{1ED6FE34-6F49-4ED2-BEBE-0151CEB9375E}" = lport=137 | protocol=17 | dir=in | app=system | 
"{26ACBB81-350D-42DB-888C-A64C775FB00D}" = lport=138 | protocol=17 | dir=in | app=system | 
"{2FB882F8-48C9-4785-A03A-A57D3D036C81}" = rport=138 | protocol=17 | dir=out | app=system | 
"{37B7B483-2880-43DC-8AD8-B0992A2ED8F3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{3FDAA620-1A4D-4A60-AAD3-B1190FB66B06}" = lport=445 | protocol=6 | dir=in | app=system | 
"{42C01849-9F95-4B74-A071-A1D45FEA5AAE}" = lport=6907 | protocol=6 | dir=in | name=league of legends launcher | 
"{4EF01684-F17B-4FE2-B552-1B1C464D03BD}" = rport=445 | protocol=6 | dir=out | app=system | 
"{525C3076-2932-40D6-852F-470B92C06D50}" = lport=6934 | protocol=6 | dir=in | name=league of legends launcher | 
"{5B044864-18BD-40F9-9A56-CC4E08D2AAFF}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby | 
"{5D57C61F-CC27-423A-9347-52E294901369}" = lport=139 | protocol=6 | dir=in | app=system | 
"{73FAA896-18FE-46B0-8641-AABC199BC569}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby | 
"{7A4D6BF1-CB1B-486E-BC94-A26FA0E7C719}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{8E4F2D39-10C7-499C-817C-AF41C6D78FF2}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client | 
"{948DD04E-91F9-46C3-A7FE-19C7D3BCFF1F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{A07FDD49-EC17-4087-8007-1A677CD92172}" = lport=6907 | protocol=17 | dir=in | name=league of legends launcher | 
"{B0314F70-2142-4029-9770-ADFF20EE96F9}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{B480240F-EC79-49B9-82FD-1DEEE4E87AA4}" = lport=6957 | protocol=6 | dir=in | name=league of legends launcher | 
"{B92CDF1E-6624-4A32-B3E2-C7C525E801D0}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher | 
"{BD2A4866-26A2-425D-9CFF-3B65D7A8B4FA}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client | 
"{D3ED6004-5BF5-4F59-8D02-F9DE0D6D34DD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{D49E81B4-2B8A-4738-BE30-E2473B26ED09}" = lport=6957 | protocol=17 | dir=in | name=league of legends launcher | 
"{F4B4938E-0826-4E6C-9B2E-1CBD571A08C7}" = lport=6934 | protocol=17 | dir=in | name=league of legends launcher | 
"{F79DA976-B028-42B4-909B-55711F3C0C01}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01338A06-A6CB-4CE4-9715-CD35E379E0CE}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\operations flashpoint dragon rising - demo\ofdr demo.exe | 
"{078691DE-8AE7-4AAB-B85C-CBAB504D0824}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe | 
"{092819AC-2724-4684-8EDC-8E8D1A9398AD}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\vodkaman92\counter-strike\hl.exe | 
"{163CDF07-DD40-44DC-828A-BE27D183018A}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{17A8AFC9-B526-409D-A46A-3D79BB935285}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{1DC8D720-DCF6-4E22-8815-B0D2174D6863}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1F3BF865-65DB-4D29-AAC0-710DE9254F1C}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{230EB72C-B473-43CF-A68E-777E15C4CD9E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\vodkaman92\counterstrike source beta\hl2.exe | 
"{247BA79A-C8B7-4D1E-8ED2-EBE34D05327F}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{25771D9D-C069-4A30-9A86-EC595AAF3F9B}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{2B4889B8-0FCC-4C2F-A0A2-4122CAF213C5}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe | 
"{2D3C50F1-D74C-4DA6-A828-B250C09CF26C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{2F7AFA31-ACEC-44BD-B8FC-2295792E9FDC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe | 
"{30030595-A11E-4F15-B904-EF1AAE4BF4CF}" = protocol=6 | dir=in | app=c:\program files\league of legends\air\lolclient.exe | 
"{327474F5-1F40-462B-A6E4-DCB4495BB345}" = protocol=6 | dir=in | app=c:\program files\league of legends\lol.launcher.exe | 
"{3357F03E-22B8-4178-BBE3-5B6FB9796B96}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{3810293F-ED4C-44F2-B1AD-D09E3FAAA36A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\trackmania nations forever\tmforever.exe | 
"{3F19323C-34EA-41DF-8731-20C984808667}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{408D73D1-E320-489B-86EA-513C57BD83DD}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe | 
"{40C82AFC-F935-4883-ABE8-DA0D74017B21}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{4372D349-54B7-4B90-8142-D357BEDB1465}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{45E4DBD9-6BA2-426E-AE6D-A3E5340C7912}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{481148EF-6DDA-40DF-A8CF-E6743CF3BEB4}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe | 
"{49A7E857-8AA5-4849-82C1-D5B8D30A9579}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | 
"{4C8DD433-5BF3-487D-B826-CB4553C7C7D8}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{57DE2C7C-767D-4219-967C-62BA0D32F3D1}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{608288E8-FC12-47EB-B5C8-390DE7454556}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{61117775-1302-408D-852E-3922F9C60C9E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{661AC76B-21A7-48D6-8A96-D7B2FF129CE4}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{6919421C-4703-4037-8CCB-4F78AEF36CEC}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\vodkaman92\counter-strike source\hl2.exe | 
"{72C2EF2F-832F-4880-B0C1-89AB1B934DB9}" = protocol=17 | dir=in | app=c:\program files\league of legends\game\league of legends.exe | 
"{72F7B6B3-9946-478B-84DF-FD712C19250F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{73BF695E-9011-495A-A0A0-65CED1CE3ACB}" = protocol=17 | dir=in | app=c:\program files\league of legends\air\lolclient.exe | 
"{74A9B17C-A809-4F68-9718-C79656017F57}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"{78B3B7DE-BC89-4FB2-BE7D-8C0B7849861F}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{7A8BCDAE-058D-462A-B5C5-511458508896}" = protocol=17 | dir=in | app=c:\program files\league of legends\lol.launcher.exe | 
"{838638A7-D99E-470A-9455-FEC3F2BF0664}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\operations flashpoint dragon rising - demo\ofdr demo.exe | 
"{8E208016-4B4A-42BC-88DB-747CCBC49973}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\vodkaman92\counterstrike source beta\hl2.exe | 
"{8E4F39D4-194D-4796-8299-369BC38EB93D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe | 
"{94536B8D-07BE-40EC-AC02-EA024E07F73A}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | 
"{9581AE5F-0450-4FEE-B043-1080140CA31C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe | 
"{96ED93EB-A606-4280-800B-0826E1A59423}" = protocol=17 | dir=in | app=c:\program files\abelcam\abelcam.exe | 
"{978B074B-4237-45A1-A56F-C63FEFA716D8}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"{97A9EB73-DE98-4870-9B35-5CCCFE694CB8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{9EAE5F42-A518-472C-82F4-90963517C223}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{AA75C72F-8D70-4901-B212-2DECC8692A9F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{AEF02B04-C5D6-4701-BD26-C18F67C6AB73}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{B50DA566-F710-4F90-8C7B-1BD53FE8ED2B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{BDC097D8-0DB0-481A-8BF8-0C8AA96598B0}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{C1C86CDC-0A8C-4040-B214-017AA360E2AB}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{C1D1BFDC-254C-4D45-96DE-A14E260EBD84}" = protocol=6 | dir=in | app=c:\program files\league of legends\game\league of legends.exe | 
"{C5C3E192-FC93-475B-8171-3C14EF6898FC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe | 
"{C5D207D0-50E6-4BED-8249-DD72E1A2F6B7}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{C67C825D-0494-4FCE-BB47-9D498190D278}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{CB304BA6-2506-46B6-8F07-B41C3ABE9698}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\vodkaman92\counter-strike source\hl2.exe | 
"{D0531A93-1367-4ABB-844B-BEFEB5BD1D29}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{D605B870-2190-45DB-B485-1C035C7158CF}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe | 
"{D7A157D1-1D38-4F46-8D92-7BE40B0DF574}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{DA184C26-E508-4FF0-A441-E1922FD19237}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\trackmania nations forever\tmforever.exe | 
"{E257E69A-BA77-4521-943E-A8EF58915C5D}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{E3EEE779-7085-4A82-A755-7E66983B8470}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe | 
"{E4C77C02-1A89-495F-A867-9014B689C7B2}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe | 
"{E6DA922D-887C-4036-9E5B-08A3430AF132}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{EEC62A06-F2C5-4916-B162-6E53A9B446DD}" = protocol=6 | dir=in | app=c:\program files\abelcam\abelcam.exe | 
"{EF6DFD70-E22E-49C4-88B5-7FBD8F662A10}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{F06A489C-88E4-4CAA-BD8A-B08A30039E32}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\vodkaman92\counter-strike\hl.exe | 
"{F3125C09-E345-445E-BF5E-0723125335D7}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{F4CFEFCC-C715-4664-8889-36E0A7315A67}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{FA27907C-533B-43C2-A1DE-8220E02FAE83}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe | 
"{FCC44E5D-A829-4D19-A97E-89EFF1993540}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"TCP Query User{317CA52C-6B89-4EDB-9FE3-BFE20EAC4DB7}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{4443B3B9-24CC-4E28-A52F-DBD66A3AA4BB}C:\users\internet\desktop\steven\blubvolley\blub.exe" = protocol=6 | dir=in | app=c:\users\internet\desktop\steven\blubvolley\blub.exe | 
"TCP Query User{6405152B-B8FE-4779-83C0-4BC17671EEFF}C:\users\internet\desktop\steven\blub volley 2\blobby-server.exe" = protocol=6 | dir=in | app=c:\users\internet\desktop\steven\blub volley 2\blobby-server.exe | 
"TCP Query User{6533F833-F532-4B28-98EE-1BCBB5FE840E}C:\program files\steam\steamapps\diggerkiller\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\diggerkiller\counter-strike source\hl2.exe | 
"TCP Query User{6C10899D-2208-4D99-A001-BE167316A959}C:\program files\steam\steamapps\diggerkiller\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\diggerkiller\counter-strike\hl.exe | 
"TCP Query User{AB3CB4E7-71C8-4FD9-AB84-96C75AF8408D}C:\users\ira\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe" = protocol=6 | dir=in | app=c:\users\ira\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe | 
"TCP Query User{AC6285FA-A1F8-4845-ACEE-55A807D277B9}C:\program files\steam\steamapps\diggerkiller\half-life\hl.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\diggerkiller\half-life\hl.exe | 
"TCP Query User{CFFD3822-C386-45FB-8C90-E2D329557A8A}C:\users\internet\desktop\steven\blub volley 2\blobby.exe" = protocol=6 | dir=in | app=c:\users\internet\desktop\steven\blub volley 2\blobby.exe | 
"TCP Query User{D10925F8-FC50-43C1-9C74-B2C8BC910468}C:\users\ira\desktop\shark\shark 0.6 allround tutorial by x4tream\shark 0.6\client.exe" = protocol=6 | dir=in | app=c:\users\ira\desktop\shark\shark 0.6 allround tutorial by x4tream\shark 0.6\client.exe | 
"UDP Query User{1752152C-5613-407B-A511-5F8180981270}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{49BECC9E-F1CB-4BF3-961D-DA52462585A9}C:\users\internet\desktop\steven\blub volley 2\blobby-server.exe" = protocol=17 | dir=in | app=c:\users\internet\desktop\steven\blub volley 2\blobby-server.exe | 
"UDP Query User{54429398-3A7E-4BD0-9FC3-11CE0F3C2D9D}C:\program files\steam\steamapps\diggerkiller\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\diggerkiller\counter-strike\hl.exe | 
"UDP Query User{65DAF941-0882-4441-9839-8F7457DA139E}C:\users\internet\desktop\steven\blubvolley\blub.exe" = protocol=17 | dir=in | app=c:\users\internet\desktop\steven\blubvolley\blub.exe | 
"UDP Query User{69FABE8B-8B2B-4BEA-A68A-BF0A7CEBC5B1}C:\users\ira\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe" = protocol=17 | dir=in | app=c:\users\ira\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe | 
"UDP Query User{830D65AF-3A76-42C6-9288-2FBE5895B95E}C:\users\ira\desktop\shark\shark 0.6 allround tutorial by x4tream\shark 0.6\client.exe" = protocol=17 | dir=in | app=c:\users\ira\desktop\shark\shark 0.6 allround tutorial by x4tream\shark 0.6\client.exe | 
"UDP Query User{A817AE02-8359-4748-ADD4-3D5392906083}C:\program files\steam\steamapps\diggerkiller\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\diggerkiller\counter-strike source\hl2.exe | 
"UDP Query User{DD007C8F-619D-4383-88EF-0F807313E8A5}C:\users\internet\desktop\steven\blub volley 2\blobby.exe" = protocol=17 | dir=in | app=c:\users\internet\desktop\steven\blub volley 2\blobby.exe | 
"UDP Query User{E676CB2D-E929-4879-8495-A6664B068CBC}C:\program files\steam\steamapps\diggerkiller\half-life\hl.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\diggerkiller\half-life\hl.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.5500
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{065D5505-3821-4C2E-BB6C-FE66A7E7CB4F}" = USB Flash Port Driver
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11439F51-B8D2-4736-9CDF-8889FEBE1031}" = Nero 7 Premium
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1C943495-B69F-4D41-AE0E-23C57ECD90EE}" = Debugging Tools for Windows
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}" = HP Help and Support
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 E1
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3A47DA3C-0C2E-4D94-9BCE-6EA3550B37C9}" = LaMaster
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D49757C-367A-4333-BDB3-68966162B14E}" = HP User Guides 0087
"{4ECA4128-8B48-44A0-90E8-B93C6A69CE4B}" = LightScribe Template Designs - Music Pack 1
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5527CA99-AAEC-45E2-9EB9-CED0BB2FC2BD}" = MorphVOX Pro
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5AD05333-600A-4CD8-88C6-BF22A3BE9767}_is1" = Multi-ICQ 1.4
"{5BFB956C-3AB9-492A-9E91-5D8C87DCC598}" = Paint.NET v3.5.1
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6BF04C63-EAC0-4F19-9E88-9A745493E7BF}" = IconPackager
"{6D482078-8D15-4FD3-B838-C7B49174650F}" = Opera 10.61
"{6FE3B0CE-37C1-4825-908A-5A84C9B4EC2F}" = EA SPORTS(TM) FIFA Online
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7DC4A410-9986-4329-9E5D-687B2C42CA39}" = HP QuickTouch 1.00 C4
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FD71A9E-C4D3-42ED-A998-CDA8290C39A3}" = LightScribe Template Labeler
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{849F6C2A-3F9C-4731-B659-8C606B706CF0}_is1" = Counter-Strike 2D 0.1.1.7
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{8FB91814-FE42-4B62-9B54-4B677A420715}_is1" = CLEO v3.0.950
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{a13371df-9a16-45c5-babd-8c12bf3a1169}" = Nero 9 Trial
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8DB611A-D80E-450D-85F6-3ACDD164BE31}" = Pro Evolution Soccer 2009
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch
"{AEBBFC67-7A03-4DF3-9E71-BA5C9EB4FBEF}" = MobileMe Control Panel
"{b02df929-29a7-4fd2-9a70-81a644b635f7}" = HP Total Care Advisor
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C0E18DC4-C74A-4889-AE3A-933471023787}" = LG PC Suite III
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem Driver
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CC13FB47-0B90-46C3-9BB7-57D2DB455D4D}" = Microsoft Xbox 360 Accessories 1.1
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E68A5A1D-28F4-4DA7-875E-409A274C0D84}" = AbelCam
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F2E0D697-7CFC-4B08-B4EA-90D031A458A4}_is1" = Black Crosshair
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FB26A501-6BA6-459B-89AA-9736730752FB}" = VoiceOver Kit
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"7D6D030B3D73FCCA3D4E45319380F315DFBE7A54" = Windows-Treiberpaket - Infineon Technologies (FlashUSB) USB  (04/16/2009 1.0.0.6)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced GIF Animator_is1" = Advanced GIF Animator 3.0
"Akamai" = Akamai NetSession Interface
"Applian Director1.1" = Applian Director
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 5.6_is1" = Cheat Engine 5.6
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FormatFactory" = FormatFactory 2.20
"Fraps" = Fraps
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free FLV Converter_is1" = Free FLV Converter V 6.92.0
"Free Video Zilla_is1" = Free Video Zilla
"Free YouTube Download_is1" = Free YouTube Download 2.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.7
"GNU Backgammon_is1" = GNU Backgammon (MAIN branch, 20081113 code)
"Gordon's Gate Flash Driver" = Gordon's Gate Flash Driver 1.1.0.12
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
"Hex-Editor 2000 5.0" = Hex-Editor 2000 5.0
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HyperSnap 6" = HyperSnap 6
"IconPackager" = IconPackager
"ICQToolbar" = ICQ Toolbar
"Icy Tower v1.4_is1" = Icy Tower v1.4
"ImgBurn" = ImgBurn
"Infineon USB driver_is1" = Infineon USB driver 1.0.0.6
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"League of Legends_is1" = League of Legends
"lgx4.lgx.demo" = G DATA Logox4 Demo
"lgx4.lgx.server" = G DATA Logox4 Speechengine
"MAGIX Music Maker Hip Hop Edition 2 D" = MAGIX Music Maker Hip Hop Edition 2 4.0.0.10 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan
"McLoad Preinstaller" = McLoad Preinstaller
"Messenger Plus! Live" = Messenger Plus! Live
"MessengerDiscovery 2.1_is1" = MessengerDiscovery 2.1.79
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mobile Partner" = Mobile Partner
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Native Instruments Traktor DJ Studio 3" = Native Instruments Traktor DJ Studio 3
"No-IP.com DUC" = No-IP.com DUC (remove only)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"Replay Media Catcher 3.11" = Replay Media Catcher
"Samsung CLP-600 Series" = Samsung CLP-600 Series
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"SecondLife" = SecondLife (remove only)
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.4
"Steam App 100" = Counter-Strike: Condition Zero Deleted Scenes
"Steam App 11020" = TrackMania Nations Forever
"Steam App 12890" = Operation Flashpoint: Dragon Rising - Demo
"Steam App 18110" = Shattered Horizon
"Steam App 240" = Counter-Strike: Source
"Steam App 260" = Counter-Strike: Source Beta
"Steam App 500" = Left 4 Dead
"Steam App 630" = Alien Swarm
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"Trojan Remover_is1" = Trojan Remover 6.8.2
"Uninstall_is1" = Uninstall 1.0.0.1
"Update Service" = Update Service
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VLC media player 1.0.5
"WildTangent hp Master Uninstall" = My HP Games
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"XMedia Recode" = XMedia Recode 2.1.9.5
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 16.11.2010 16:40:06 | Computer Name = IRA-PC | Source = SDWinSec.exe | ID = 0
Description = 
 
Error - 16.11.2010 16:41:06 | Computer Name = IRA-PC | Source = SDWinSec.exe | ID = 0
Description = 
 
Error - 16.11.2010 16:42:06 | Computer Name = IRA-PC | Source = SDWinSec.exe | ID = 0
Description = 
 
Error - 16.11.2010 16:43:06 | Computer Name = IRA-PC | Source = SDWinSec.exe | ID = 0
Description = 
 
Error - 16.11.2010 16:44:06 | Computer Name = IRA-PC | Source = SDWinSec.exe | ID = 0
Description = 
 
Error - 16.11.2010 16:45:06 | Computer Name = IRA-PC | Source = SDWinSec.exe | ID = 0
Description = 
 
Error - 16.11.2010 16:46:06 | Computer Name = IRA-PC | Source = SDWinSec.exe | ID = 0
Description = 
 
Error - 16.11.2010 16:47:06 | Computer Name = IRA-PC | Source = SDWinSec.exe | ID = 0
Description = 
 
Error - 16.11.2010 16:48:06 | Computer Name = IRA-PC | Source = SDWinSec.exe | ID = 0
Description = 
 
Error - 16.11.2010 16:49:06 | Computer Name = IRA-PC | Source = SDWinSec.exe | ID = 0
Description = 
 
[ System Events ]
Error - 16.11.2010 08:29:21 | Computer Name = IRA-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
 11, Funktion 0.   Wenden Sie sich an den Systemhersteller, um technische Unterstützung
 zu erhalten.
 
Error - 16.11.2010 08:31:19 | Computer Name = IRA-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 16.11.2010 08:31:19 | Computer Name = IRA-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 16.11.2010 13:45:11 | Computer Name = IRA-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 16.11.2010 13:45:11 | Computer Name = IRA-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 16.11.2010 13:45:11 | Computer Name = IRA-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 16.11.2010 14:03:28 | Computer Name = IRA-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
 12, Funktion 0.   Wenden Sie sich an den Systemhersteller, um technische Unterstützung
 zu erhalten.
 
Error - 16.11.2010 14:03:28 | Computer Name = IRA-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
 13, Funktion 0.   Wenden Sie sich an den Systemhersteller, um technische Unterstützung
 zu erhalten.
 
Error - 16.11.2010 14:03:28 | Computer Name = IRA-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
 14, Funktion 0.   Wenden Sie sich an den Systemhersteller, um technische Unterstützung
 zu erhalten.
 
Error - 16.11.2010 14:03:28 | Computer Name = IRA-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
 11, Funktion 0.   Wenden Sie sich an den Systemhersteller, um technische Unterstützung
 zu erhalten.
 
 
< End of report >
         

Alt 17.11.2010, 13:21   #17
lilwhoa
 
Misteriöse Viren/Backdoor Trojaner - Standard

Misteriöse Viren/Backdoor Trojaner



Kann mir jemand veraten ob ich fertig bin oder gibt es noch was zu tun ?
__________________


Alt 17.11.2010, 22:31   #18
Swisstreasure
/// Malwareteam
 
Misteriöse Viren/Backdoor Trojaner - Standard

Misteriöse Viren/Backdoor Trojaner



Wie läuft es dann zur Zeit? Wir sind noch nicht ganz durch.
Ich werde mich morgen wieder melden. Liege krank im Bett und mag kaum in den Bildschirm schauen
__________________

Alt 18.11.2010, 13:21   #19
lilwhoa
 
Misteriöse Viren/Backdoor Trojaner - Standard

Misteriöse Viren/Backdoor Trojaner



Der Rechner läuft gut und wechselt nicht mehr zu diesen unseriösen Seiten.
Okay, ich wünsche dir eine gute Besserung !

Alt 18.11.2010, 20:53   #20
Swisstreasure
/// Malwareteam
 
Misteriöse Viren/Backdoor Trojaner - Standard

Misteriöse Viren/Backdoor Trojaner



Schritt 1

ESET Online Scanner
Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
  • Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt als Administrator starten.
  • Dein Anti-Virus-Programm während des Scans deaktivieren.

    Button (<< klick) drücken.
    • Firefox-User:
      Bitte esetsmartinstaller_enu.exe downloaden.Das Firefox-Addon auf dem Desktop speichern und dann installieren.
    • IE-User:
      müssen das Installieren eines ActiveX Elements erlauben.
  • Setze den einen Hacken bei Yes, i accept the Terms of Use.
  • Drücke den Button.
  • Warte bis die Komponenten herunter geladen wurden.
  • Setze einen Haken bei "Scan archives".
  • Gehe sicher das bei Remove Found Threads kein Hacken gesetzt ist.
  • drücken.
  • Die Signaturen werden herunter geladen.Der Scan beginnt automatisch.
Wenn der Scan beendet wurde
  • Klicke Finish.
  • Browser schließen.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt suchen und mit Deinem Editor öffnen.
  • Logfile hier posten.

Schritt 2
Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
  • Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt als Administrator starten.
  • Bitte während des Scans alle Hintergrundwächter abstellen/deaktivieren.
  • Java muss installiert, aktiv und erlaubt sein.
  • Bebilderte Anleitung von sundavis.
  • Dieser Scanner entfernt die Funde nicht, gibt aber einen guten Überblick.
  • Wir werden Dir helfen, die Funde manuell vom System zu entfernen.
  • Die Datenschutzerklärung akzeptieren.
  • Programm installieren lassen.
  • Update der Signaturen installieren lassen.
  • Wenn der Status "Complete" ist,
  • Scan-Einstellungen (Settings) Standard lassen
  • Links den Link "My Computer" anklicken.
  • Scan beginnt automatisch.
  • Wenn der Scan fertig ist, auf "View scan report" klicken,
  • "Save report as" und Dateityp auf .txt umstellen,
  • und auf dem Desktop als Kaspersky.txt speichern.
  • Logdatei hier posten.
  • Deinstallation ist nicht nötig, alle Dateien werden in temporären Ordnern gespeichert.


Antwort

Themen zu Misteriöse Viren/Backdoor Trojaner
antivir, antivir guard, avg, avira, backdoor, bho, bonjour, converter, desktop, firefox, hijack, hijackthis, internet, internet explorer, logfile, mozilla, mp3, pando media booster, plug-in, programdata, rundll, safer networking, security, security scan, server.exe, skype.exe, software, system, trojane, trojaner, viren, vista, windows



Ähnliche Themen: Misteriöse Viren/Backdoor Trojaner


  1. Trojaner und 2 Backdoor Viren entdeckt
    Plagegeister aller Art und deren Bekämpfung - 01.10.2013 (3)
  2. System bereinigen nach Backdoor.graybird / backdoor.rustock etc.
    Plagegeister aller Art und deren Bekämpfung - 01.04.2013 (5)
  3. Misteriöse e-mail von: Deutsche Post !
    Diskussionsforum - 12.02.2013 (11)
  4. 25 Viren trojaner,exploit,backdoor server und andere
    Mülltonne - 15.11.2012 (0)
  5. backdoor.gen5 und weitere Viren
    Log-Analyse und Auswertung - 08.12.2011 (55)
  6. ständig neue "neue" viren TR/Dropper.Gen;TR/Crypt.XPACK.Gen;TR/Crypt.PEPM.Gen;BDS/Backdoor.Gen2...
    Plagegeister aller Art und deren Bekämpfung - 03.12.2010 (2)
  7. Trojaner, Backdoor u.a.
    Plagegeister aller Art und deren Bekämpfung - 18.07.2010 (8)
  8. Backdoor.Bot / Backdoor.Gootkit / Malware.Trace -> HiJackThis + Malwarebytes logfile
    Log-Analyse und Auswertung - 02.07.2010 (6)
  9. Backdoor 32 Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 23.07.2009 (8)
  10. AntiVir kann Viren nicht löschen u.a. BDS/backdoor
    Plagegeister aller Art und deren Bekämpfung - 27.03.2009 (0)
  11. POPUPS und VERSCHIEDENE VIREN VIREN UND TROJANER !
    Mülltonne - 10.10.2008 (0)
  12. Wie erkenne ich backdoor viren?
    Plagegeister aller Art und deren Bekämpfung - 18.09.2008 (3)
  13. Trojaner Backdoor
    Log-Analyse und Auswertung - 19.08.2008 (16)
  14. Backdoor-Trojaner?
    Log-Analyse und Auswertung - 16.06.2007 (1)
  15. Backdoor/Trojaner
    Log-Analyse und Auswertung - 28.04.2006 (10)
  16. Backdoor - Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 10.07.2005 (3)
  17. Trojaner - Backdoor
    Plagegeister aller Art und deren Bekämpfung - 11.03.2004 (6)

Zum Thema Misteriöse Viren/Backdoor Trojaner - OTL.txd: Code: Alles auswählen Aufklappen ATTFilter OTL logfile created on: 16.11.2010 21:47:31 - Run 2 OTL by OldTimer - Version 3.2.17.3 Folder = c:\Users\INTERNET\Downloads Windows Vista Home Premium Edition (Version - Misteriöse Viren/Backdoor Trojaner...
Archiv
Du betrachtest: Misteriöse Viren/Backdoor Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.