| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner Agent3.OXXWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
20.06.2011, 12:57
| #1 |
 |  Trojaner Agent3.OXX Hilfe :> ich bekomm ihn net weg  ich kenn mich schon eig gut aus aber der kack virus will nicht weg gehn :/ ich hab schon alles versucht =(( kann mir wer helfen ???Die exe die sich immer starten willl alle 30 sekunden heißt kscpsvc.exe OTL Logfile: Code:
ATTFilter OTL logfile created on: 20.06.2011 14:04:27 - Run 1 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Alnop\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,63 Gb Available Physical Memory | 54,47% Memory free 6,00 Gb Paging File | 4,50 Gb Available in Paging File | 75,10% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 27,95 Gb Free Space | 18,75% Space Free | Partition Type: NTFS Drive E: | 931,51 Gb Total Space | 411,05 Gb Free Space | 44,13% Space Free | Partition Type: NTFS Computer Name: HURE | User Name: Alnop | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.06.20 14:04:01 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Alnop\Desktop\OTL.exe PRC - [2011.05.19 08:42:20 | 004,265,472 | ---- | M] (SDU) -- C:\Program Files\SDUProtect\sdupsvc.exe PRC - [2011.04.18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe PRC - [2011.04.18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe PRC - [2011.04.14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe PRC - [2011.04.12 21:24:58 | 000,122,040 | ---- | M] (dotSyntax, LLC) -- C:\Program Files\Digsby\lib\digsby-app.exe PRC - [2011.03.30 19:49:44 | 000,671,552 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe PRC - [2011.03.30 19:48:00 | 001,523,008 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe PRC - [2011.03.28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe PRC - [2011.03.16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe PRC - [2011.03.16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~2\AVG\AVG10\avgchsvx.exe PRC - [2011.03.09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgfws.exe PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011.02.10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe PRC - [2011.02.08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe PRC - [2011.02.08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~2\AVG\AVG10\avgrsx.exe PRC - [2011.02.08 05:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgam.exe PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010.11.20 14:17:00 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2010.08.03 11:05:54 | 000,358,472 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe PRC - [2010.08.03 11:03:46 | 003,649,096 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe PRC - [2010.08.03 10:43:18 | 001,809,992 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\lcdmon.exe PRC - [2010.08.03 10:43:02 | 000,522,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe PRC - [2010.08.03 10:42:42 | 000,676,424 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe PRC - [2009.10.05 19:05:12 | 002,158,592 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe PRC - [2009.07.13 02:07:48 | 000,021,096 | ---- | M] (The Within Network, LLC) -- C:\Windows\UnsignedThemesSvc.exe PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Spybot - Search & Destroy\TeaTimer.exe PRC - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2006.07.09 22:58:00 | 001,777,664 | ---- | M] (Idea2) -- C:\Program Files\Desktop Sidebar\dsidebar.exe PRC - [2005.01.14 16:32:38 | 000,053,248 | ---- | M] () -- C:\Windows\System32\PAStiSvc.exe ========== Modules (SafeList) ========== MOD - [2011.06.20 14:04:01 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Alnop\Desktop\OTL.exe MOD - [2010.11.20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (gupdate) Google Update Service (gupdate) SRV - File not found [On_Demand | Stopped] -- -- (DAUpdaterSvc) SRV - [2011.05.19 08:42:20 | 004,265,472 | ---- | M] (SDU) [Auto | Running] -- C:\Program Files\SDUProtect\sdupsvc.exe -- (sdupsvc) SRV - [2011.05.10 13:29:01 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.04.18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2011.03.30 19:48:00 | 001,523,008 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2011.03.30 19:45:32 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2011.03.18 08:11:02 | 000,947,528 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service) SRV - [2011.03.09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgfws.exe -- (avgfws) SRV - [2011.02.08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd) SRV - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2010.03.06 20:32:41 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2009.07.13 02:07:48 | 000,021,096 | ---- | M] (The Within Network, LLC) [Auto | Running] -- C:\Windows\UnsignedThemesSvc.exe -- (UnsignedThemes) SRV - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2005.01.14 16:32:38 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PAStiSvc.exe -- (STI Simulator) ========== Driver Services (SafeList) ========== DRV - [2011.04.14 21:28:30 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver) DRV - [2011.04.05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2011.03.16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86) DRV - [2011.03.01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011.02.24 19:59:07 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2011.02.24 19:59:07 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2011.02.22 08:12:50 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH) DRV - [2011.02.10 11:22:58 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2011.02.10 07:53:42 | 000,021,968 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim) DRV - [2011.02.10 07:53:40 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter) DRV - [2011.01.07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2010.12.13 15:37:46 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo) DRV - [2010.11.20 14:30:17 | 000,296,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm) DRV - [2010.11.20 14:30:17 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus) DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2010.11.20 12:50:38 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb) DRV - [2010.11.20 12:50:37 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr) DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2010.08.12 13:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET) DRV - [2010.07.12 05:34:02 | 000,054,112 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd) DRV - [2010.07.10 06:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2010.06.19 00:41:25 | 000,002,996 | ---- | M] (Buzz) [Kernel | System | Running] -- C:\Windows\System32\drivers\hwinterface.sys -- (hwinterface) DRV - [2010.03.27 20:09:15 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010.01.07 03:20:22 | 000,375,808 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8187.sys -- (RTL8187) DRV - [2009.11.23 17:37:18 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGVirHid.sys -- (LGVirHid) DRV - [2009.11.23 17:37:08 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGBusEnum.sys -- (LGBusEnum) DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial) DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD) DRV - [2009.07.13 02:07:46 | 000,025,448 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\uxpatch.sys -- (uxpatch) DRV - [2009.06.17 18:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2009.06.17 18:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2009.06.17 18:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2009.05.19 17:22:43 | 001,872,192 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cmudax3.sys -- (cmuda3) DRV - [2007.04.11 15:33:06 | 000,079,376 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2007.04.11 15:32:38 | 000,063,248 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L8042mou.Sys -- (L8042mou) DRV - [2007.03.16 11:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TBPanel.sys -- (TBPanel) DRV - [2006.03.26 14:22:14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2006.03.13 11:38:23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2005.11.03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x) DRV - [2005.10.18 18:48:38 | 000,154,752 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PA707UCM.SYS -- (PAC7311) DRV - [2003.12.24 12:43:42 | 000,256,512 | ---- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mrv8k51.sys -- (W8100PCI) DRV - [2003.10.15 19:52:50 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ov519vid.sys -- (ovt519) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - Reg Error: Key error. File not found IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 59 E2 05 76 D7 CB 01 [binary data] IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/" FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0 FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.2 FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178 FF - prefs.js..extensions.enabledItems: avg@igeared:6.011.025.001 FF - prefs.js..extensions.enabledItems: {c8f71e5b-88f8-42a7-98bb-e4c506161de9}:0.4 FF - prefs.js..keyword.URL: "hxxp://search.avg.com/route/?d=4d7aa835&v=6.011.025.001&i=26&tp=ab&iy=&ychte=de&lng=de&q=" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011.05.06 14:38:16 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011.05.10 21:36:15 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.16 17:33:36 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.02 11:20:28 | 000,000,000 | ---D | M] [2010.03.06 19:33:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alnop\AppData\Roaming\mozilla\Extensions [2011.06.07 05:04:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alnop\AppData\Roaming\mozilla\Firefox\Profiles\2ivawqiy.default\extensions [2011.06.07 05:04:58 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Alnop\AppData\Roaming\mozilla\Firefox\Profiles\2ivawqiy.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.10.15 17:46:22 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Alnop\AppData\Roaming\mozilla\Firefox\Profiles\2ivawqiy.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2011.03.24 19:28:50 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Alnop\AppData\Roaming\mozilla\Firefox\Profiles\2ivawqiy.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.12.22 03:15:47 | 000,000,000 | ---D | M] (AmbientFox) -- C:\Users\Alnop\AppData\Roaming\mozilla\Firefox\Profiles\2ivawqiy.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9} [2011.03.25 02:05:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alnop\AppData\Roaming\mozilla\Firefox\Profiles\2ivawqiy.default\extensions\ffxtlbr@Facemoods.com [2011.04.16 17:37:54 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Alnop\AppData\Roaming\mozilla\Firefox\Profiles\2ivawqiy.default\extensions\vshare@toolbar [2011.01.01 15:45:24 | 000,001,771 | ---- | M] () -- C:\Users\Alnop\AppData\Roaming\Mozilla\Firefox\Profiles\2ivawqiy.default\searchplugins\bing.xml [2011.02.28 19:52:01 | 000,002,055 | ---- | M] () -- C:\Users\Alnop\AppData\Roaming\Mozilla\Firefox\Profiles\2ivawqiy.default\searchplugins\daemon-search.xml [2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Alnop\AppData\Roaming\Mozilla\Firefox\Profiles\2ivawqiy.default\searchplugins\icqplugin.xml [2011.01.01 15:45:24 | 000,001,357 | ---- | M] () -- C:\Users\Alnop\AppData\Roaming\Mozilla\Firefox\Profiles\2ivawqiy.default\searchplugins\kikin-search.xml [2011.03.05 01:38:45 | 000,001,583 | ---- | M] () -- C:\Users\Alnop\AppData\Roaming\Mozilla\Firefox\Profiles\2ivawqiy.default\searchplugins\web-search.xml [2011.01.01 15:45:24 | 000,002,854 | ---- | M] () -- C:\Users\Alnop\AppData\Roaming\Mozilla\Firefox\Profiles\2ivawqiy.default\searchplugins\world-of-warcraft-arsenal.xml [2010.12.10 20:27:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2010.09.25 07:16:19 | 000,000,000 | ---D | M] (Yummy Games Player) -- C:\Program Files\mozilla firefox\extensions\YPlayer@yummy.net [2011.04.16 17:33:31 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.04.16 17:33:31 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.04.16 17:33:31 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.04.16 17:33:31 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.04.16 17:33:31 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.02.11 11:38:33 | 000,429,948 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 007guard.com - 007guard and Free Antivirus O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 Avast | Cash Advance | Debt Consolidation | Insurance | Free Credit Report at 0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com - Informationen zum Thema Sex links. Diese Website steht zum Verkauf! O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 14798 more lines... O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Idea2 SidebarBrowserMonitor Class) - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll (Idea2) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [Graphic Driver] C:\Users\Alnop\AppData\Roaming\0IhFWI82aQbz.exe () O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.) O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [Sidebar] C:\Program Files\Desktop Sidebar\dsidebar.exe (Idea2) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Alnop\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll (Idea2) O9 - Extra 'Tools' menuitem : Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll (Idea2) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation) O27 - HKLM IFEO\AcroRd32.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\skype.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{7e0bbeaa-29d5-11df-ba08-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{7e0bbeaa-29d5-11df-ba08-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe O33 - MountPoints2\{ee1eb885-2941-11df-9260-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{ee1eb885-2941-11df-9260-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsvx.exe /sync) - File not found O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsx.exe /sync /restart) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.06.20 14:04:01 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Alnop\Desktop\OTL.exe [2011.06.17 14:32:44 | 000,000,000 | ---D | C] -- C:\Users\Alnop\Documents\Duke Nukem Forever [2011.06.17 12:31:33 | 000,000,000 | ---D | C] -- C:\Users\Alnop\Desktop\SC-1.15.2-enGB [2011.06.16 23:23:25 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2011.06.16 23:22:49 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll [2011.06.16 23:22:49 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2011.06.16 23:22:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011 [2011.06.16 23:20:15 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2011 [2011.06.15 19:30:08 | 000,000,000 | ---D | C] -- C:\Users\Alnop\AppData\Roaming\vlc [2011.06.15 19:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011.06.07 08:25:15 | 000,000,000 | ---D | C] -- C:\Users\Alnop\AppData\Local\{5CE28D40-3DAD-4EA0-BB4A-475E157519C2} [2011.06.07 05:05:17 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6Toolbar [2011.06.07 05:05:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5 [2011.06.07 05:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ [2011.06.07 05:04:09 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.5 [2011.05.29 05:50:36 | 000,000,000 | ---D | C] -- C:\temp [2011.05.27 07:42:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2011.05.27 04:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Black [2011.05.22 15:31:09 | 000,000,000 | ---D | C] -- C:\Windows\PixArt [2011.05.21 20:44:25 | 000,000,000 | ---D | C] -- C:\Users\Alnop\AppData\Roaming\TheWorld [2011.05.21 16:07:22 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM [2011.05.21 15:25:55 | 000,000,000 | ---D | C] -- C:\Users\Alnop\AppData\Roaming\The First Templar [2011.05.21 15:21:11 | 000,000,000 | ---D | C] -- C:\Users\Alnop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kalypso Media [7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.06.20 14:06:41 | 002,577,920 | ---- | M] () -- C:\Windows\System32\kscpsvc.exe [2011.06.20 14:04:01 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Alnop\Desktop\OTL.exe [2011.06.20 14:00:26 | 000,000,000 | ---- | M] () -- C:\Users\Alnop\AppData\Local\prvlcl.dat [2011.06.20 13:52:56 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3504907097-3767979923-387567469-1001UA.job [2011.06.20 13:51:50 | 000,013,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.06.20 13:51:50 | 000,013,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.06.20 13:43:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.06.20 12:59:34 | 119,248,602 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm [2011.06.18 22:33:29 | 000,698,006 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.06.18 22:33:29 | 000,651,988 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.06.18 22:33:29 | 000,148,062 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.06.18 22:33:29 | 000,120,920 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.06.18 22:31:31 | 000,174,496 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm [2011.06.17 18:51:02 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3504907097-3767979923-387567469-1001Core.job [2011.06.17 18:39:42 | 000,654,876 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavifw.avm [2011.06.16 23:22:36 | 000,002,140 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk [2011.06.16 17:26:31 | 000,001,012 | ---- | M] () -- C:\Users\Public\Desktop\Firstload.lnk [2011.06.04 03:14:08 | 730,322,944 | ---- | M] () -- C:\Users\Alnop\Desktop\cis-priest.r5_xvid.avi [2011.05.23 17:45:06 | 002,154,496 | RHS- | M] () -- C:\Users\Alnop\AppData\Roaming\0IhFWI82aQbz.exe [7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.06.16 23:22:36 | 000,002,140 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk [2011.06.16 23:22:32 | 000,002,152 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk [2011.06.05 00:49:05 | 730,322,944 | ---- | C] () -- C:\Users\Alnop\Desktop\cis-priest.r5_xvid.avi [2011.05.29 05:39:15 | 002,154,496 | RHS- | C] () -- C:\Users\Alnop\AppData\Roaming\0IhFWI82aQbz.exe [2011.05.27 03:56:03 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011.05.27 03:56:03 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011.05.22 15:31:25 | 000,053,248 | ---- | C] () -- C:\Windows\System32\PAStiSvc.exe [2011.05.19 08:42:22 | 002,577,920 | ---- | C] () -- C:\Windows\System32\kscpsvc.exe [2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011.03.12 14:02:22 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011.03.12 14:01:08 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011.03.05 05:00:55 | 000,000,384 | ---- | C] () -- C:\Windows\{27018D57-D152-44EF-BCE0-5E3B3445EABE}_WiseFW.ini [2011.01.13 07:45:12 | 000,020,480 | ---- | C] () -- C:\Windows\System32\H@tKeysH@@k.DLL [2011.01.01 16:28:58 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin [2010.12.05 18:35:58 | 000,022,328 | ---- | C] () -- C:\Users\Alnop\AppData\Roaming\PnkBstrK.sys [2010.10.15 14:09:47 | 000,000,760 | ---- | C] () -- C:\Users\Alnop\AppData\Roaming\setup_ldm.iss [2010.10.09 01:35:25 | 000,053,248 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010.07.19 14:41:20 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat [2010.06.17 18:40:52 | 000,057,904 | ---- | C] () -- C:\Windows\System32\wbload.dll [2010.06.08 19:06:44 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2010.05.18 20:17:40 | 000,000,013 | ---- | C] () -- C:\Windows\7smp1_0.dll [2010.05.16 06:46:48 | 000,088,280 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2010.05.15 17:31:43 | 000,000,000 | ---- | C] () -- C:\Users\Alnop\AppData\Local\prvlcl.dat [2010.04.26 16:12:07 | 000,005,632 | ---- | C] () -- C:\Users\Alnop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.03.27 17:45:12 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010.03.27 17:45:07 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010.03.25 23:48:35 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin [2010.03.12 11:25:00 | 000,544,768 | ---- | C] () -- C:\Windows\System32\Cmeaupci.exe [2010.03.12 11:25:00 | 000,000,082 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl [2010.03.12 11:24:23 | 000,299,008 | ---- | C] () -- C:\Windows\System32\CmiInstallResAll.dll [2010.03.12 11:24:23 | 000,002,641 | ---- | C] () -- C:\Windows\cmudax3.ini [2010.03.12 11:24:23 | 000,002,123 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg [2010.03.12 11:24:23 | 000,000,214 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi [2010.03.07 03:35:10 | 000,007,592 | ---- | C] () -- C:\Users\Alnop\AppData\Local\resmon.resmoncfg [2010.03.06 22:13:28 | 000,200,704 | ---- | C] () -- C:\Windows\sel3110.exe [2010.03.06 22:13:28 | 000,040,960 | ---- | C] () -- C:\Windows\CleanDev.exe [2010.03.06 22:13:28 | 000,032,528 | ---- | C] () -- C:\Windows\amcap.exe [2010.03.06 19:33:07 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2009.07.14 10:47:43 | 000,698,006 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009.07.14 10:47:43 | 000,148,062 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 06:33:53 | 000,265,640 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009.07.14 04:05:48 | 000,651,988 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009.07.14 04:05:48 | 000,120,920 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.07.13 02:07:46 | 000,025,448 | ---- | C] () -- C:\Windows\System32\drivers\uxpatch.sys [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2008.12.02 05:48:42 | 000,078,336 | ---- | C] () -- C:\Windows\bcdedit.exe ========== LOP Check ========== [2010.09.23 20:07:08 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\27BB2C556FAC6D11472349291965742D [2010.07.23 02:37:34 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\AlcaTech [2011.03.25 02:12:33 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\AVG [2011.03.12 00:55:25 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\AVG10 [2011.02.04 04:51:19 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\Azureus [2011.03.19 02:49:54 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\bizarre creations [2010.07.26 03:43:43 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\Command and Conquer 4 [2010.03.28 01:39:52 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\DAEMON Tools Lite [2011.06.19 17:16:34 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\Desktop Sidebar [2011.02.24 00:24:20 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\Digital Red [2010.10.15 17:42:15 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\DVDVideoSoft [2011.03.24 19:28:50 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\DVDVideoSoftIEHelpers [2011.06.18 02:38:22 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\Firstload [2011.05.09 03:29:05 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\GetRightToGo [2010.04.29 06:17:21 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\GMX [2011.06.18 23:52:08 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\ICQ [2011.01.01 15:45:45 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\ICQ-Tools.de [2011.02.26 18:48:42 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\Kalypso Media [2010.08.29 21:57:20 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\Leadertech [2011.05.20 16:44:24 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\Lionhead Studios [2010.05.12 20:28:56 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\LolClient [2010.03.08 00:41:43 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1 [2010.09.29 01:49:52 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\ManyCam [2011.02.14 11:30:22 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\My Games [2010.12.22 04:56:43 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\OCS [2010.12.22 04:56:47 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\Opera [2010.08.01 07:32:10 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\Process Hacker 2 [2010.07.10 13:29:04 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\Publish Providers [2011.05.13 13:10:43 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\PunkBuster [2010.09.25 07:44:03 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\Raptr [2011.04.09 19:16:58 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\Recorder [2011.02.17 01:20:00 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\Red Alert 3 [2010.07.26 06:39:52 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\runic games [2011.03.22 21:29:28 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\SEGA Corporation [2010.08.12 03:56:05 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\Similarity [2010.08.23 19:00:47 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\Software Hildner [2010.07.10 13:28:59 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\Sony [2010.03.26 15:38:19 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\temp [2011.03.23 21:20:32 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\The Creative Assembly [2011.05.21 15:50:04 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\The First Templar [2011.05.21 20:44:25 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\TheWorld [2011.06.17 16:19:47 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\TS3Client [2010.11.24 20:00:21 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\TuneUp Software [2010.07.20 04:27:34 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\Tunngle [2011.02.24 20:00:51 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\Ubisoft [2011.05.08 21:28:29 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\UseNeXT [2010.10.27 14:31:43 | 000,000,000 | ---D | M] -- C:\Users\Alnop\AppData\Roaming\WebMoney [2011.04.23 22:20:14 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:CE2C623F @Alternate Data Stream - 85 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0B4227B4 < End of report > OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 20.06.2011 14:04:27 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Alnop\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,63 Gb Available Physical Memory | 54,47% Memory free
6,00 Gb Paging File | 4,50 Gb Available in Paging File | 75,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 27,95 Gb Free Space | 18,75% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 411,05 Gb Free Space | 44,13% Space Free | Partition Type: NTFS
Computer Name: HURE | User Name: Alnop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant *S-1-5-32-544:F /t (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{13C64D80-2447-4509-B98D-614CAF6A9D42}" = Damnation
"{1487C7D1-AFBC-6EA4-AD70-45AAC049DA74}" = Civilization IV
"{14C36646-83C8-430E-92B3-16F998BDB4E0}" = Activision(R)
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{210160CD-F27D-469F-9982-41E900F6820E}" = Warhammer® Mark of Chaos
"{23DA4222-E517-42B3-8F97-9CFD49E2A732}" = AVG 2011
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{27018D57-D152-44EF-BCE0-5E3B3445EABE}" = X-Blades
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{442D5880-05B4-4DC8-A038-2EDA79FAE601}" = Warhammer Mark of Chaos Patch 1.72
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"{4F64A46D-67F7-4497-AEA2-313D4305A5F6}" = Torchlight
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000028702}" = Grand Theft Auto: Episodes from Liberty City
"{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Activision(R)
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{628C3D50-F524-4C49-A958-672CE7953756}" = Der Herr der Ringe® - Die Eroberung™
"{66045325-25FA-41AF-A13B-3928B59EAA1E}_is1" = Dr Kawashima
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6FCFA783-CE7B-4018-AC48-0E6EEAAEA322}" = LOST PLANET COLONIES
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{79A65475-2F7F-491C-BF2F-8D5C0AF0775C}" = DUNGEONS
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E8242F8-BD2A-44D7-BCED-9B231A02B367}" = SpellForce 2 Patch
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}" = Die*Sims*Mittelalter
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}" = UxStyle Core Beta
"{91D2C605-AD2B-44C8-A0A1-9B116B3C91CB}" = AVG 2011
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C916142-C18C-429D-BFED-40094A7E0BEB}" = Die Siedler 7
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A66C4716-7E10-4A53-8101-00C3C11D6A9C}" = Kane and Lynch: Dead Men
"{A92D7264-1A13-45BE-B769-88445DD04FD6}" = Desktop Sidebar
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.4 - Deutsch
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B3D87264-EAC9-4DE8-8D0E-E758CA1413A0}_is1" = Disciples III
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}" = DarksidersInstaller
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BE98A2FE-F4DE-4083-BCB1-7E9E63A11E6E}" = Space Siege
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3C697E8-9183-4088-994C-2662166830BC}" = Damnation
"{CCE4507E-7D40-4AEB-84FC-A63C35666A94}" = KalOnline
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D37FE0E3-B1A9-4E41-AB5D-DA62E04D2C42}" = Alpha Protocol
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™
"{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}" = Prince of Persia The Forgotten Sands™
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher Enhanced Edition
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ASSP_is1" = All Star Strip Poker Girls at Work
"AVG" = AVG 2011
"Badaboom" = Badaboom 1.2.0.87
"Battle vs. Chess_is1" = Battle vs. Chess
"Brink_is1" = Brink
"Casebook Trilogy" = Casebook Trilogy 1.7
"Cities XL 2011" = Cities XL 2011
"C-Media PCI Audio Driver" = C-Media PCI Audio Device
"Cross Fire_is1" = Cross Fire En
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"Deep Black_is1" = Deep Black
"Diablo II" = Diablo II
"Digsby" = Digsby
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"D-Link VGA Webcam" = D-Link VGA Webcam
"EAX(tm) Unified (SHELL)" = EAX(tm) Unified (SHELL)
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30
"Fallout New Vegas_is1" = Fallout New Vegas
"Fiesta Online(EU_German)" = Fiesta Online(EU_German) 1.03.008
"Firstload" = Firstload
"FUSSBALL MANAGER 09" = FUSSBALL MANAGER 09
"FUSSBALL MANAGER 11" = FUSSBALL MANAGER 11
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"GFWL_{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"GMX SMS-Manager" = GMX SMS-Manager
"ICQToolbar" = ICQ Toolbar
"InstallShield_{14C36646-83C8-430E-92B3-16F998BDB4E0}" = Spider-Man(TM) - Dimensions
"InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Blur(TM)
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"Just Cause 2_is1" = Just Cause 2
"Kings Bounty The Legend_is1" = Kings Bounty The Legend de
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic)
"Luxor Amun Rising Deluxe" = Luxor Amun Rising Deluxe (entfernen)
"Magicka_is1" = Magicka
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"OVERNEXT_is1" = OVERNEXT 1.0.32
"Postal 2_is1" = Portal 2
"Sniper Ghost Warrior_is1" = Sniper Ghost Warrior
"Star Wars: The Force Unleashed 2_is1" = Star Wars: The Force Unleashed 2
"StarCraft II" = StarCraft II
"Steam App 10" = Counter-Strike
"Steam App 100" = Counter-Strike: Condition Zero Deleted Scenes
"Steam App 17520" = Synergy
"Steam App 220" = Half-Life 2
"Steam App 240" = Counter-Strike: Source
"Steam App 260" = Counter-Strike: Source Beta
"Steam App 30" = Day of Defeat
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 40" = Deathmatch Classic
"Steam App 500" = Left 4 Dead
"Steam App 60" = Ricochet
"Steam App 80" = Counter-Strike: Condition Zero
"STORM: Frontline Nation (c) Colossai Studio_is1" = STORM: Frontline Nation (c) Colossai Studio version 1
"SystemRequirementsLab" = System Requirements Lab
"TeamSpeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"Two Worlds II" = Two Worlds II
"Uninstall_is1" = Uninstall 1.0.0.1
"UseNeXT_is1" = UseNeXT
"VLC media player" = VLC media player 1.1.10
"Vtune_is1" = Vtune 7.6
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"Zombie Driver" = Zombie Driver 1.0.3
"Zuma Deluxe" = Zuma Deluxe (remove only)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"NCsoft-Aion" = Aion (North America)
"The First Templar" = The First Templar 1.00
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
kann mir bitte wer helfen ich dreh noch durch -.- defogger_disable by jpshortstuff (23.02.10.1) Log created at 19:16 on 20/06/2011 (Alnop) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. HKCU  AEMON Tools Lite -> RemovedChecking for services/drivers... Unable to read sptd.sys SPTD -> Disabled (Service running -> reboot required) -=E.O.F=- bitte kann mir wer helfen =( ich versuch alles mögliche ihn aus der reg key oder system32 zu löschen er erstellt sich einfach 100 mal wieder überall neu Mein AVG dreht schond urch und popupt nun schon fats alle 10 sekunden . und dann hat er sich schon gleich wieder neu erstellt... hab nun bestimmt 10 verschiedene scanner durchlaufen lassen und keiner kann ihn entfernen ... ich dreh bald ab =((  kommt schonb itte... bin seit 2007 hier und hatte noch nie probleme mit eurem support ging immer schnell aber grad wos wichtig is is keiner da |
Baum-Darstellung