| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Kann Trojaner "win32.katusha.o " nicht entfernen!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
16.12.2011, 17:26
| #5 |
 |  Kann Trojaner "win32.katusha.o " nicht entfernen! OK und hier die OTL Logs: OTL.Txt:OTL Logfile: Code:
ATTFilter OTL logfile created on: 16.12.2011 16:17:03 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\chrissi\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 44,62% Memory free 6,73 Gb Paging File | 3,97 Gb Available in Paging File | 58,89% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,42 Gb Total Space | 132,54 Gb Free Space | 57,02% Space Free | Partition Type: NTFS Drive E: | 231,87 Gb Total Space | 178,45 Gb Free Space | 76,96% Space Free | Partition Type: NTFS Drive F: | 55,96 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: CHRISSI-PC | User Name: chrissi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - E:\LoL-Replay-Recorder\LOLReplay\LOLRecorder.exe (LOL Replay) PRC - C:\Users\chrissi\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe (Adobe Systems, Inc.) PRC - C:\Riot Games\League of Legends\rads\solutions\lol_game_client_sln\releases\0.0.0.100\deploy\League of Legends.exe () PRC - C:\Riot Games\League of Legends\rads\system\rads_user_kernel.exe () PRC - C:\Riot Games\League of Legends\rads\projects\lol_launcher\releases\0.0.0.35\deploy\LoLLauncher.exe () PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Windows\System32\atieclxx.exe (AMD) PRC - C:\Windows\System32\atiesrxx.exe (AMD) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) PRC - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) PRC - C:\Riot Games\League of Legends\rads\projects\lol_air_client\releases\0.0.0.114\deploy\LolClient.exe (Adobe Systems Inc.) PRC - C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) PRC - C:\Programme\IVT Corporation\BlueSoleil\BtTray.exe (IVT Corporation) PRC - C:\Programme\IVT Corporation\BlueSoleil\BlueSoleilCS.exe (IVT Corporation) PRC - C:\Programme\IVT Corporation\BlueSoleil\BsHelpCS.exe (IVT Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Programme\RocketDock\RocketDock.exe () PRC - C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin) PRC - C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) ========== Modules (No Company Name) ========== MOD - E:\LoL-Replay-Recorder\LOLReplay\LOLUtils.dll () MOD - C:\Riot Games\League of Legends\rads\solutions\lol_game_client_sln\releases\0.0.0.100\deploy\rads.dll () MOD - C:\Riot Games\League of Legends\rads\solutions\lol_game_client_sln\releases\0.0.0.100\deploy\League of Legends.exe () MOD - E:\LoL-Replay-Recorder\LOLReplay\Air.dll () MOD - E:\LoL-Replay-Recorder\LOLReplay\Launcher.dll () MOD - E:\LoL-Replay-Recorder\LOLReplay\Compression.dll () MOD - E:\LoL-Replay-Recorder\LOLReplay\Recorder.dll () MOD - C:\Riot Games\League of Legends\rads\system\rads_user_kernel.exe () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\22e853d2fe1435baa459685dee7ce7b7\WindowsFormsIntegration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5aab9bc687029a908fc01473f8e5f77b\UIAutomationProvider.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\4b4c359912c1241246f50a4c47dbab3c\System.Runtime.Serialization.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\a800035f1686fdb0b7a019b954a37cfe\SMDiagnostics.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\6b2ee1fdc6a182722db04af9c3cd10c3\System.ServiceModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\e00630ec1e225a2376fdd430645e20f7\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\6d2f689baff5da3df134fdec0742a13c\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\8adb45c62e4c797bd4c706afe9e8bfb9\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\231b0b42eff55de5c7d7debe555c16b7\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\244632c797f8e7997b177a96806afa5c\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\525882eedcc1764d44cff3da55c1b047\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\fd2c727bcef2e019eb96c1145f423701\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll () MOD - C:\Riot Games\League of Legends\rads\projects\lol_launcher\releases\0.0.0.35\deploy\LoLLauncher.exe () MOD - C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll () MOD - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll () MOD - C:\Windows\System32\atitmpxx.dll () MOD - C:\Riot Games\League of Legends\rads\solutions\lol_game_client_sln\releases\0.0.0.100\deploy\util.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_de_b77a5c561934e089\System.Runtime.Serialization.resources.dll () MOD - C:\Programme\RocketDock\RocketDock.exe () MOD - C:\Programme\RocketDock\RocketDock.dll () ========== Win32 Services (SafeList) ========== SRV - (TOSHIBA Bluetooth Service) -- File not found SRV - (Akamai) -- c:\program files\common files\akamai/netsession_win_b427739.dll () SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.) SRV - (LVPrcSrv) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (BlueSoleilCS) -- C:\Programme\IVT Corporation\BlueSoleil\BlueSoleilCS.exe (IVT Corporation) SRV - (BsHelpCS) -- C:\Programme\IVT Corporation\BlueSoleil\BsHelpCS.exe (IVT Corporation) SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (AVM WLAN Connection Service) -- C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH) DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV - (LVUVC) Logitech Webcam 300(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.) DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.) DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdLH3.sys (Advanced Micro Devices) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys () DRV - (amdiox86) -- C:\Windows\System32\drivers\amdiox86.sys (Advanced Micro Devices) DRV - (lvpopflt) -- C:\Windows\System32\drivers\lvpopflt.sys (Logitech Inc.) DRV - (Btcsrusb) -- C:\Windows\System32\drivers\btcusb.sys (IVT Corporation.) DRV - (btnetBUs) -- C:\Windows\System32\drivers\btnetBus.sys () DRV - (BT) -- C:\Windows\System32\drivers\btnetdrv.sys (IVT Corporation.) DRV - (IvtBtBUs) -- C:\Windows\System32\drivers\IvtBtBus.sys (IVT Corporation.) DRV - (BtHidBus) -- C:\Windows\System32\Drivers\BtHidBus.sys (IVT Corporation.) DRV - (VcommMgr) -- C:\Windows\System32\drivers\VCommMgr.sys (IVT Corporation.) DRV - (VComm) -- C:\Windows\System32\drivers\VComm.sys (IVT Corporation.) DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC) DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (KR10N) -- C:\Windows\system32\drivers\kr10n.sys (TOSHIBA CORPORATION) DRV - (KR10I) -- C:\Windows\system32\drivers\kr10i.sys (TOSHIBA CORPORATION) DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin) DRV - (BTNetFilter) -- C:\Programme\IVT Corporation\BlueSoleil\device\Win2k\BTNetFilter.sys (IVT Corporation.) DRV - (FwLnk) -- C:\Windows\System32\drivers\FwLnk.sys (TOSHIBA Corporation) DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.) DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.0&q=" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "de.search-results.com" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.4.0024 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.1&q=" FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.14 22:05:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.11.05 19:53:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\chrissi\AppData\Roaming\mozilla\Extensions [2011.12.15 13:09:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\chrissi\AppData\Roaming\mozilla\Firefox\Profiles\r5ioesar.default\extensions [2011.02.04 20:48:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\chrissi\AppData\Roaming\mozilla\Firefox\Profiles\r5ioesar.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.12.07 18:00:06 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\chrissi\AppData\Roaming\mozilla\Firefox\Profiles\r5ioesar.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.12.07 18:00:07 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\chrissi\AppData\Roaming\mozilla\Firefox\Profiles\r5ioesar.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2011.05.24 15:14:47 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\chrissi\AppData\Roaming\mozilla\Firefox\Profiles\r5ioesar.default\extensions\DTToolbar@toolbarnet.com [2011.05.24 15:14:48 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\chrissi\AppData\Roaming\mozilla\Firefox\Profiles\r5ioesar.default\extensions\engine@conduit.com [2011.04.27 20:55:10 | 000,000,000 | ---D | M] (vShare) -- C:\Users\chrissi\AppData\Roaming\mozilla\Firefox\Profiles\r5ioesar.default\extensions\vshare@toolbar [2011.04.14 09:22:10 | 000,000,873 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\conduit.xml [2011.05.23 19:34:06 | 000,002,342 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icq-search.xml [2011.05.17 08:55:20 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-1.xml [2011.08.16 19:53:06 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-10.xml [2011.08.18 19:37:16 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-11.xml [2011.09.02 15:47:50 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-12.xml [2011.09.07 15:52:40 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-13.xml [2011.09.22 14:09:35 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-14.xml [2011.09.27 20:52:34 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-15.xml [2011.10.04 23:35:34 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-16.xml [2011.11.08 15:17:23 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-17.xml [2011.11.14 22:41:26 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-18.xml [2011.11.14 22:42:27 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-19.xml [2011.02.21 14:28:02 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-2.xml [2011.12.09 13:31:58 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-20.xml [2011.03.03 13:23:30 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-3.xml [2011.03.05 01:05:01 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-4.xml [2011.03.23 19:29:11 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-5.xml [2011.03.27 00:39:11 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-6.xml [2011.05.29 13:48:36 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-7.xml [2011.07.04 10:04:31 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-8.xml [2011.07.15 22:40:50 | 000,000,950 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin-9.xml [2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\icqplugin.xml [2011.04.27 20:55:28 | 000,001,583 | ---- | M] () -- C:\Users\chrissi\AppData\Roaming\Mozilla\Firefox\Profiles\r5ioesar.default\searchplugins\web-search.xml [2011.11.10 18:39:07 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.11.10 18:39:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2011.11.14 22:05:52 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.09.29 02:24:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.09.29 02:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011.09.29 02:24:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.09.29 02:24:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.09.29 02:24:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.09.29 02:24:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin) O4 - HKLM..\Run: [BtTray] C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe (IVT Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent File not found O4 - HKCU..\Run: [Overwolf] C:\Program Files\Overwolf\Overwolf.exe -silent File not found O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.) O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - eBay - eine der größten deutschen Shopping-Websites File not found O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - Amazon.de: Günstige Preise bei Elektronik & Foto, DVD, Musik, Bücher, Games, Spielzeug & mehr File not found O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe (PokerStars) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.185.33 83.169.185.97 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FAFB8B9-39F3-4C5A-8B14-914E1FA4321D}: DhcpNameServer = 83.169.185.33 83.169.185.97 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB4876E1-60D9-4374-A2FB-29351A59450E}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\chrissi\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\Users\chrissi\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011.02.22 08:47:12 | 000,000,049 | R--- | M] () - F:\Autorun.inf -- [ UDF ] O33 - MountPoints2\{23290e40-e685-11df-aa0a-001c2583e192}\Shell - "" = AutoRun O33 - MountPoints2\{23290e40-e685-11df-aa0a-001c2583e192}\Shell\AutoRun\command - "" = L:\pushinst.exe O33 - MountPoints2\{ce9c7830-e67e-11df-a43c-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{ce9c7830-e67e-11df-a43c-806e6f6e6963}\Shell\AutoRun\command - "" = F:\DWizard.exe -- [2011.03.08 10:02:08 | 001,046,912 | R--- | M] (D-Link Corp.) O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.12.16 16:13:44 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\chrissi\Desktop\OTL.exe [2011.12.15 03:02:34 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.12.15 03:02:33 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011.12.15 03:02:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.12.15 03:02:32 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011.12.15 03:02:32 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.12.15 03:02:28 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.12.14 07:29:47 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2011.12.14 07:29:47 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2011.12.14 07:29:44 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2011.12.14 07:29:42 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011.12.14 07:29:38 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll [2011.12.14 07:29:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2011.12.03 13:56:19 | 000,000,000 | ---D | C] -- C:\Users\chrissi\AppData\Roaming\Google [2011.12.03 13:55:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2011.12.03 13:55:28 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2011.11.30 17:37:13 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011.11.28 21:49:10 | 000,000,000 | ---D | C] -- C:\Users\chrissi\Documents\888poker [2011.11.28 21:49:09 | 000,000,000 | ---D | C] -- C:\Users\chrissi\Start Menu [2011.11.28 21:49:09 | 000,000,000 | ---D | C] -- C:\Users\chrissi\Application Data [2011.11.28 21:49:09 | 000,000,000 | ---D | C] -- C:\Users\chrissi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888poker [2011.11.28 21:49:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\888poker [2011.11.28 21:48:23 | 000,000,000 | ---D | C] -- C:\Users\chrissi\AppData\Roaming\PacificPoker [2011.11.28 21:48:16 | 000,000,000 | ---D | C] -- C:\Program Files\PacificPoker [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.12.16 17:01:15 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.12.16 16:15:57 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\chrissi\Desktop\OTL.exe [2011.12.16 15:44:36 | 000,005,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.12.16 15:44:36 | 000,005,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.12.16 15:25:58 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011.12.16 14:01:05 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.12.16 13:54:01 | 000,000,961 | ---- | M] () -- C:\Windows\System32\bscs.ini [2011.12.16 13:51:02 | 000,000,520 | ---- | M] () -- C:\Windows\System32\REMOTEDEVICE.INI [2011.12.16 13:50:48 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.12.16 13:50:48 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.12.16 13:50:48 | 000,126,054 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.12.16 13:50:48 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.12.16 13:47:23 | 000,005,100 | ---- | M] () -- C:\Windows\System32\LOCALSERVICE.INI [2011.12.16 13:47:23 | 000,000,102 | ---- | M] () -- C:\Windows\System32\LOCALDEVICE.INI [2011.12.16 13:44:46 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2011.12.16 13:44:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.12.16 13:44:26 | 3487,039,488 | -HS- | M] () -- C:\hiberfil.sys [2011.12.16 13:44:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs [2011.12.15 03:24:05 | 000,279,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.12.09 19:23:57 | 000,134,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011.12.03 12:00:49 | 000,000,680 | ---- | M] () -- C:\Users\chrissi\AppData\Local\d3d9caps.dat [2011.11.28 21:49:09 | 000,001,835 | ---- | M] () -- C:\Users\chrissi\Application Data\Microsoft\Internet Explorer\Quick Launch\888poker.lnk [2011.11.23 14:37:27 | 002,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011.11.18 21:40:54 | 000,003,763 | ---- | M] () -- C:\Windows\System32\SHORTCUT.INI [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.11.28 21:49:09 | 000,001,835 | ---- | C] () -- C:\Users\chrissi\Application Data\Microsoft\Internet Explorer\Quick Launch\888poker.lnk [2011.11.22 21:37:16 | 000,000,680 | ---- | C] () -- C:\Users\chrissi\AppData\Local\d3d9caps.dat [2011.11.17 21:27:02 | 000,065,536 | ---- | C] () -- C:\Windows\System32\Ikeext.etl [2011.09.14 10:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OVDecode.dll [2011.07.20 13:14:39 | 000,003,763 | ---- | C] () -- C:\Windows\System32\SHORTCUT.INI [2011.07.20 13:14:29 | 000,000,520 | ---- | C] () -- C:\Windows\System32\REMOTEDEVICE.INI [2011.07.20 13:14:26 | 000,005,100 | ---- | C] () -- C:\Windows\System32\LOCALSERVICE.INI [2011.07.20 13:14:24 | 000,000,102 | ---- | C] () -- C:\Windows\System32\LOCALDEVICE.INI [2011.07.20 13:09:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\BSPRINT.INI [2011.06.06 20:31:22 | 000,029,696 | ---- | C] () -- C:\Windows\System32\SynCtrld.dll [2011.05.18 16:18:32 | 002,771,968 | ---- | C] () -- C:\Windows\System32\wxmsw28u_core_vc_custom.dll [2011.05.18 16:18:32 | 001,163,776 | ---- | C] () -- C:\Windows\System32\wxbase28u_vc_custom.dll [2011.05.18 16:18:32 | 000,681,472 | ---- | C] () -- C:\Windows\System32\wxmsw28u_adv_vc_custom.dll [2011.05.18 16:18:32 | 000,492,032 | ---- | C] () -- C:\Windows\System32\wxmsw28u_xrc_vc_custom.dll [2011.05.18 16:18:32 | 000,470,528 | ---- | C] () -- C:\Windows\System32\wxmsw28u_html_vc_custom.dll [2011.05.18 16:18:32 | 000,119,808 | ---- | C] () -- C:\Windows\System32\wxbase28u_net_vc_custom.dll [2011.05.18 16:18:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\wxbase28u_xml_vc_custom.dll [2011.05.18 10:51:11 | 000,000,136 | ---- | C] () -- C:\ProgramData\~29679352r [2011.05.18 10:51:11 | 000,000,112 | ---- | C] () -- C:\ProgramData\~29679352 [2011.05.18 10:51:06 | 000,000,392 | ---- | C] () -- C:\ProgramData\29679352 [2011.04.24 14:58:29 | 000,029,239 | ---- | C] () -- C:\Users\chrissi\AppData\Roaming\UserTile.png [2011.04.20 17:30:06 | 000,233,765 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2011.04.13 21:01:36 | 000,000,141 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2011.04.01 04:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll [2011.04.01 04:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe [2011.04.01 04:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll [2011.04.01 03:56:00 | 000,027,872 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2011.03.24 21:02:41 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2011.03.24 21:02:40 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2011.03.17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2011.01.23 01:44:44 | 000,000,016 | ---- | C] () -- C:\Users\chrissi\AppData\Local\mxfilerelatedcache.mxc2 [2011.01.12 16:53:54 | 000,027,136 | ---- | C] () -- C:\Users\chrissi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.12.25 20:43:54 | 000,097,360 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin [2010.11.27 20:48:31 | 000,000,016 | ---- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2 [2010.11.15 14:08:23 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2010.11.14 20:45:45 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010.11.14 20:45:45 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010.11.07 16:28:31 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat [2010.11.07 15:55:14 | 000,000,016 | ---- | C] () -- C:\Users\chrissi\AppData\Roaming\mxfilerelatedcache.mxc2 [2010.11.05 19:19:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.09.29 02:13:06 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll [2010.05.07 18:46:36 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll [2010.05.07 18:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys [2009.09.07 14:42:42 | 000,000,961 | ---- | C] () -- C:\Windows\System32\bscs.ini [2009.09.02 08:39:46 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BsMobileCSps.dll [2009.06.17 13:02:46 | 000,029,192 | ---- | C] () -- C:\Windows\System32\drivers\btnetBus.sys [2007.09.14 09:27:05 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini [2007.09.14 09:12:14 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2007.09.14 08:44:13 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat [2007.09.14 08:44:13 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat [2007.09.14 08:40:24 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2007.09.14 07:25:36 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007.09.14 07:24:00 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2006.12.05 12:05:04 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll [2006.11.02 16:33:31 | 000,628,504 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2006.11.02 16:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2006.11.02 16:33:31 | 000,126,054 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2006.11.02 16:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:47:37 | 000,279,272 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 11:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2005.07.22 20:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll < End of report > Und hier Extras.Txt:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 16.12.2011 16:17:03 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\chrissi\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 44,62% Memory free
6,73 Gb Paging File | 3,97 Gb Available in Paging File | 58,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,42 Gb Total Space | 132,54 Gb Free Space | 57,02% Space Free | Partition Type: NTFS
Drive E: | 231,87 Gb Total Space | 178,45 Gb Free Space | 76,96% Space Free | Partition Type: NTFS
Drive F: | 55,96 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: CHRISSI-PC | User Name: chrissi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{064D277C-2B5E-495B-8BDF-4003ECAD095F}" = rport=139 | protocol=6 | dir=out | app=system |
"{084462B1-16AC-4FDC-9041-93B3B8D73DE6}" = rport=445 | protocol=6 | dir=out | app=system |
"{13031F3E-A711-49A5-9AE6-D05CA0D9E66F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{13C13A6A-AAA2-47D3-8BD8-D21BA77E1062}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{248ACD20-6446-4D68-8712-F8B2E0B75DEF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{29C0FB97-D42A-4C6E-A7A7-2C3B62CF5A66}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{35CA62E4-07A4-4687-8B5C-7D1D7055AD78}" = lport=138 | protocol=17 | dir=in | app=system |
"{3C72AF5E-5D56-4080-B0A6-21E52A0A9A9D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3FA86441-5A8B-42BD-B5DA-5E33ED577C66}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{48B35770-35ED-46EF-BBC7-C7940DB709F0}" = lport=137 | protocol=17 | dir=in | app=system |
"{4EA3BA4F-9CD5-47AE-B05E-396110C72BC6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4ED4E4B4-72A8-45A6-84DB-10923A5746C4}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{52ED4731-8C11-4FC7-B8F9-08EE1B6F1812}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{537E24DE-FCD4-433B-91B8-7A99B1EC30E0}" = lport=445 | protocol=6 | dir=in | app=system |
"{66E0ACED-35CF-4635-9B55-1377ABAB012E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7AE1463E-6C81-48C1-8145-D94D1C58BC60}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{7BF7F4B2-C26B-4EFE-B0A6-DDECABD98C53}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7F16868E-C9A0-4065-B5FF-A908BE20626D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{84AC8888-F035-426E-8DC6-8829D4437EE0}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{8A1F645C-7D2B-402A-A99F-07AD8B56DB2D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9410A213-348C-42B2-9F2F-F67ED3CA3C16}" = rport=2869 | protocol=6 | dir=out | app=system |
"{A0FCE890-F079-46E9-B183-CBADECD7C761}" = lport=139 | protocol=6 | dir=in | app=system |
"{A277DAB5-1EDF-4B88-BAC4-277DF78AC08E}" = rport=138 | protocol=17 | dir=out | app=system |
"{AA4E41E7-97F0-412E-95F7-A3DD3502B143}" = rport=137 | protocol=17 | dir=out | app=system |
"{AC254002-BB55-4AF2-A522-C9CE640998E4}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B4843945-489A-4DB4-BF9A-34F1386CE0AF}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B49D5132-7AB9-4F82-BB74-3392B4CC22F3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CC13D5BE-C47F-481A-B9F0-5144B14163A1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CD6D8D00-E03E-4924-95A1-420927185B01}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F269117A-991E-4D40-A3B2-AFCA56112B6B}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{074737B2-409A-487D-9957-121CBD1EA48A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0851617E-5B0C-4A9A-AA60-B12EF63DA3AA}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{0A953E24-BF5A-4330-A6A7-709219C54E5E}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{0CEA3D9A-4C17-45B2-B135-87641E9EFDC2}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{1202C8D9-AE26-4544-A929-5648685D8B1B}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{1E8830FF-32D1-4AD2-B88F-F802E6EE7027}" = protocol=6 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{24A65FAB-9906-4B5F-BEEE-16DD1987F4E6}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{25733426-1A51-4E6B-8096-0234312AB94F}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{29DAF9D5-F42D-4B57-B5FA-DBD4DEA102B4}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2ADECDCE-30CD-4E01-B0C6-228563F6D419}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2B6AC8D4-DE2D-49C7-BE48-C1716E44A26A}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2C3E90DD-9075-4446-B54B-008C6C63FCA9}" = protocol=17 | dir=in | app=e:\lol\air\lolclient.exe |
"{2CE58316-76DF-44FD-AE80-7BC3971E2B72}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{2CF6AE8A-37EB-4148-B245-8E285F065AA9}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{30FE187F-537A-456A-8968-8006F3E04C02}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{3B41FF2F-9247-43F8-A795-222B2E30A760}" = protocol=17 | dir=in | app=e:\world of warcraft\launcher.exe |
"{49BF9886-405B-40E2-B0E2-2E663D5F8D2B}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{4E627823-3D53-44F9-9A82-F7B2AA601DE3}" = protocol=6 | dir=in | app=e:\world of warcraft\launcher.exe |
"{5237AE6F-A1FA-44FD-BD8B-8C7AC3A0A1D5}" = protocol=6 | dir=in | app=e:\lol\air\lolclient.exe |
"{56531CDF-DBBF-409C-9D6E-69C571D1EA61}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{56916305-0F5C-42A9-8CE5-ABD671F77715}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5969E05C-6116-4987-BE7D-0144ED667F1A}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{5A96F0B9-7DCB-490E-AB9C-7E110673628C}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{5AD1CD0A-65E2-45CE-B16B-1D6BCE8E6C69}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5BE5274C-25D3-4D7A-B605-40F4B1AE8EC8}" = protocol=6 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{603D2E58-DE8E-4DEC-9F54-59B5E8CACE6F}" = protocol=6 | dir=in | app=e:\neuer ordner\battlefield 3™\bf3.exe |
"{636CBEFE-2024-47DD-A11D-215A0A3B1FE4}" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{65EB8D6D-9444-4987-BE67-CB2E0E0066F3}" = protocol=6 | dir=in | app=e:\world of warcraft\launcher.patch.exe |
"{67471619-4D3F-4E02-ABFA-AEC27EDBC90C}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{68F1B1D5-F84C-4405-8675-B19E37C40E47}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{6ADF50DF-1D23-4E78-BF18-035FA7E9CE83}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{71C67CBF-194E-40BB-ACCB-DF55AFC7D45F}" = protocol=17 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{7B6CEAC2-3327-433B-A334-4AB4657AA083}" = protocol=17 | dir=in | app=e:\games\cod 4\iw3mp.exe |
"{7B93AFB9-47F4-43D5-BAF6-D6327B9BC456}" = protocol=17 | dir=in | app=c:\users\chrissi\appdata\local\akamai\netsession_win.exe |
"{80767071-7349-4059-8E75-B0BF99E230D7}" = protocol=6 | dir=in | app=c:\users\chrissi\appdata\local\akamai\netsession_win.exe |
"{81F6AF84-63B4-4B40-96DA-3A9A3D3B35F6}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{87BBB1B8-A344-4E0F-9233-6DF7546950E5}" = protocol=6 | dir=in | app=e:\games\cod 4\iw3mp.exe |
"{905D8CC2-E518-4F12-B938-8DE8A1D3E6C6}" = protocol=6 | dir=in | app=e:\lol\game\league of legends.exe |
"{957B2E8E-5EF8-42EF-969C-9EC58C56B6CB}" = protocol=17 | dir=in | app=e:\world of warcraft\launcher.patch.exe |
"{9877DFCE-938D-41C4-9A89-E14797934772}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{9DDDD455-E585-460A-A659-04BA89C7E776}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{A34F5E76-C9C4-4FD3-ABFF-62BF437416A4}" = protocol=17 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{A8D17BA6-35A9-4289-AE54-4808161D8CA8}" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{ADAFA745-2C4D-4A49-84F7-3D24F5A60F79}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{ADFF0A6D-DC66-4531-A5B0-66B2B0AD1B42}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{AFFC792F-BAFF-48DB-8DBE-0800B7D6B698}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B1F6F35B-474C-4F70-B625-578E128AD749}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B64F4DB8-E6F7-4089-8D25-E71A241C058A}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{C0A12C6B-C9D3-43F7-96FB-A807FF73F2F7}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{C8D6DECF-69BB-4DF4-B8E0-A1EA84A65CED}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{CD83C0C6-8056-46BE-B2A4-BCFE354C8BAA}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{D0F786F7-3433-41BA-9235-3BD8B3331663}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{D32C5F1B-109C-4A68-87CA-0091A65A16D0}" = protocol=17 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{D79FC7A6-B87D-40A3-B01B-801771E2DEB6}" = protocol=17 | dir=in | app=e:\lol\game\league of legends.exe |
"{DAD9539C-7631-4546-93FE-EEAA6F0FFA78}" = protocol=17 | dir=in | app=e:\neuer ordner\battlefield 3™\bf3.exe |
"{DE23916D-4CED-491D-9620-8A8E5AC722F6}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{E163CE18-BEF9-4D5B-B645-342DB0EB70CB}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{E39BA6BA-BE23-4454-B239-AFAD66FDD48C}" = protocol=6 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{FF13099D-C70A-46FE-B917-B02B44AA5B75}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"TCP Query User{15A2863C-B2E3-4049-96A2-D95DE50EF82B}E:\lol-recorder\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=e:\lol-recorder\lolreplay\lolreplay.exe |
"TCP Query User{165FE0D7-B93F-4206-879C-B0D97823B8FE}C:\users\chrissi\downloads\runes_of_magic_4_0_1_2430_eu_full.exe" = protocol=6 | dir=in | app=c:\users\chrissi\downloads\runes_of_magic_4_0_1_2430_eu_full.exe |
"TCP Query User{28AC6C9D-B224-4EB8-A9D5-5E7FAC0C5D8C}E:\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe" = protocol=6 | dir=in | app=e:\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe |
"TCP Query User{6D26FBB5-CB46-48C9-A24A-8A7624261F12}E:\world of warcraft\blizzard downloader.exe" = protocol=6 | dir=in | app=e:\world of warcraft\blizzard downloader.exe |
"TCP Query User{78BBB590-115D-4194-B4FC-254AD2CECF48}C:\wolfteam\wolfteam.bin" = protocol=6 | dir=in | app=c:\wolfteam\wolfteam.bin |
"TCP Query User{7A87285C-22DF-406D-BDD4-E8DCAAA89F07}E:\lol-replay-recorder\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=e:\lol-replay-recorder\lolreplay\lolreplay.exe |
"TCP Query User{7DC47451-5A96-4190-97C9-37204E30AF4E}C:\program files\runes of magic\client.exe" = protocol=6 | dir=in | app=c:\program files\runes of magic\client.exe |
"TCP Query User{8F3586E6-433B-42EB-BF4F-DCC0A98386D8}E:\cod\cod !\call of duty black ops\blackops.exe" = protocol=6 | dir=in | app=e:\cod\cod !\call of duty black ops\blackops.exe |
"TCP Query User{935F9038-BAEF-43BD-9AB2-FD5BA8AA5387}E:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=e:\world of warcraft\launcher.exe |
"TCP Query User{938A6979-E1FC-4923-B608-81C8EF58DD65}E:\games\ut\system\unrealtournament.exe" = protocol=6 | dir=in | app=e:\games\ut\system\unrealtournament.exe |
"TCP Query User{986570D6-D4BA-4991-8900-49C18DC8BDB1}C:\riot games\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"TCP Query User{B0E8905C-E2E9-42B7-ABCF-749EBEF79CD2}E:\world of warcraft\blizzard downloader.exe" = protocol=6 | dir=in | app=e:\world of warcraft\blizzard downloader.exe |
"TCP Query User{C6B07E16-BA0F-46E6-8288-5A4534C430B2}E:\games\css\hl2.exe" = protocol=6 | dir=in | app=e:\games\css\hl2.exe |
"TCP Query User{C6E7FFE9-4867-4EE4-AF70-50E82331C90E}E:\lol.launcher.exe" = protocol=6 | dir=in | app=e:\lol.launcher.exe |
"TCP Query User{D58BB7FD-EAD3-410D-A1D8-D34A03FFE8A9}C:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"TCP Query User{E107C792-255C-4B6D-B02A-0AA8D3491CAD}C:\program files\heroes of newerth\hon.exe" = protocol=6 | dir=in | app=c:\program files\heroes of newerth\hon.exe |
"TCP Query User{EB1AC76D-0928-473B-AA9E-A31F0BB1E20C}E:\games\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=e:\games\stronghold crusader\stronghold crusader.exe |
"TCP Query User{EB1AECC5-6940-42EC-8514-EE2C50B4A60F}E:\games\metin2\metin2.bin" = protocol=6 | dir=in | app=e:\games\metin2\metin2.bin |
"UDP Query User{05924FCB-9496-4A6A-8EF3-A05D6BF3C24B}E:\lol-replay-recorder\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=e:\lol-replay-recorder\lolreplay\lolreplay.exe |
"UDP Query User{0D7C2E51-B0F6-48B9-B0E5-57F737E57BC1}E:\world of warcraft\blizzard downloader.exe" = protocol=17 | dir=in | app=e:\world of warcraft\blizzard downloader.exe |
"UDP Query User{3679ACF5-D3D0-4D60-80CA-58109A0A679B}E:\games\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=e:\games\stronghold crusader\stronghold crusader.exe |
"UDP Query User{39199FB0-FB18-44EF-8E49-2F8748717A38}E:\lol.launcher.exe" = protocol=17 | dir=in | app=e:\lol.launcher.exe |
"UDP Query User{4D4687FE-DA70-44CF-9D72-1C2619D3F8EE}C:\wolfteam\wolfteam.bin" = protocol=17 | dir=in | app=c:\wolfteam\wolfteam.bin |
"UDP Query User{5A573AC6-E6BB-4605-9CD9-6536B589BF0E}C:\riot games\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"UDP Query User{5A7C18C0-7D10-4E17-AC23-86688378DA3C}C:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"UDP Query User{6FC7088E-28C9-4058-8E32-FF89A6435349}E:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=e:\world of warcraft\launcher.exe |
"UDP Query User{7456844D-FF1C-4EC5-BDB9-708E13DAA7F6}E:\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe" = protocol=17 | dir=in | app=e:\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe |
"UDP Query User{75A4774C-A191-4392-BC42-1BE266324731}C:\program files\runes of magic\client.exe" = protocol=17 | dir=in | app=c:\program files\runes of magic\client.exe |
"UDP Query User{8296B8C3-35E5-407B-A693-3B529A89A1C9}E:\world of warcraft\blizzard downloader.exe" = protocol=17 | dir=in | app=e:\world of warcraft\blizzard downloader.exe |
"UDP Query User{95E46AB0-F41D-42A3-9AE1-CC8E07FFED33}C:\users\chrissi\downloads\runes_of_magic_4_0_1_2430_eu_full.exe" = protocol=17 | dir=in | app=c:\users\chrissi\downloads\runes_of_magic_4_0_1_2430_eu_full.exe |
"UDP Query User{AA4B7932-B010-4434-A0A6-6E620A670B5B}E:\lol-recorder\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=e:\lol-recorder\lolreplay\lolreplay.exe |
"UDP Query User{C7327AA3-7D4F-4E16-9AAC-835CFEC0026B}E:\games\metin2\metin2.bin" = protocol=17 | dir=in | app=e:\games\metin2\metin2.bin |
"UDP Query User{CA13CD93-FC2D-4FE5-875E-D5164394AF49}C:\program files\heroes of newerth\hon.exe" = protocol=17 | dir=in | app=c:\program files\heroes of newerth\hon.exe |
"UDP Query User{E0782B51-7C83-4C09-AE23-A35B45A9DBD6}E:\cod\cod !\call of duty black ops\blackops.exe" = protocol=17 | dir=in | app=e:\cod\cod !\call of duty black ops\blackops.exe |
"UDP Query User{E9B8EB43-5404-4562-AD9F-14A6D0C2FFFA}E:\games\ut\system\unrealtournament.exe" = protocol=17 | dir=in | app=e:\games\ut\system\unrealtournament.exe |
"UDP Query User{ED8F4D3E-69F2-40CB-B826-819E8EEF4DAC}E:\games\css\hl2.exe" = protocol=17 | dir=in | app=e:\games\css\hl2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D7AAD31-0E7F-8330-5BDF-C6D6465E62C2}" = CCC Help Swedish
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{129FC9F8-206B-4C29-9B45-8D53B10EC6C7}" = xVideoServiceThief
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25887983-54F3-4F55-A7C5-91229AD67C16}" = Bluesoleil 5.4.277.0
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 29
"{2A43E9C5-0067-1F86-0F77-DD46F2F45ED8}" = CCC Help Polish
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{35B99438-30FE-1A05-A578-B4DCA5FFBBB2}" = CCC Help Chinese Traditional
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{40874EDE-B8A9-6A31-4A52-C288C324AE04}" = CCC Help Dutch
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D76D3E3-3670-E2E1-F076-9E9FA8F56EDD}" = CCC Help Korean
"{51B4514C-C575-9ED8-6712-C91285595B9F}" = CCC Help Italian
"{54D60FD0-ADAF-415A-8D65-9AB9681D4888}" = SanDisk ® Media Manager
"{55884B14-DB87-6F29-0FF4-A0D9B397D66B}" = CCC Help Norwegian
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{62EB454C-0F75-F3D1-B9A7-699697FCF786}" = CCC Help Danish
"{638F06F3-ADE3-0ABC-6AC5-B84C9333D881}" = CCC Help English
"{66CB1CC0-2D07-1F72-645B-37D67A8C5F7C}" = CCC Help Chinese Standard
"{67B71FB9-B707-E4A1-7F53-5DC9DB1B6659}" = CCC Help Portuguese
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6BD07FEF-356B-F42A-4D64-09705FBEEAF6}" = Catalyst Control Center Localization All
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{7A22584B-5E01-AB78-C592-83C048D84502}" = CCC Help Hungarian
"{82CFE8BE-7E1E-B4D3-7F72-4E2C4558A6BE}" = CCC Help Finnish
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{840E5EC4-8D97-FC73-B2AF-8D16715AE063}" = CCC Help French
"{875B4BC4-9DCF-9F13-0276-90E42F51ABF5}" = CCC Help Greek
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{984700C4-F25E-28CD-42B6-6A383ACD3C5F}" = CCC Help German
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2A9984E-4653-C01E-1940-DAABC39EEF83}" = ccc-utility
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
"{A35DF9A4-0EAC-BC11-728C-5ED4E0FE8BA4}" = CCC Help Czech
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1031-7B44-A83000000003}" = Adobe Reader 8.3.0 - Deutsch
"{AE9CEE97-0769-0459-73F3-6EF150A094F5}" = Catalyst Control Center Graphics Previews Common
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B6C2A26A-71A6-6FE7-AC99-7EDB9B867D7F}" = CCC Help Turkish
"{BACBDBE8-5DAC-D47A-D2E3-E9FE6772DA1B}" = CCC Help Thai
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D0EC7B14-C363-8FCF-728E-A94144B31518}" = AMD Catalyst Install Manager
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79122EB-CC8D-5F75-98DB-9A0D3EC138AE}" = AMD VISION Engine Control Center
"{DB42F91B-5E22-F0F5-6D99-55A7BC85B412}" = CCC Help Japanese
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E82B4787-A055-8A14-8FA9-A184197B0D27}" = AMD AVIVO Codecs
"{EE6CC1D0-C6A5-46F8-BBA5-84643A7E6FDC}" = CCC Help Russian
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3B305E7-07AD-E146-0335-1973B9C39C29}" = AMD Fuel
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA8004A5-E87B-F61F-5619-31660A8DE97B}" = CCC Help Spanish
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"888poker" = 888poker
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"Ashampoo Burning Studio Elements_is1" = Ashampoo Burning Studio Elements 10.0.9
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Daten-Retter_Daten-Retter_is1" = Daten-Retter
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"Fraps" = Fraps
"Free Video Dub_is1" = Free Video Dub version 1.8.12.602
"Free Video to Nokia Phones Converter_is1" = Free Video to Nokia Phones Converter version 2.2.12.305
"hon" = Heroes of Newerth
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"Logitech Vid" = Logitech Vid HD
"LOLReplay" = LOLReplay
"lvdrivers_12.10" = Logitech Webcam Software-Treiberpaket
"MAGIX Digital Foto Maker SE D" = MAGIX Digital Foto Maker SE 4.1.0.835 (D)
"MAGIX Foto Suite D" = MAGIX Foto Suite 1.12.0.89 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"myphotobook" = myphotobook 3.1
"PokerStars.net" = PokerStars.net
"PunkBusterSvc" = PunkBuster Services
"RocketDock_is1" = RocketDock 1.3.5
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"Veetle TV" = Veetle TV 0.9.18
"VLC media player" = VLC media player 1.1.5
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WolfTeam-DE" = WolfTeam-DE
"YTdetect" = Yahoo! Detect
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"GeoGebra WebStart" = GeoGebra WebStart
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 04.12.2011 12:01:25 | Computer Name = chrissi-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe_Dnscache, Version 6.0.6001.18000,
Zeitstempel 0x47918b89, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18327, Zeitstempel
0x4cb73436, Ausnahmecode 0xc0000008, Fehleroffset 0x00074548, Prozess-ID 0x660,
Anwendungsstartzeit 01ccb29dd0951a6d.
Error - 04.12.2011 13:01:43 | Computer Name = chrissi-PC | Source = Application Hang | ID = 1002
Description = Programm rads_user_kernel.exe, Version 0.0.0.0 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 1468 Anfangszeit: 01ccb2a633047fdd Zeitpunkt
der Beendigung: 0
Error - 04.12.2011 13:07:30 | Computer Name = chrissi-PC | Source = Application Hang | ID = 1002
Description = Programm rads_user_kernel.exe, Version 0.0.0.0 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 1190 Anfangszeit: 01ccb2a6f52d64fd Zeitpunkt
der Beendigung: 4
Error - 04.12.2011 13:07:36 | Computer Name = chrissi-PC | Source = Application Hang | ID = 1002
Description = Programm ICQ.exe, Version 7.6.0.5620 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 15e0 Anfangszeit: 01ccb2a6319d103d Zeitpunkt der Beendigung:
4
Error - 04.12.2011 13:13:44 | Computer Name = chrissi-PC | Source = Application Hang | ID = 1002
Description = Programm ICQ.exe, Version 7.6.0.5620 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 11b0 Anfangszeit: 01ccb2a73ab2067d Zeitpunkt der Beendigung:
10
Error - 04.12.2011 13:14:22 | Computer Name = chrissi-PC | Source = Application Hang | ID = 1002
Description = Programm rads_user_kernel.exe, Version 0.0.0.0 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 1680 Anfangszeit: 01ccb2a8155f516d Zeitpunkt
der Beendigung: 3
Error - 04.12.2011 13:43:40 | Computer Name = chrissi-PC | Source = Application Hang | ID = 1002
Description = Programm ICQ.exe, Version 7.6.0.5620 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 113c Anfangszeit: 01ccb2ac0f75048d Zeitpunkt der Beendigung:
0
Error - 04.12.2011 13:43:53 | Computer Name = chrissi-PC | Source = Application Hang | ID = 1002
Description = Programm rads_user_kernel.exe, Version 0.0.0.0 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: d08 Anfangszeit: 01ccb2ac16dbcb0d Zeitpunkt
der Beendigung: 0
Error - 04.12.2011 13:44:03 | Computer Name = chrissi-PC | Source = Application Hang | ID = 1002
Description = Programm rads_user_kernel.exe, Version 0.0.0.0 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 1200 Anfangszeit: 01ccb2ac4b6e694d Zeitpunkt
der Beendigung: 16
Error - 04.12.2011 13:45:02 | Computer Name = chrissi-PC | Source = Application Hang | ID = 1002
Description = Programm rads_user_kernel.exe, Version 0.0.0.0 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: e54 Anfangszeit: 01ccb2ac58bb518d Zeitpunkt
der Beendigung: 0
[ System Events ]
Error - 15.12.2011 14:19:42 | Computer Name = chrissi-PC | Source = Service Control Manager | ID = 7031
Description =
Error - 15.12.2011 14:19:42 | Computer Name = chrissi-PC | Source = Service Control Manager | ID = 7031
Description =
Error - 15.12.2011 14:19:42 | Computer Name = chrissi-PC | Source = Service Control Manager | ID = 7031
Description =
Error - 15.12.2011 18:44:32 | Computer Name = chrissi-PC | Source = DCOM | ID = 10010
Description =
Error - 16.12.2011 08:44:48 | Computer Name = chrissi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 16.12.2011 08:44:48 | Computer Name = chrissi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 16.12.2011 08:44:48 | Computer Name = chrissi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 16.12.2011 08:44:48 | Computer Name = chrissi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 16.12.2011 08:44:57 | Computer Name = chrissi-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 16.12.2011 08:45:26 | Computer Name = chrissi-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner
Fehler ist im Speicher-Manager aufgetreten.
< End of report >
|
| Themen zu Kann Trojaner "win32.katusha.o " nicht entfernen! |
| entferne, entfernen, hoffe, leihe, leute, neu, problem, rechner, troja, trojaner, versuche, weiterhelfen, win, win32.katusha.o |
Baum-Darstellung