Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Ich habe den sch..... 50€ Trojana auch

Ich habe den sch..... 50€ Trojana auch


Log-Analyse und Auswertung: Ich habe den sch..... 50€ Trojana auch

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 30.12.2011, 14:34   #1
chrischi0908
 
Ich habe den sch..... 50€ Trojana auch - Standard

Ich habe den sch..... 50€ Trojana auch


Hallo zusammen.
Ich habe mir auch den 50 Euro-Virus eingefangen und hoffe das ihr mir weiterhelfen könnt

Alt 30.12.2011, 15:05   #2
chrischi0908
 
Ich habe den sch..... 50€ Trojana auch - Standard

Ich habe den sch..... 50€ Trojana auch


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 30.12.2011 14:54:25 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Christian\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,11 Gb Available Physical Memory | 70,42% Memory free
7,46 Gb Paging File | 6,75 Gb Available in Paging File | 90,43% Paging File free
Paging file location(s): c:\pagefile.sys 4605 4605 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223,12 Gb Total Space | 67,54 Gb Free Space | 30,27% Space Free | Partition Type: NTFS
 
Computer Name: CHRISTIAN-PC | User Name: Christian | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Christian\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\LP\235D\215.exe ()
PRC - C:\Users\Christian\AppData\Roaming\D0353\8B623.exe ()
PRC - C:\Program Files\536C7\lvvm.exe ()
PRC - C:\Program Files\Avira\AntiVir Desktop\avscan.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avcenter.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Opera\Opera.exe (Opera Software)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\LP\235D\215.exe ()
MOD - C:\Users\Christian\AppData\Roaming\D0353\8B623.exe ()
MOD - C:\Program Files\536C7\lvvm.exe ()
MOD - C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files\WinRAR\rarext.dll ()
MOD - \\?\globalroot\systemroot\system32\mswsock.dll ()
MOD - C:\Program Files\TotalAudioConverter\axTotalConverter.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (iPod Service) --  File not found
SRV - (Bonjour Service) --  File not found
SRV - (Apple Mobile Device) --  File not found
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe (Logitech, Inc.)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (IISADMIN) -- C:\Windows\System32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (RMCAST) RMCAST (Pgm) -- C:\Windows\System32\drivers\rmcast.sys (Microsoft Corporation)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (MQAC) -- C:\Windows\System32\drivers\mqac.sys (Microsoft Corporation)
DRV - (i8042prt) -- C:\Windows\System32\drivers\i8042prt.sys ()
DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI)
DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI)
DRV - (PID_0928) Labtec WebCam(PID_0928) -- C:\Windows\System32\drivers\LV561AV.SYS (Labtec Inc.)
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Labtec Inc.)
DRV - (ZSMC301b) -- C:\Windows\System32\drivers\usbVM31b.sys (VM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\InprocServer32 File not found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\InprocServer32 File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:61273
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..extensions.enabledItems: anttoolbar@ant.com:2.3.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {c8f71e5b-88f8-42a7-98bb-e4c506161de9}:0.4
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=toolbar2&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.05.03 19:29:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.05.03 19:29:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.25 01:06:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.25 01:06:35 | 000,000,000 | ---D | M]
 
[2010.10.23 12:13:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christian\AppData\Roaming\mozilla\Extensions
[2010.10.23 12:13:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christian\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2011.12.30 14:45:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\vrwf8izn.default\extensions
[2010.05.06 12:54:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\vrwf8izn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.12.01 13:38:39 | 000,000,000 | ---D | M] (TV-Fox) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\vrwf8izn.default\extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4}
[2011.12.18 12:47:24 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\vrwf8izn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.12.30 08:24:49 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\vrwf8izn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.12.22 20:45:34 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\vrwf8izn.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.11.25 16:57:13 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\vrwf8izn.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2010.03.12 17:32:07 | 000,000,000 | ---D | M] (AmbientFox) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\vrwf8izn.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}
[2011.12.01 13:38:37 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\vrwf8izn.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2011.11.26 12:40:45 | 000,000,000 | ---D | M] (Toolbar für amazon.de) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\vrwf8izn.default\extensions\0001.amztoolbar@minimalarts.de
[2011.12.18 12:47:21 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\vrwf8izn.default\extensions\anttoolbar@ant.com
[2011.05.03 19:29:16 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\vrwf8izn.default\extensions\DTToolbar@toolbarnet.com
[2011.05.03 19:28:17 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\vrwf8izn.default\extensions\engine@conduit.com
[2011.08.27 17:51:29 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\vrwf8izn.default\extensions\ffxtlbr@babylon.com
[2011.09.03 11:26:06 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\vrwf8izn.default\extensions\ffxtlbr@Facemoods.com
[2010.03.14 09:00:44 | 000,000,000 | ---D | M] (Convyconv Youtube Downloader) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\vrwf8izn.default\extensions\info@convyconv.com
[2011.12.30 14:45:22 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\vrwf8izn.default\extensions\piclens@cooliris.com
[2010.12.27 11:26:11 | 000,002,059 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\vrwf8izn.default\searchplugins\daemon-search.xml
[2011.12.30 08:22:35 | 000,000,950 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\vrwf8izn.default\searchplugins\icqplugin-1.xml
[2010.06.27 12:42:06 | 000,000,950 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\vrwf8izn.default\searchplugins\icqplugin-2.xml
[2010.07.11 12:24:42 | 000,000,950 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\vrwf8izn.default\searchplugins\icqplugin-3.xml
[2010.07.25 07:49:56 | 000,000,950 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\vrwf8izn.default\searchplugins\icqplugin-4.xml
[2010.08.17 10:19:49 | 000,000,950 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\vrwf8izn.default\searchplugins\icqplugin-5.xml
[2010.04.04 19:23:01 | 000,000,947 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\vrwf8izn.default\searchplugins\icqplugin.xml
[2011.12.11 21:15:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2010.03.14 18:59:09 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.05.29 14:33:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.10.31 09:36:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.16 16:05:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.21 17:48:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.09 19:11:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.11.16 16:00:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VRWF8IZN.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI
[2011.10.03 11:32:39 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.05.06 14:20:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.04.22 19:20:05 | 000,002,428 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.05.06 14:20:08 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.05.06 14:20:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.03 11:26:07 | 000,002,048 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2011.03.17 11:34:54 | 000,002,046 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml
[2011.05.06 14:20:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.05.06 14:20:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.05.06 14:20:08 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: DivX HiQ = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: Facemoods = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll File not found
O2 - BHO: (no name) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - No CLSID value found.
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll File not found
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll (facemoods.com)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\tbsoft.dll File not found
O4 - HKLM..\Run: [215.exe] C:\Program Files\LP\235D\215.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [215.exe] C:\Users\Christian\AppData\Roaming\Microsoft\235D\215.exe ()
O4 - HKCU..\Run: [iexploer.exe] C:\Users\Christian\AppData\Roaming\Microsoft\Internet Explorer\iexploer.exe ()
O4 - HKCU..\Run: [NexonEULauncher]  File not found
O4 - HKCU..\Run: [PlayNC Launcher]  File not found
F3 - HKCU WinNT: Load - (C:\Users\Christian\AppData\Roaming\536C7\lvvm.exe) -C:\Users\Christian\AppData\Roaming\536C7\lvvm.exe ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Christian\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2B674C53-F8B4-4F48-9987-4E575CC47898}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4975E95-BB39-4903-885A-E15B64E855F2}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\Christian\AppData\Roaming\D0353\8B623.exe) -C:\Users\Christian\AppData\Roaming\D0353\8B623.exe ()
O24 - Desktop WallPaper: C:\Users\Christian\Pictures\galaxy_1920_x_1200_widescreen-1280x800.bmp
O24 - Desktop BackupWallPaper: C:\Users\Christian\Pictures\galaxy_1920_x_1200_widescreen-1280x800.bmp
O32 - Unable to open key or key not present!
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8c0becd4-4acb-11df-b38a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8c0becd4-4acb-11df-b38a-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe
O33 - MountPoints2\{a9575398-a946-11df-8a7d-0022158b6235}\Shell - "" = AutoRun
O33 - MountPoints2\{a9575398-a946-11df-8a7d-0022158b6235}\Shell\AutoRun\command - "" = D:\autorun.exe
O33 - MountPoints2\{a9575398-a946-11df-8a7d-0022158b6235}\Shell\setup\command - "" = D:\autorun.exe
O33 - MountPoints2\{e5f24fc9-313e-11df-b200-0022158b6235}\Shell\Auto\command - "" = H:\Start.exe
O33 - MountPoints2\{e5f24fc9-313e-11df-b200-0022158b6235}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\Start.exe
O33 - MountPoints2\{f273c5e1-4b84-11df-8329-0022158b6235}\Shell - "" = AutoRun
O33 - MountPoints2\{f273c5e1-4b84-11df-8329-0022158b6235}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\H\Shell\Auto\command - "" = H:\Start.exe
O33 - MountPoints2\H\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\Start.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
File not found -- C:\Windows\System32\
[2011.12.30 14:05:24 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Avira
[2011.12.30 14:05:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.12.30 14:05:06 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011.12.30 14:05:05 | 000,134,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.12.30 14:05:05 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.12.30 14:05:05 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011.12.30 14:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.12.30 08:09:42 | 000,000,000 | ---D | C] -- C:\Program Files\536C7
[2011.12.30 07:51:42 | 000,000,000 | ---D | C] -- C:\Program Files\LP
[2011.12.30 07:36:15 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\LimeRunner
[2011.12.30 07:34:34 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\536C7
[2011.12.30 07:33:55 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\D0353
[2011.12.25 20:13:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Source
[2011.12.25 20:13:24 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike Source
[2011.12.25 20:06:58 | 000,000,000 | ---D | C] -- C:\Program Files\Counter-Strike Source
[2011.12.25 11:15:35 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\GZWO
[2011.12.25 01:16:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.12.25 01:07:56 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011.12.25 01:06:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.12.25 01:06:06 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011.12.24 19:52:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011.12.24 19:52:04 | 000,606,552 | ---- | C] (Google Inc.) -- C:\silkroad\Silkroad\RD\Documents\GoogleEarthPluginSetup.exe
[2011.12.22 20:45:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2011.12.22 20:45:19 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2011.12.22 20:45:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2011.12.22 20:45:18 | 000,000,000 | ---D | C] -- C:\silkroad\Silkroad\RD\Documents\DVDVideoSoft
[2011.12.22 20:25:48 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDJ
[2011.12.18 11:39:17 | 000,000,000 | ---D | C] -- C:\Program Files\Silkroad
[2011.12.18 10:10:19 | 000,000,000 | ---D | C] -- C:\silkroad
[2011.12.15 21:47:55 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Guild Wars
[2011.12.11 12:37:29 | 000,000,000 | ---D | C] -- C:\Program Files\thrixxx
[2011.12.05 18:10:58 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\OpenCandy
[2011.12.04 13:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\dbg
[2011.12.02 12:22:21 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2011.12.02 12:22:21 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2011.12.02 12:22:20 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2011.12.02 12:22:20 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2011.12.02 12:20:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2011.12.01 13:19:59 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.12.01 13:19:55 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2011.12.01 13:19:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011.12.01 13:19:24 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011.12.01 09:08:04 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2011.12.01 09:02:54 | 000,000,000 | -HSD | C] -- C:\Users\Christian\AppData\Local\22f251db
[2011.12.01 00:03:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\msmq
[2011.12.01 00:03:47 | 000,000,000 | ---D | C] -- C:\inetpub
[2010.03.07 16:34:23 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
File not found -- C:\Windows\System32\
[2011.12.30 14:45:52 | 000,001,356 | ---- | M] () -- C:\Users\Christian\AppData\Local\d3d9caps.dat
[2011.12.30 14:09:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.30 14:06:49 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.30 14:06:45 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.30 14:06:43 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.30 14:05:20 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.12.30 13:54:18 | 000,729,464 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.12.30 13:54:18 | 000,680,088 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.12.30 13:54:18 | 000,163,540 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.12.30 13:54:18 | 000,134,032 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.12.30 13:54:04 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.12.30 13:43:05 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\At1.job
[2011.12.30 13:41:07 | 000,286,208 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\opera.exe
[2011.12.30 13:00:44 | 000,286,208 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\wmplayer.exe
[2011.12.30 12:38:36 | 000,299,008 | RHS- | M] () -- C:\Users\Christian\wkhim.exe
[2011.12.30 09:26:21 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
[2011.12.30 09:09:39 | 000,000,017 | ---- | M] () -- C:\Users\Christian\html.html
[2011.12.30 09:04:00 | 000,299,008 | RHS- | M] () -- C:\Users\Christian\faufue.exe
[2011.12.30 08:56:49 | 000,286,208 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\X
[2011.12.30 08:31:37 | 000,299,008 | RHS- | M] () -- C:\Users\Christian\vuumu.exe
[2011.12.30 08:17:05 | 000,002,243 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011.12.27 22:18:59 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.27 17:06:40 | 000,000,566 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Christian.job
[2011.12.26 16:41:50 | 284,188,316 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.12.26 14:58:49 | 000,000,803 | ---- | M] () -- C:\Users\Christian\Desktop\Steam.lnk
[2011.12.26 10:25:44 | 000,000,213 | ---- | M] () -- C:\Users\Christian\Desktop\Day of Defeat Source.url
[2011.12.25 20:13:39 | 000,162,546 | ---- | M] () -- C:\silkroad\Silkroad\RD\Documents\fy_iceworld2k9.zip
[2011.12.25 20:13:25 | 000,001,815 | ---- | M] () -- C:\Users\Christian\Desktop\Counter-Strike Source.lnk
[2011.12.25 04:36:00 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2011.12.25 01:16:15 | 000,001,671 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.12.25 01:06:26 | 000,001,733 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011.12.24 19:52:04 | 000,606,552 | ---- | M] (Google Inc.) -- C:\silkroad\Silkroad\RD\Documents\GoogleEarthPluginSetup.exe
[2011.12.24 12:24:28 | 000,124,416 | ---- | M] () -- C:\Users\Christian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.23 17:25:02 | 000,001,826 | ---- | M] () -- C:\Users\Christian\Desktop\Counter Strike Source 2010 - Verknüpfung.lnk
[2011.12.23 16:12:13 | 013,534,017 | ---- | M] () -- C:\silkroad\Silkroad\RD\Documents\SilkroadOnline_GlobalOfficial_v1_337(for_v1_334_336).exe
[2011.12.22 20:15:06 | 000,765,415 | ---- | M] () -- C:\silkroad\Silkroad\RD\Documents\messier-81-spiral-galaxy-1685-1920x1080.jpg
[2011.12.22 20:10:18 | 002,870,803 | ---- | M] () -- C:\silkroad\Silkroad\RD\Documents\the-milky-way-galaxy-1920_0.jpg
[2011.12.18 13:04:20 | 009,640,126 | ---- | M] () -- C:\silkroad\Silkroad\RD\Documents\SBot_1.99.21a2.zip
[2011.12.18 11:45:01 | 000,001,677 | ---- | M] () -- C:\Users\Christian\Desktop\Silkroad.lnk
[2011.12.18 11:08:25 | 1753,568,895 | ---- | M] () -- C:\silkroad\Silkroad\RD\Documents\SilkroadOnline_GlobalOfficial_v1_334_LEGEND_8.exe
[2011.12.15 21:47:55 | 000,001,607 | ---- | M] () -- C:\Users\Christian\Desktop\Guild Wars.lnk
[2011.12.15 15:00:00 | 000,134,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.12.15 15:00:00 | 000,074,640 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.12.15 15:00:00 | 000,036,000 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011.12.05 18:30:49 | 000,036,892 | ---- | M] () -- C:\Windows\System32\bassmod.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.12.30 14:05:20 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.12.30 13:42:31 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\At1.job
[2011.12.30 12:38:36 | 000,299,008 | RHS- | C] () -- C:\Users\Christian\wkhim.exe
[2011.12.30 09:09:45 | 000,286,208 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\opera.exe
[2011.12.30 09:04:00 | 000,299,008 | RHS- | C] () -- C:\Users\Christian\faufue.exe
[2011.12.30 08:31:37 | 000,299,008 | RHS- | C] () -- C:\Users\Christian\vuumu.exe
[2011.12.30 08:30:17 | 000,286,208 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\wmplayer.exe
[2011.12.30 08:17:05 | 000,002,243 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011.12.30 07:49:05 | 000,000,017 | ---- | C] () -- C:\Users\Christian\html.html
[2011.12.30 07:34:24 | 000,286,208 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\X
[2011.12.26 14:58:49 | 000,000,803 | ---- | C] () -- C:\Users\Christian\Desktop\Steam.lnk
[2011.12.26 10:25:44 | 000,000,213 | ---- | C] () -- C:\Users\Christian\Desktop\Day of Defeat Source.url
[2011.12.25 20:13:39 | 000,162,546 | ---- | C] () -- C:\silkroad\Silkroad\RD\Documents\fy_iceworld2k9.zip
[2011.12.25 20:13:25 | 000,001,815 | ---- | C] () -- C:\Users\Christian\Desktop\Counter-Strike Source.lnk
[2011.12.25 01:16:15 | 000,001,671 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.12.25 01:06:26 | 000,001,733 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011.12.23 17:25:02 | 000,001,826 | ---- | C] () -- C:\Users\Christian\Desktop\Counter Strike Source 2010 - Verknüpfung.lnk
[2011.12.23 16:12:09 | 013,534,017 | ---- | C] () -- C:\silkroad\Silkroad\RD\Documents\SilkroadOnline_GlobalOfficial_v1_337(for_v1_334_336).exe
[2011.12.22 20:15:06 | 000,765,415 | ---- | C] () -- C:\silkroad\Silkroad\RD\Documents\messier-81-spiral-galaxy-1685-1920x1080.jpg
[2011.12.22 20:10:18 | 002,870,803 | ---- | C] () -- C:\silkroad\Silkroad\RD\Documents\the-milky-way-galaxy-1920_0.jpg
[2011.12.18 14:27:02 | 284,188,316 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.12.18 13:04:17 | 009,640,126 | ---- | C] () -- C:\silkroad\Silkroad\RD\Documents\SBot_1.99.21a2.zip
[2011.12.18 11:02:13 | 000,029,696 | -HS- | C] () -- C:\Users\Christian\lsass.exe
[2011.12.18 10:18:31 | 1753,568,895 | ---- | C] () -- C:\silkroad\Silkroad\RD\Documents\SilkroadOnline_GlobalOfficial_v1_334_LEGEND_8.exe
[2011.12.15 21:47:55 | 000,001,607 | ---- | C] () -- C:\Users\Christian\Desktop\Guild Wars.lnk
[2011.12.05 18:25:37 | 000,036,892 | ---- | C] () -- C:\Windows\System32\bassmod.dll
[2011.10.26 02:20:30 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2011.10.25 21:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\System32\OpenVideo.dll
[2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\System32\OVDecoder.dll
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.08.30 15:33:12 | 000,239,869 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.07.04 18:05:39 | 000,000,552 | ---- | C] () -- C:\Users\Christian\AppData\Local\d3d8caps.dat
[2011.05.24 22:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2011.05.08 16:23:56 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.05.08 16:23:20 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.05.08 16:23:14 | 000,103,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010.08.27 16:58:29 | 000,000,000 | ---- | C] () -- C:\Windows\Aion_09.ini
[2010.08.27 16:56:58 | 000,000,000 | ---- | C] () -- C:\Windows\Aion_03.ini
[2010.08.27 16:54:41 | 000,000,000 | ---- | C] () -- C:\Windows\Aion_07.ini
[2010.08.16 18:24:27 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.08.16 18:24:27 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.06.29 17:15:09 | 000,042,810 | ---- | C] () -- C:\Windows\System32\items.dat
[2010.06.20 18:05:29 | 000,001,356 | ---- | C] () -- C:\Users\Christian\AppData\Local\d3d9caps.dat
[2010.04.20 15:35:05 | 000,023,888 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\UserTile.png
[2010.04.19 07:37:24 | 000,327,168 | ---- | C] () -- C:\Windows\System32\cutil32.dll
[2010.04.13 16:55:41 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.04.13 16:55:41 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.04.10 20:53:34 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010.03.20 16:51:49 | 000,124,416 | ---- | C] () -- C:\Users\Christian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.14 19:00:16 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.09 04:33:59 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010.03.08 02:01:55 | 000,081,920 | ---- | C] () -- C:\Windows\PGMONITOR.EXE
[2010.03.08 02:01:50 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2010.03.08 02:01:48 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2010.03.08 01:22:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008.10.22 04:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2008.04.16 12:11:34 | 000,729,464 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.04.16 12:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.04.16 12:11:34 | 000,163,540 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.04.16 12:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.04.16 11:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2008.01.21 03:23:20 | 000,054,784 | ---- | C] () -- C:\Windows\System32\drivers\i8042prt.sys
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,234,600 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 13:35:28 | 000,000,041 | ---- | C] () -- C:\Windows\System32\mqtgsvc.exe.cfg
[2006.11.02 11:33:01 | 000,680,088 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,134,032 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.01.19 09:30:54 | 000,009,255 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
 
========== LOP Check ==========
 
[2011.06.06 18:32:06 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\.minecraft
[2011.12.30 07:35:08 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\536C7
[2011.04.22 19:29:05 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\AlcaTech
[2011.04.10 11:07:12 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Atari
[2011.10.26 17:15:05 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Azureus
[2010.06.20 07:07:00 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011.12.30 13:20:19 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\D0353
[2011.12.18 11:03:59 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\DAEMON Tools Lite
[2011.10.26 17:15:17 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\DAEMON Tools Pro
[2011.12.22 20:45:43 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\DVDVideoSoft
[2011.08.02 16:40:00 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.10.18 17:50:41 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\elsterformular
[2010.05.31 16:40:39 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\FlashGet
[2010.09.26 17:28:36 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\GrabPro
[2011.01.08 16:45:42 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Leadertech
[2011.12.30 09:11:13 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\LimeRunner
[2011.12.05 18:11:19 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\OpenCandy
[2011.11.15 18:20:52 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Opera
[2010.09.26 17:29:06 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Orbit
[2010.04.20 15:35:05 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\PeerNetworking
[2011.11.26 12:40:33 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\phonostar GmbH
[2010.05.23 14:42:39 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Playrix Entertainment
[2010.09.26 17:28:41 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\ProgSense
[2011.09.15 11:12:17 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\ProtectDISC
[2010.07.06 20:04:37 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Rapid Evolution 2
[2011.09.15 09:25:26 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\RIFT
[2011.08.23 18:26:20 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\SecondLife
[2011.04.24 12:18:13 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Softplicity
[2010.03.07 19:25:30 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\TeamViewer
[2011.12.12 19:42:24 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\TS3Client
[2011.11.05 00:16:47 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\ts3overlay
[2011.11.09 19:19:09 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\TSNotifier
[2011.12.02 12:12:01 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Ubisoft
[2010.09.26 17:28:55 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Uniblue
[2011.03.23 07:35:09 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Valuga Software
[2011.03.20 15:57:30 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\XRay Engine
[2011.12.30 13:43:05 | 000,000,390 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011.12.25 04:36:00 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job
[2011.12.30 13:54:05 | 000,032,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.09.19 04:38:39 | 000,000,426 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{7E116413-7AA2-47BA-9793-9A0CA913065F}.job
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---
__________________
Alt 30.12.2011, 15:06   #3
chrischi0908
 
Ich habe den sch..... 50€ Trojana auch - Standard

Ich habe den sch..... 50€ Trojana auch


OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 30.12.2011 14:54:25 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Christian\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,11 Gb Available Physical Memory | 70,42% Memory free
7,46 Gb Paging File | 6,75 Gb Available in Paging File | 90,43% Paging File free
Paging file location(s): c:\pagefile.sys 4605 4605 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223,12 Gb Total Space | 67,54 Gb Free Space | 30,27% Space Free | Partition Type: NTFS
 
Computer Name: CHRISTIAN-PC | User Name: Christian | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01B6A4FD-CD29-494F-8A3B-FE98276F0FA1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{09CB01D0-F066-4020-9734-2FE6A269DF20}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{15226F4D-130E-4088-AA49-D34BDB3A675A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{17C1171F-AA99-48D6-A05F-638C6368DC0E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{39652901-A6C7-455F-8972-BCC7B2CDB32B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{400E5998-FD4E-4A7F-82EB-9AA95E910CA2}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe | 
"{44BAD001-C7F7-495A-BB59-1D814F7DE2C2}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{4A4B27DB-9E96-4970-B2CF-91BE69C89C27}" = lport=137 | protocol=17 | dir=in | app=system | 
"{56375F7D-D08D-4479-B3B0-46F2F735F0F0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{60582CD3-BAD1-40BB-8B89-E1DD0F396EE0}" = rport=137 | protocol=17 | dir=out | app=system | 
"{6AD6F345-995B-4F01-857B-C7A707D5CD38}" = rport=138 | protocol=17 | dir=out | app=system | 
"{712C2047-0960-47E3-82C9-305C7C319A06}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{7B1144EA-24D5-4CE5-8ACE-B1685F290135}" = lport=139 | protocol=6 | dir=in | app=system | 
"{7E41BF0E-AD70-4481-BBAF-6F2FD3074906}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{7E621D17-867E-4D61-B82A-2EA893E67EFB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{80772258-C969-44B6-B08E-79E4F614376D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{814C2075-40D6-475B-A338-3995DAF19CEE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{8BF5DA5B-DC01-4A3E-8429-3BBB596DCB56}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{A6DEFAF2-E25B-46F3-AC39-0991490C8571}" = rport=139 | protocol=6 | dir=out | app=system | 
"{B479FC55-F304-412F-8D4D-44BA935E42C8}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{BB2568B7-8416-4D3D-A8CB-6A1E994B0D27}" = rport=445 | protocol=6 | dir=out | app=system | 
"{C58A7BCD-5174-415B-9DEA-26BE08485B68}" = lport=445 | protocol=6 | dir=in | app=system | 
"{CB482A17-87B8-4546-AB03-959077904CD1}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{CF7B98A8-F865-4E25-B425-32491376CD50}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{CFA384E7-8F5E-432A-BAF6-D27C5D2BAA69}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D152189A-7C63-46A1-8099-5AAE1E9D1028}" = lport=138 | protocol=17 | dir=in | app=system | 
"{DD6B6B4D-C55C-4DDA-AD83-F42C0B599313}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E19BD1EE-D9D3-4B02-8D34-D4DE39097532}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E1B53713-E28B-4DD7-A6D6-1D052F9D62E5}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{EEF9A699-4404-4DCE-A232-6D10EFC7A24E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02493C4E-7D0C-40AC-AE5F-85ED7EBDADDB}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{042C11EC-436E-4592-923F-E42EF5E702FA}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"{0597942B-F941-4BA0-9C61-F9195377EC0E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{07198516-A1F2-4E0A-917D-86ED268604CF}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{089289BF-48C6-459B-9114-CF8DBB9C7F44}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{0A5C0289-E018-465A-A12C-39CEDEC193D3}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{13B1E7F0-EA55-4CF2-8046-658821A632B7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{13D5CA3D-FE2B-4DD1-AF0D-5ACCADD04FCB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1FD6A420-47A8-4AF0-B2C8-22407C2DEFEC}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{2886F105-1816-436D-8597-2CCE1A3BAD01}" = protocol=6 | dir=in | app=c:\program files\qfg\dead island deluxe edition\deadislandgame.exe | 
"{38AD35C3-5097-4C83-AA32-D726878316AD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{413B2A52-2692-417C-BA7C-FACE1C301232}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{510D6B0A-4315-419E-BDA2-5B0695ECE74E}" = protocol=17 | dir=in | app=c:\program files\qfg\dead island deluxe edition\deadislandgame.exe | 
"{58E3665E-B0E7-4460-A1C6-D9EA44189079}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{61F54463-C166-4E1E-BCA4-5B120420AEEE}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{71FE4485-56C0-4278-91A8-BA9E036A62FF}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{7426C62D-70B7-42F1-89D6-B54AFD2F11CF}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{79CD9E8B-A810-43AC-9DED-7815BE8AF353}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"{7A35AC53-85B5-4C7D-82EB-147DBCB1D0AE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{8429F67F-BF20-488A-9359-C20E658F7C72}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{8A6C3642-86EF-48FE-8157-7E8C5640B0D5}" = protocol=17 | dir=in | app=c:\program files\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\dedicated\xrengine.exe | 
"{8B54FB93-ACAF-4DEA-A00B-C30F511388B3}" = protocol=6 | dir=in | app=c:\program files\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\dedicated\xrengine.exe | 
"{930CF24B-1BB6-41B0-85DF-9B8F16BEE3C2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{96218AE1-1C26-4B64-8028-E937D5D8F6B9}" = protocol=17 | dir=in | app=c:\program files\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe | 
"{971D4BB6-804A-481B-BF8C-7B07A2DA507F}" = protocol=6 | dir=in | app=c:\program files\bitcomposer games\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe | 
"{9BE6F442-E5B7-4149-87A2-807C33D7561D}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | 
"{9BF0C8A2-94A4-43C8-957A-84D052C4B0F4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{9EAD6F11-0F8B-4B65-9351-2824164EC3AD}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{A49AD728-3449-44DE-9588-29B6CFA3608F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A7385884-2D68-4813-8DA0-4A1794FE9D6B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{B1D21E53-04AE-480D-A692-9E52EEA4EB48}" = protocol=6 | dir=out | app=system | 
"{B31A9721-A02F-497C-9590-173628558F03}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{BA6C067A-74FB-4EAE-A5CA-4C29ED0DB2BA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BE7132A0-74D0-4263-9D91-886D2BADD7AA}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{C5204171-B966-49DA-A189-B6BF3B73CBF6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{C6C3A013-9F65-4875-BD50-3CAAD7E83DCB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CF4BCD5A-23AF-4A41-B2B0-9F5C7B2F0E26}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CFFA3B08-E976-4B0D-AC29-57082B867C6E}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{D2FFB0FB-C74A-4EF6-BA03-E25BBEF46FCB}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{FAE9AA1F-CDD2-4B40-A8FE-BB22125EEC71}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | 
"TCP Query User{2D077903-0B71-4377-8195-ABDC66058507}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{3BABEB9A-3182-4AE2-BE7E-AE84F24A13A9}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{8593BD69-E6C5-4221-9C9F-E0ABE9D9714F}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe | 
"TCP Query User{98B85122-C4D3-4DA8-AD36-E8CFBB80BFE7}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{C74AAE66-1F71-4CCA-BEFD-C94FAF169324}C:\users\christian\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\christian\appdata\local\akamai\netsession_win.exe | 
"TCP Query User{CD7FF70B-B1E2-4ADE-A18E-1C869B2E548A}C:\users\christian\downloads\sro_l8_full_client_downloader.exe" = protocol=6 | dir=in | app=c:\users\christian\downloads\sro_l8_full_client_downloader.exe | 
"TCP Query User{CFF89D77-9A2A-4533-B502-25BB5F602800}C:\games\call of duty modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=c:\games\call of duty modern warfare 2\iw4mp.exe | 
"TCP Query User{D0A35C48-71C6-47A2-8A49-B6E287B0FCD6}C:\games\call of duty modern warfare 2\iw4sp.exe" = protocol=6 | dir=in | app=c:\games\call of duty modern warfare 2\iw4sp.exe | 
"UDP Query User{13723F20-D577-4466-8DC8-1A61D018C8C9}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{2F8F3C2E-A804-429B-936A-22A8B4FF2E26}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{52647172-A3D4-4639-92E8-A94B9B2C20E5}C:\games\call of duty modern warfare 2\iw4sp.exe" = protocol=17 | dir=in | app=c:\games\call of duty modern warfare 2\iw4sp.exe | 
"UDP Query User{AD78B79A-C6C5-4BD2-A90A-F1377D230FAC}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{B0CF4FA9-851F-43F5-8DF1-95FE902B9FF4}C:\games\call of duty modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=c:\games\call of duty modern warfare 2\iw4mp.exe | 
"UDP Query User{BA40F367-86E8-4F78-A952-0DAAC520EEC3}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe | 
"UDP Query User{EDC2F063-48E9-493A-B6DA-CBB70F46C8D0}C:\users\christian\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\christian\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{FA0100B2-7F1B-4BD8-AD88-F5814BF23B47}C:\users\christian\downloads\sro_l8_full_client_downloader.exe" = protocol=17 | dir=in | app=c:\users\christian\downloads\sro_l8_full_client_downloader.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{011BF729-0369-EF59-4294-11D022AE3538}" = AMD Catalyst Install Manager
"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{096E41D2-F5C2-4B1B-8E66-7E62C8919233}_is1" = Winterberg Configurator Version WEM Confi 7.61
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0E33EC53-22CE-426C-A88B-2AAC231BAC85}" = Catalyst Control Center - Branding
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series" = Canon iP3600 series Printer Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 29
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor
"{300A2961-B2B5-4889-9CB9-5C2A570D08AD}" = Debugging Tools for Windows (x86)
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{35FE995E-5A31-D005-0303-8D9FBBD4B67B}" = Catalyst Control Center Graphics Previews Common
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E9DDAA2-0271-4D5E-982B-CDA508E0933C}" = Aion
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6746BEC6-EE67-4173-A2FF-D9A21D8FF27D}" = ILLUSION すくぅ~るメイト
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}" = ccc-Branding
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C54986D-B318-0985-DD1D-C0446895390C}" = ccc-utility
"{7E5FFC5E-5A7F-864A-2E0D-0B234ED7B14F}" = Catalyst Control Center InstallProxy
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.4 - Deutsch
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{C025595B-A217-7317-65D8-CE7D304FCD30}" = Catalyst Control Center
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}" = NCsoft Launcher
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D4904594-2833-4C0C-870E-55FF06FDBE39}" = TS Notifier
"{D5AFB7E8-D81F-F57F-4D43-EC95E49425FE}" = Catalyst Control Center Localization All
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F76C09F9-C367-6FB9-4965-A26211D094FC}" = CCC Help English
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3D SexVilla 2 - Everlust (MegaPack)" = 3D SexVilla 2 - Everlust (MegaPack)
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Aion_03_is1" = Aion_03
"Aion_07_is1" = Aion_07
"Aion_09_is1" = Aion_09
"Avira AntiVir Desktop" = Avira Free Antivirus
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Counter-Strike: Source" = Counter-Strike: Source
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Setup.divx.com" = DivX-Setup
"ElsterFormular 12.4.0.7094p" = ElsterFormular
"facemoods" = Facemoods Toolbar
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.14.1206
"Google Chrome" = Google Chrome
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mozilla Firefox 7.0.1 (x86 de)" = Mozilla Firefox 7.0.1 (x86 de)
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Traktor" = Native Instruments Traktor
"NSS" = Norton Security Scan
"Opera 11.60.1185" = Opera 11.60
"phonostar3RadioPlayer_is1" = phonostar-Player Version 3.02.2
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Silkroad" = Silkroad
"SmartSteam 1.4.1" = SmartSteam 1.4.1
"sp6" = Logitech SetPoint 6.32
"Steam App 300" = Day of Defeat: Source
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 5" = TeamViewer 5
"Theme Park World" = Theme Park World
"Total Audio Converter_is1" = TotalAudioConverter
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"VLC media player" = VLC media player 1.0.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Match The Note" = Match The Note
"NCsoft-GuildWars" = Guild Wars
"SimAquarium" = SimAquarium
"Unite Media Player" = Unite Media Player
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 30.12.2011 08:50:12 | Computer Name = Christian-PC | Source = Microsoft-Windows-CAPI2 | ID = 131329
Description = 
 
Error - 30.12.2011 08:50:18 | Computer Name = Christian-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 30.12.2011 08:53:17 | Computer Name = Christian-PC | Source = Microsoft-Windows-CAPI2 | ID = 131329
Description = 
 
Error - 30.12.2011 08:53:22 | Computer Name = Christian-PC | Source = Microsoft-Windows-CAPI2 | ID = 131329
Description = 
 
Error - 30.12.2011 08:55:24 | Computer Name = Christian-PC | Source = MSMQ | ID = 2170
Description = 
 
Error - 30.12.2011 08:55:24 | Computer Name = Christian-PC | Source = MSMQ | ID = 2170
Description = 
 
Error - 30.12.2011 08:59:41 | Computer Name = Christian-PC | Source = Microsoft-Windows-CAPI2 | ID = 131329
Description = 
 
Error - 30.12.2011 08:59:41 | Computer Name = Christian-PC | Source = Microsoft-Windows-CAPI2 | ID = 131329
Description = 
 
Error - 30.12.2011 08:59:47 | Computer Name = Christian-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 30.12.2011 09:00:41 | Computer Name = Christian-PC | Source = EventSystem | ID = 4609
Description = 
 
[ System Events ]
Error - 10.03.2010 00:10:13 | Computer Name = Christian-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = 
 
Error - 10.03.2010 00:10:13 | Computer Name = Christian-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 10.03.2010 13:08:48 | Computer Name = Christian-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 10.03.2010 13:08:48 | Computer Name = Christian-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 10.03.2010 13:08:48 | Computer Name = Christian-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 11.03.2010 12:56:36 | Computer Name = Christian-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 11.03.2010 12:56:36 | Computer Name = Christian-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 15.03.2010 04:51:27 | Computer Name = Christian-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 15.03.2010 04:52:18 | Computer Name = Christian-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 15.03.2010 04:54:07 | Computer Name = Christian-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
 
< End of report >
--- --- ---
__________________
Antwort

Themen zu Ich habe den sch..... 50€ Trojana auch
eingefangen, gefangen, gen, hoffe, troja, trojana, weiterhelfen


« Achtung ! Aus Sicherheitsgründen wurde ihr Windows blockiert | Gema - Trojaner sbcvvhost_win86 »


Ähnliche Themen: Ich habe den sch..... 50€ Trojana auch


  1. Auch ich habe den GVU Trojaner
    Plagegeister aller Art und deren Bekämpfung - 05.01.2013 (5)
  2. Habe mir auch den GVU eingefangen :-(
    Plagegeister aller Art und deren Bekämpfung - 18.09.2012 (2)
  3. Habe auch den 50€ trojaner
    Alles rund um Windows - 27.04.2012 (1)
  4. Habe auch den AKM Trojaner
    Log-Analyse und Auswertung - 29.03.2012 (19)
  5. 50 € Virus ich habe ihn auch !
    Plagegeister aller Art und deren Bekämpfung - 28.01.2012 (24)
  6. habe auch den BKA-Trojana
    Plagegeister aller Art und deren Bekämpfung - 24.08.2011 (8)
  7. Habe auch den BKA Trojaner
    Plagegeister aller Art und deren Bekämpfung - 31.07.2011 (24)
  8. Ich habe nun auch ein Plagegeist
    Plagegeister aller Art und deren Bekämpfung - 18.09.2010 (13)
  9. AntiMalwareDoctor - Auch ich habe ihn
    Plagegeister aller Art und deren Bekämpfung - 31.08.2010 (0)
  10. habe warscheinlich viren und /oder trojana on board (laptop)
    Log-Analyse und Auswertung - 05.08.2010 (3)
  11. Auch ich habe den ICQ-Virus...
    Plagegeister aller Art und deren Bekämpfung - 10.06.2010 (15)
  12. ich habe auch mal wieder was
    Log-Analyse und Auswertung - 04.05.2009 (8)
  13. habe Virus, trojana oder so auf meinem rechner
    Plagegeister aller Art und deren Bekämpfung - 24.10.2008 (5)
  14. Ich habe auch Bootprobleme mit XP Pro SP2
    Alles rund um Windows - 07.05.2006 (2)
  15. Habe einen Trojana :(
    Plagegeister aller Art und deren Bekämpfung - 11.05.2005 (9)
  16. Habe auch ´nen HiJacker
    Log-Analyse und Auswertung - 09.03.2005 (1)
  17. Habe mir den Trojana TR/StartPage.qr.DLL eingefangen
    Log-Analyse und Auswertung - 24.02.2005 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Ich habe den sch..... 50€ Trojana auch - Hallo zusammen. Ich habe mir auch den 50 Euro-Virus eingefangen und hoffe das ihr mir weiterhelfen könnt - Ich habe den sch..... 50€ Trojana auch...
Archiv
Du betrachtest: Ich habe den sch..... 50€ Trojana auch auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131