Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Netbook Backdoor versucht, Passwörter gehackt!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Alt 14.05.2012, 09:24   #1
donniedarko
 
Netbook Backdoor versucht, Passwörter gehackt! - Standard

Netbook Backdoor versucht, Passwörter gehackt!



Hallo Leute,
Gestern bekamen ein paar Leute von mir eine Spammail von meinem GMX-Account inkl. Virus.
Ich vermute ich hab mir irgendwas eingefangen.

Ich hoffe ihr könnt mich weiterhelfen.
Code:
ATTFilter
Malwarebytes:
 Malwarebytes Anti-Malware  (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.05.13.04

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Marcus :: MARCUS-EEEPC [Administrator]

Schutz: Aktiviert

14.05.2012 00:58:21
mbam-log-2012-05-14 (00-58-21).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 200770
Laufzeit: 22 Minute(n), 14 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Marcus\AppData\Local\Temp\is-BSUII.tmp\DealioToolbar-stub-1.exe (PUP.Dealio.TB) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         






OTL:
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 5/14/2012 9:54:43 AM - Run 1
OTL by OldTimer - Version 3.2.42.3     Folder = C:\Users\Marcus\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1014.18 Mb Total Physical Memory | 235.43 Mb Available Physical Memory | 23.21% Memory free
1.99 Gb Paging File | 0.73 Gb Available in Paging File | 36.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 80.00 Gb Total Space | 15.94 Gb Free Space | 19.92% Space Free | Partition Type: NTFS
Drive D: | 54.03 Gb Total Space | 13.59 Gb Free Space | 25.16% Space Free | Partition Type: NTFS
 
Computer Name: MARCUS-EEEPC | User Name: Marcus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/05/14 01:01:58 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Marcus\Desktop\OTL.exe
PRC - [2012/05/06 11:40:43 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/05/03 10:36:59 | 000,153,600 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
PRC - [2012/05/03 10:36:59 | 000,121,856 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/03/28 02:53:14 | 000,404,568 | ---- | M] (LG Electronics) -- C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
PRC - [2011/07/16 06:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/07/05 15:38:12 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/04/28 19:03:29 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/22 20:37:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2011/03/09 00:00:00 | 000,495,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe
PRC - [2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/12/13 09:39:19 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/09/16 14:06:22 | 000,080,896 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010/09/07 18:47:18 | 000,202,048 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2010/09/07 18:47:08 | 000,664,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2010/06/09 23:26:34 | 000,412,600 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
PRC - [2010/06/04 04:40:30 | 001,242,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
PRC - [2010/05/29 01:41:36 | 000,445,344 | ---- | M] (ASUS) -- C:\Program Files\EeePC\CapsHook\CapsHook.exe
PRC - [2010/04/13 04:37:47 | 000,083,240 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
PRC - [2010/01/29 20:18:52 | 000,751,592 | ---- | M] () -- C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
PRC - [2010/01/14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/09/11 20:41:02 | 000,100,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
PRC - [2009/08/19 02:35:56 | 000,219,136 | ---- | M] () -- C:\Windows\System32\AsusService.exe
PRC - [2009/08/12 13:32:56 | 000,365,936 | ---- | M] (Boingo Wireless, Inc.) -- C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/06/05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012/05/06 11:40:42 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/10/18 09:26:14 | 008,522,400 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2010/09/07 18:47:08 | 000,664,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2010/03/15 12:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\rarext.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012/05/06 11:40:43 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/03 10:36:59 | 000,153,600 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE -- (EPSON_EB_RPCV4_04) EPSON V5 Service4(04)
SRV - [2012/05/03 10:36:59 | 000,121,856 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE -- (EPSON_PM_RPCV4_04) EPSON V3 Service4(04)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/07/05 15:38:12 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/28 19:03:29 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/09/16 14:06:22 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010/09/07 18:47:18 | 000,202,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2009/08/19 02:35:56 | 000,219,136 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2007/05/31 16:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 16:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgvmodem.sys -- (LGVMODEM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtport.sys -- (LgBttPort)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\btwrchid.sys -- (btwrchid)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwl2cap.sys -- (btwl2cap)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\btwavdt.sys -- (btwavdt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btwaudio.sys -- (btwaudio)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (aj77l0wd)
DRV - [2012/05/14 09:50:59 | 000,054,016 | ---- | M] () [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\weckg.sys -- (jdwrp)
DRV - [2012/05/08 16:45:50 | 000,040,672 | ---- | M] (Hitachi Semiconductor and Devices Sales Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CESG502.SYS -- (PVUSB)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/05 15:38:19 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/07/05 15:38:19 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/01/10 18:02:47 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/12/07 14:23:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2010/12/07 14:23:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2010/12/07 14:23:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2010/12/07 14:22:58 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2010/08/02 16:19:22 | 000,025,728 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandadb.sys -- (androidusb)
DRV - [2010/06/23 10:24:56 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010/06/21 16:31:18 | 000,011,520 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2010/06/18 15:09:48 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2010/06/18 14:41:34 | 000,019,968 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2010/06/17 15:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/04/13 04:36:46 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2010/04/13 04:36:12 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2010/04/01 14:31:50 | 000,023,424 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2010/03/10 09:16:12 | 000,025,112 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ivusb.sys -- (ivusb)
DRV - [2010/01/25 19:56:44 | 000,009,472 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2009/10/05 17:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/14 00:02:47 | 000,050,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV - [2009/01/29 17:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2009/01/29 17:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2007/11/02 15:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [1999/03/06 13:38:28 | 000,006,144 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASUSHWIO.SYS -- (asushwio)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://eeepc.asus.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddr
IE - HKCU\..\SearchScopes,DefaultScope = {CFB29CFD-38CD-45DA-8D09-B824417EEEB1}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{CFB29CFD-38CD-45DA-8D09-B824417EEEB1}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}:1.0
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: dealio@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Marcus\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}: C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/06 11:40:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/25 16:42:08 | 000,000,000 | ---D | M]
 
[2011/01/03 22:04:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcus\AppData\Roaming\mozilla\Extensions
[2012/05/02 20:34:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcus\AppData\Roaming\mozilla\Firefox\Profiles\dx2z6zwq.default\extensions
[2011/01/28 12:33:14 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Marcus\AppData\Roaming\mozilla\Firefox\Profiles\dx2z6zwq.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/03/30 18:34:25 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Marcus\AppData\Roaming\mozilla\Firefox\Profiles\dx2z6zwq.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/11/15 12:43:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012/03/30 18:34:26 | 000,685,019 | ---- | M] () (No name found) -- C:\USERS\MARCUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DX2Z6ZWQ.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
[2011/08/23 21:08:26 | 000,025,939 | ---- | M] () (No name found) -- C:\USERS\MARCUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DX2Z6ZWQ.DEFAULT\EXTENSIONS\FFXTLBR@FACEMOODS.COM.XPI
[2012/05/06 11:40:43 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/01/03 23:47:16 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/11/12 12:25:00 | 000,076,288 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2010/12/21 11:14:26 | 000,167,704 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2011/03/22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011/10/06 21:43:04 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/10/06 21:43:04 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/10/06 21:43:04 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010/12/13 14:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml
[2011/10/06 21:43:04 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/10/06 21:43:04 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/10/06 21:43:04 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Boingo Wi-Fi] C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk ()
O4 - HKLM..\Run: [CapsHook] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [EeeSplendidAgent] C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe File not found
O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LiveUpdate] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EPSON BX305 Series] C:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIGJE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Marcus\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00A020C8-05B7-4AAD-B2AC-EB300F9D73D4}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE60F15E-2C5D-436D-80C2-6B3D7392C60A}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4e1179c5-1cd3-11e0-9ad3-20cf3052a631}\Shell - "" = AutoRun
O33 - MountPoints2\{4e1179c5-1cd3-11e0-9ad3-20cf3052a631}\Shell\AutoRun\command - "" = F:\LGAutoRun.exe
O33 - MountPoints2\{6e94df3e-f929-11e0-8c12-20cf3052a631}\Shell - "" = AutoRun
O33 - MountPoints2\{6e94df3e-f929-11e0-8c12-20cf3052a631}\Shell\AutoRun\command - "" = F:\LGAutoRun.exe
O33 - MountPoints2\{cc7cedbf-8129-11e0-92d8-20cf3052a631}\Shell - "" = AutoRun
O33 - MountPoints2\{cc7cedbf-8129-11e0-92d8-20cf3052a631}\Shell\AutoRun\command - "" = F:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
Drivers32: aux - C:\windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: VIDC.IYUV - C:\windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - C:\windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - C:\windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\windows\System32\msacm32.drv (Microsoft Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/05/14 01:01:18 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Marcus\Desktop\OTL.exe
[2012/05/14 00:56:47 | 000,000,000 | ---D | C] -- C:\Users\Marcus\AppData\Roaming\Malwarebytes
[2012/05/14 00:56:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/05/14 00:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/05/14 00:56:09 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2012/05/14 00:56:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/05/14 00:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2012/05/14 00:34:39 | 000,000,000 | ---D | C] -- C:\windows\pss
[2012/05/14 00:11:19 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2012/05/14 00:08:16 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders
[2012/05/13 20:15:17 | 000,000,000 | ---D | C] -- C:\Users\Marcus\AppData\Roaming\Avira
[2012/05/08 16:56:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CASIO
[2012/05/08 16:47:14 | 000,000,000 | ---D | C] -- C:\Users\Marcus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CASIO
[2012/05/08 16:47:10 | 000,000,000 | ---D | C] -- C:\Program Files\CASIO
[2012/05/08 16:32:14 | 000,000,000 | ---D | C] -- C:\windows\Downloaded Installations
[2012/05/06 11:40:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/05/06 11:40:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/05/03 11:10:12 | 000,000,000 | ---D | C] -- C:\ProgramData\UDL
[2012/05/03 11:03:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
[2012/05/03 11:03:55 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software
[2012/05/03 11:01:57 | 000,000,000 | ---D | C] -- C:\Users\Marcus\AppData\Roaming\EPSON
[2012/05/03 10:54:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Creativity Suite
[2012/05/03 10:40:37 | 000,000,000 | ---D | C] -- C:\Program Files\epson
[2012/04/21 13:37:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012/04/19 13:07:43 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/05/14 09:50:59 | 000,054,016 | ---- | M] () -- C:\windows\System32\drivers\weckg.sys
[2012/05/14 09:30:00 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/14 01:01:58 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Marcus\Desktop\OTL.exe
[2012/05/14 00:04:17 | 000,002,413 | ---- | M] () -- C:\windows\System32\lgAxconfig.ini
[2012/05/13 20:29:09 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/13 20:04:59 | 000,013,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/13 20:04:59 | 000,013,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/13 19:52:01 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/05/13 19:51:53 | 797,581,312 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/11 12:18:24 | 000,440,496 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/05/11 11:30:03 | 000,657,676 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2012/05/11 11:30:03 | 000,618,912 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/05/11 11:30:03 | 000,131,016 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2012/05/11 11:30:03 | 000,107,232 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/05/10 14:58:41 | 000,000,008 | ---- | M] () -- C:\windows\System32\ctsn32.dll
[2012/05/08 16:45:50 | 000,040,672 | ---- | M] (Hitachi Semiconductor and Devices Sales Co.,Ltd.) -- C:\windows\System32\drivers\CESG502.SYS
[2012/05/08 16:34:43 | 000,000,008 | ---- | M] () -- C:\windows\System32\tcdl2.dll
[2012/05/03 11:09:05 | 000,000,308 | ---- | M] () -- C:\windows\setup.iss
[2012/04/19 13:50:07 | 000,000,000 | ---- | M] () -- C:\Users\Marcus\ADB
[2012/04/19 13:49:06 | 000,000,000 | ---- | M] () -- C:\Users\Marcus\P970Mod
[2012/04/19 11:46:00 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_Kernel_lgandadb_01005.Wdf
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/05/14 09:50:59 | 000,054,016 | ---- | C] () -- C:\windows\System32\drivers\weckg.sys
[2012/05/08 16:34:43 | 000,000,008 | ---- | C] () -- C:\windows\System32\tcdl2.dll
[2012/05/08 16:34:43 | 000,000,008 | ---- | C] () -- C:\windows\System32\ctsn32.dll
[2012/05/03 11:08:34 | 000,000,308 | ---- | C] () -- C:\windows\setup.iss
[2012/04/19 13:50:07 | 000,000,000 | ---- | C] () -- C:\Users\Marcus\ADB
[2012/04/19 13:49:06 | 000,000,000 | ---- | C] () -- C:\Users\Marcus\P970Mod
[2012/04/19 11:46:00 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_Kernel_lgandadb_01005.Wdf
[2012/01/30 21:54:11 | 000,038,428 | ---- | C] () -- C:\Users\Marcus\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2012/01/30 21:54:06 | 000,000,028 | ---- | C] () -- C:\windows\ODBC.INI
[2011/08/11 20:01:15 | 000,053,248 | ---- | C] () -- C:\windows\System32\CommonDL.dll
[2011/08/11 20:01:15 | 000,002,413 | ---- | C] () -- C:\windows\System32\lgAxconfig.ini
[2011/07/05 16:46:03 | 000,000,000 | ---- | C] () -- C:\windows\nsreg.dat
[2011/05/25 22:22:57 | 000,038,422 | ---- | C] () -- C:\Users\Marcus\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2011/02/18 12:42:06 | 000,007,607 | ---- | C] () -- C:\Users\Marcus\AppData\Local\Resmon.ResmonCfg
[2011/01/11 13:32:05 | 000,008,192 | ---- | C] () -- C:\Users\Marcus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/03 22:30:01 | 000,111,104 | ---- | C] () -- C:\windows\System32\Uharc.exe
[2011/01/03 22:30:01 | 000,008,636 | ---- | C] () -- C:\windows\System32\modifype.exe
[2010/12/29 08:43:34 | 000,006,144 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS
[2010/12/28 19:50:41 | 000,000,117 | ---- | C] () -- C:\windows\TmPfw.ini
[2010/12/28 19:34:48 | 000,004,692 | ---- | C] () -- C:\windows\System32\drivers\SamSfPa.dat
[2010/12/28 19:34:48 | 000,000,008 | ---- | C] () -- C:\windows\System32\drivers\rtkhdaud.dat
[2010/10/05 01:59:32 | 000,005,632 | ---- | C] () -- C:\windows\System32\StarOpen.sys
[2010/06/24 18:31:21 | 000,129,472 | ---- | C] () -- C:\windows\TISReg.exe
[2010/06/24 18:12:19 | 000,219,136 | ---- | C] () -- C:\windows\System32\AsusService.exe
[2010/06/24 18:12:19 | 000,025,616 | ---- | C] () -- C:\windows\AsAcpiSvrLang.ini
[2010/06/24 18:10:26 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010/06/24 18:08:32 | 000,011,520 | ---- | C] () -- C:\windows\System32\drivers\AsUpIO.sys
[2010/06/24 18:02:59 | 000,013,931 | ---- | C] () -- C:\windows\System32\RaCoInst.dat
 
========== LOP Check ==========
 
[2011/02/08 23:36:09 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Amazon
[2011/01/21 13:31:10 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Bump Technologies, Inc
[2011/04/06 18:29:49 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\CompanionLink
[2011/01/10 18:07:50 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\DAEMON Tools Lite
[2011/01/28 12:33:11 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/05/14 00:37:20 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Electronic Arts
[2012/05/03 11:04:09 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\EPSON
[2012/02/16 12:37:14 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\FastCopy
[2011/01/28 13:14:55 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Foxit Software
[2011/05/17 16:36:05 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\FreeFLVConverter
[2011/04/06 18:46:02 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\GetRightToGo
[2011/04/05 13:46:14 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\HTC
[2011/01/21 12:59:33 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Miranda
[2011/01/03 23:13:49 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\OpenOffice.org
[2011/04/06 18:46:01 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Softplicity
[2011/01/21 13:21:38 | 000,000,000 | ---D | M] -- C:\Users\Marcus\AppData\Roaming\Windows SideBar
[2012/04/26 12:51:08 | 000,032,640 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*.* >
[2009/06/10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/07/14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2011/06/23 22:21:29 | 001,048,576 | -H-- | M] () -- C:\CAPTURE.AVI
[2009/06/10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2007/11/07 09:00:40 | 000,017,734 | -H-- | M] () -- C:\eula.1028.txt
[2007/11/07 09:00:40 | 000,017,734 | -H-- | M] () -- C:\eula.1031.txt
[2007/11/07 09:00:40 | 000,010,134 | -H-- | M] () -- C:\eula.1033.txt
[2007/11/07 09:00:40 | 000,017,734 | -H-- | M] () -- C:\eula.1036.txt
[2007/11/07 09:00:40 | 000,017,734 | -H-- | M] () -- C:\eula.1040.txt
[2007/11/07 09:00:40 | 000,000,118 | -H-- | M] () -- C:\eula.1041.txt
[2007/11/07 09:00:40 | 000,017,734 | -H-- | M] () -- C:\eula.1042.txt
[2007/11/07 09:00:40 | 000,017,734 | -H-- | M] () -- C:\eula.2052.txt
[2007/11/07 09:00:40 | 000,017,734 | -H-- | M] () -- C:\eula.3082.txt
[2007/11/07 09:00:40 | 000,001,110 | -H-- | M] () -- C:\globdata.ini
[2012/05/13 19:51:53 | 797,581,312 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 09:03:18 | 000,562,688 | -H-- | M] (Microsoft Corporation) -- C:\install.exe
[2007/11/07 09:00:40 | 000,000,843 | -H-- | M] () -- C:\install.ini
[2007/11/07 09:03:18 | 000,076,304 | -H-- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 09:03:18 | 000,096,272 | -H-- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 09:03:18 | 000,091,152 | -H-- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 09:03:18 | 000,097,296 | -H-- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 09:03:18 | 000,095,248 | -H-- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 09:03:18 | 000,081,424 | -H-- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 09:03:18 | 000,079,888 | -H-- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 09:03:18 | 000,075,792 | -H-- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 09:03:18 | 000,096,272 | -H-- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2012/05/13 19:51:58 | 1073,741,824 | -HS- | M] () -- C:\pagefile.sys
[2010/12/28 19:35:33 | 000,002,119 | -H-- | M] () -- C:\RHDSetup.log
[2007/11/07 09:00:40 | 000,005,686 | -H-- | M] () -- C:\vcredist.bmp
[2007/11/07 09:09:22 | 001,442,522 | -H-- | M] () -- C:\VC_RED.cab
[2007/11/07 09:12:28 | 000,232,960 | -H-- | M] () -- C:\VC_RED.MSI
 
< %systemroot%\system32\*.wt >
 
< %systemroot%\system32\*.ruy >
 
< %systemroot%\Fonts\*.com >
[2009/07/14 06:52:25 | 000,026,040 | ---- | M] () -- C:\windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 06:52:25 | 000,026,489 | ---- | M] () -- C:\windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 06:52:25 | 000,029,779 | ---- | M] () -- C:\windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 06:52:25 | 000,043,318 | ---- | M] () -- C:\windows\Fonts\GlobalUserInterface.CompositeFont
 
< %systemroot%\Fonts\*.dll >
 
< %systemroot%\Fonts\*.ini >
[2009/06/10 23:31:19 | 000,000,065 | ---- | M] () -- C:\windows\Fonts\desktop.ini
 
< %systemroot%\Fonts\*.ini2 >
 
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/06/22 19:58:20 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\windows\system32\spool\prtprocs\w32x86\HPZPPLHN.DLL
[2009/07/14 03:15:26 | 000,280,064 | ---- | M] (Hewlett-Packard Corporation) -- C:\windows\system32\spool\prtprocs\w32x86\hpzppw71.dll
[2009/07/14 03:15:26 | 000,090,624 | ---- | M] (Hewlett-Packard Corporation) -- C:\windows\system32\spool\prtprocs\w32x86\HPZPPWN7.DLL
[2009/07/14 03:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 20:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
[2009/07/14 03:16:19 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\spool\prtprocs\w32x86\winprint.dll
 
< %systemroot%\REPAIR\*.bak1 >
 
< %systemroot%\REPAIR\*.ini >
 
< %systemroot%\system32\*.jpg >
 
< %systemroot%\*.scr >
[2009/07/10 14:10:44 | 000,307,568 | ---- | M] (Microsoft Corporation) -- C:\windows\WLXPGSS.SCR
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
< %systemroot%\*._sy >
 
< %APPDATA%\Adobe\Update\*.* >
 
< %ALLUSERSPROFILE%\Favorites\*.* >
 
< %APPDATA%\Microsoft\*.* >
 
< %PROGRAMFILES%\*.* >
[2009/07/14 06:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
 
< %APPDATA%\Update\*.* >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %systemroot%\Tasks\*.job /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\user32.dll /md5 >
[2009/07/14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\windows\system32\user32.dll
 
< %systemroot%\system32\ws2_32.dll /md5 >
[2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\windows\system32\ws2_32.dll
 
< %systemroot%\system32\ws2help.dll /md5 >
[2009/07/14 03:11:26 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=808AABDF9337312195CAFF76D1804786 -- C:\windows\system32\ws2help.dll
 
< MD5 for: EXPLORER.EXE  >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
 
< MD5 for: WININIT.EXE  >
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-05-13 22:42:36
 
<           >

< End of report >
         
--- --- ---
[/code]



Extras:
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 5/14/2012 9:54:43 AM - Run 1
OTL by OldTimer - Version 3.2.42.3     Folder = C:\Users\Marcus\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1014.18 Mb Total Physical Memory | 235.43 Mb Available Physical Memory | 23.21% Memory free
1.99 Gb Paging File | 0.73 Gb Available in Paging File | 36.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 80.00 Gb Total Space | 15.94 Gb Free Space | 19.92% Space Free | Partition Type: NTFS
Drive D: | 54.03 Gb Total Space | 13.59 Gb Free Space | 25.16% Space Free | Partition Type: NTFS
 
Computer Name: MARCUS-EEEPC | User Name: Marcus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07C41E75-88D4-45A6-B4F2-0E75A36617AD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{0A3885C6-B8A6-46A9-8A49-A9C913D8D1F4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1330C376-17AA-432C-8F13-75129C37C549}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{17575CF3-DCBB-4B3C-9A95-0CAAFBFBA718}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{18EF1DE9-896F-4C13-BBB2-2FD990AFDCBC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1B65B3BA-7F73-459C-998F-A94774088207}" = rport=137 | protocol=17 | dir=out | app=system | 
"{230E1CA9-C97D-4E4E-86FC-3AE1C46DBCAC}" = rport=138 | protocol=17 | dir=out | app=system | 
"{2573D109-4EEE-4BBD-B95E-E049E6E29A5B}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{2CE5D76A-BBC1-4835-B6AA-85C8465CD1ED}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{392CEE02-A3EE-430D-AA5E-FEC1B1AC8A20}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{3D2411A3-868D-47C5-90A6-9D2452A35706}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3F7DF836-7684-4D97-89F6-78DC410743D0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{416E336B-CA6B-4866-A9E7-F2F9463CB92A}" = rport=139 | protocol=6 | dir=out | app=system | 
"{47EFD8EF-7C41-4BF0-8E35-ECA7EB990F0C}" = lport=139 | protocol=6 | dir=in | app=system | 
"{4FE3A40A-D7AE-4C16-B2FE-DBE2DC482CCA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{53CC27A5-7396-4F92-A872-228029B1C1C5}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{56764840-778A-49A1-940E-F0E22806E862}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5FF7322A-5A9C-4296-A343-1E6319BC0D92}" = lport=137 | protocol=17 | dir=in | app=system | 
"{6357E87C-F789-4C79-8717-DE4D2635A231}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{63678C75-EF5D-40AA-91A6-7D4908264E0E}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{6ED2F8F2-DED5-43E1-927E-B14EF954791B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{784A2AC3-DA31-4BE6-B9BC-5368B524765A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{7D79EC28-4392-4E85-8DC9-AAEA15026FD2}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{811AD7F3-5434-437B-88D4-61508F96512D}" = rport=445 | protocol=6 | dir=out | app=system | 
"{82550C39-611F-4519-8DA1-D29AA4BFB658}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{88583089-283B-4E85-8649-BBDCF9E43793}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{966438D6-71B9-49C0-9CC4-F32770150E06}" = lport=445 | protocol=6 | dir=in | app=system | 
"{9B41D560-72DB-4D83-9C3B-0485D273F16E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{B85B4608-D475-400A-A335-8F84A9F8A8B1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{BF6DE93D-B6E6-4AC2-BC7B-3A37573DB46C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{C8664489-5B02-42E0-AC8C-31ED06321294}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{CEB565F7-7750-4A66-8714-7D5ACFD4CE49}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | 
"{D21DE822-AAAE-45EE-B6BC-AA2027D4ACA7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E2FCAD9D-23BD-44CF-A02B-FDAC911457FF}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{E5A7DEB9-2B0E-41CE-B198-5EC29EC83035}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E7B47B63-6EE5-4AD0-8B66-036FB615B724}" = lport=138 | protocol=17 | dir=in | app=system | 
"{F602AA5A-9828-4584-BB02-8948F29BFA0E}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{F753DDFC-EAAB-4272-8BF6-1DC4937CD540}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{F9A1924E-2E2C-4B12-9C38-FE312487534B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FAE8E498-C4F3-4DBC-9064-944A21A93197}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E475C57-8585-472D-BADF-FE72DC43C448}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{1FEB2207-1BE1-49E8-843F-1C0D6CEBBFFF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{342C8B45-BD45-40A0-B166-BD3E067062AB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{49FEA0A5-7FAB-4C8C-98B0-CE40E3FDEFC3}" = protocol=6 | dir=out | app=system | 
"{55A014B2-68E5-4B69-91AA-135CEB947963}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{55AA8E81-F9D7-4431-BB12-118C9E16BF45}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5A01866C-A772-478D-AAC7-C754D9D1C513}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{64477760-F130-470A-8F09-35DCDAEFB2ED}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{65051865-47BB-4C5E-8F2E-3485B16BAEFD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{6F89B273-26E0-43FF-B924-D4F5761F8393}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{73F45AA2-31FE-4EAE-9056-594B82D51BCE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{89698982-724C-45EA-8186-3693E616C9CC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{8B3C7334-C42A-4029-A1EA-73308CF3C6D4}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{939CC37C-7F7E-4824-995B-DF81210A0FC8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{9D1B0EBC-C2CB-46E6-8576-AE5AAD58E313}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A6F84EA7-FF24-4DC3-9087-6623280BFFC7}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{B082068D-34B8-4FD3-9FCD-BD517288EF4A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{B9F4398E-5838-4F8F-80F0-BBFE0FE9F248}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{C24DD7FB-FA09-4AE0-AE1D-FF66007954F5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C3ACD4FA-2D1D-428C-9798-4DB4F3C97787}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{C43D9277-9DBE-4639-ABF5-2206458E6D6D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{C45DE543-9306-4E69-8F1C-0755B96BFCA4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C8919642-0D80-4741-9440-E2D305A93A85}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{CD470C28-CA75-4C58-8E07-405C8EB9064F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{D3CDA400-6707-4CA6-B383-6E9F834DBB41}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{DA02A00A-846B-4AE9-908F-B16841D798B7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{DC414A8B-63B8-4A39-A388-00EDB2E7682F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{E73A3FAA-D35F-4948-94CE-8E7DA24C3D56}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{FC14CFF0-4FC2-45FC-B0DE-6D2698E2600E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FD0CD60E-7F14-4E38-88B2-47D316D2E37A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"TCP Query User{03EBD576-41F9-43D6-AE24-70B656C175CE}C:\program files\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files\trillian\trillian.exe | 
"TCP Query User{162B4EC8-0394-4D12-9D1C-0E2FB1933EE6}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{18CEC996-03D4-4383-BD88-6BC3EE19F6D6}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{275E3436-6C4B-423A-B829-40765C995B18}C:\program files\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files\miranda im\miranda32.exe | 
"TCP Query User{809DE0E3-9150-4FBA-A30A-A6EE75641A59}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | 
"TCP Query User{99702156-AF2F-4092-835F-8799A2D8862B}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | 
"TCP Query User{B31CE671-A378-46BA-94F5-FA9F35564CC3}C:\users\marcus\desktop\cryptload 1.1.8\cryptload1.1.8\routerclient.exe" = protocol=6 | dir=in | app=c:\users\marcus\desktop\cryptload 1.1.8\cryptload1.1.8\routerclient.exe | 
"TCP Query User{E90CA908-A45B-41FF-AA5B-754ACB383AC3}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{173A96C5-CF84-44D2-8A33-A3C71FAB64CC}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{4836255E-4AB0-4596-95DE-8EFC1342CC33}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{6EC2220A-4248-4A1A-A9AA-CCD5172BFA76}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | 
"UDP Query User{BFC476AD-4873-40F2-B749-043C8989C2F0}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | 
"UDP Query User{D7162B56-CCBC-4E63-97ED-E1D09AB18E87}C:\program files\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files\miranda im\miranda32.exe | 
"UDP Query User{D7ED3ADA-C3F9-4EE7-AA75-144629B7CDED}C:\program files\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files\trillian\trillian.exe | 
"UDP Query User{E442430F-848B-4292-AB0F-6D137D272B00}C:\users\marcus\desktop\cryptload 1.1.8\cryptload1.1.8\routerclient.exe" = protocol=17 | dir=in | app=c:\users\marcus\desktop\cryptload 1.1.8\cryptload1.1.8\routerclient.exe | 
"UDP Query User{F95F63C0-C463-4E79-A143-467FF4A01E72}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{14757070-5AE3-434C-9880-8F571E5C0FCB}" = Anti-reCAPTCHA v3.02 JD
"{17780F99-A9DF-450B-81B3-6781B20A17A8}" = FontResizer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{30E01116-5666-4807-8EF1-D80E9FF16717}" = Epson Easy Photo Print 2
"{31753CDD-A7DA-4667-BEFC-B3EA3BDF366E}" = Foxit Phantom
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{38E5A3B1-ADF1-47E0-8024-76310A30EB36}" = LiveUpdate
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B5092B6-F231-4D18-83BC-2618B729CA45}" = CapsHook
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{53FB84B2-23CC-47BE-903F-EC1841459509}" = Program-Link FA-CP1 (Single License)
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6333FC29-BFE5-4024-AC78-958A1A7555D1}" = EeeSplendid
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6F3D2F66-F050-45E3-BEB1-6523FE6D6690}" = MotoHelper MergeModules
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71C0E38E-09F2-4386-9977-404D4F6640CD}" = Hotkey Service
"{71F205E9-C01C-47C5-B029-8AAC14AF03F1}" = ClassPad Manager v3  (30 Day Trial)
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BB493F6-1E56-4748-B3A3-D7B1FB6EE2FE}" = Motorola Mobile Drivers Installation 4.7.1
"{84C2B80B-64A2-4B22-93EC-F30C3D6BF7D8}" = Boingo Wi-Fi
"{859D40CF-8491-44AD-8FA8-7389CB418C64}" = 32 Bit HP CIO Components Installer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT2860 Wireless LAN Card
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{B001064C-D061-4BAE-9031-416A838D5536}" = Adobe Flash Player 10 ActiveX
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CD232781-26CA-4E18-BC70-4343A2F0D583}" = Microsoft IntelliPoint 8.0
"{D02F30FB-0BC4-419A-9B9C-ADC610029B50}" = EPSON File Manager
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D44AA979-47C2-4BC0-A860-09A54224EA44}_is1" = Game Park Console
"{D802DD00-16A8-4A58-AFC9-020C2380ECDA}" = EeeSplendid
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F58C1D44-4AC9-48E8-9049-7A6CDFCB415C}" = LocaleMe
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FC984DA1-8718-4557-BAB6-947718C454DF}" = PDF-XChange Viewer
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE" = Windows Driver Package - Broadcom Bluetooth  (07/17/2009 6.2.0.9403)
"B5C82F3814F82FB37F1513B3185399BD88892B08" = Windows Driver Package - Broadcom Bluetooth  (07/29/2009 6.1.7100.0)
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON BX305 Series" = EPSON BX305 Series Printer Uninstall
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free FLV Converter_is1" = Free FLV Converter V 6.94.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.32
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}" = FontResizer
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Miranda IM" = Miranda IM 0.9.14
"MotoHelper" = MotoHelper 2.0.24 Driver 4.7.1
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Total Mail Converter_is1" = TotalMailConverter
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.5
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 4/19/2012 7:40:51 AM | Computer Name = Marcus-EeePC | Source = Application Hang | ID = 1002
Description = Programm SuperOneClick.exe, Version 2.3.3.0 kann nicht mehr unter 
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in
 der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem 
zu suchen.    Prozess-ID: 1360    Startzeit: 01cd1e211c183208    Endzeit: 17    Anwendungspfad: 
C:\Users\Marcus\Desktop\P970 Mod\SuperOneClickv2.3.3-ShortFuse\SuperOneClick.exe

Berichts-ID:
 800317cc-8a14-11e1-bc8b-20cf3052a631  
 
Error - 4/19/2012 7:42:27 AM | Computer Name = Marcus-EeePC | Source = Application Hang | ID = 1002
Description = Programm SuperOneClick.exe, Version 2.3.3.0 kann nicht mehr unter 
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in
 der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem 
zu suchen.    Prozess-ID: 128c    Startzeit: 01cd1e21473cfc71    Endzeit: 25    Anwendungspfad: 
C:\Users\Marcus\Desktop\P970 Mod\SuperOneClickv2.3.3-ShortFuse\SuperOneClick.exe

Berichts-ID:
 b2024975-8a14-11e1-bc8b-20cf3052a631  
 
Error - 4/20/2012 6:03:57 AM | Computer Name = Marcus-EeePC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ONENOTEM.EXE, Version: 12.0.6500.5000,
 Zeitstempel: 0x49a6b036  Name des fehlerhaften Moduls: rapi.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x465eef68  Ausnahmecode: 0xc0000005  Fehleroffset: 0x6e8042ff
ID
 des fehlerhaften Prozesses: 0xbc0  Startzeit der fehlerhaften Anwendung: 0x01cd1edcbb2bcfa7
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
Pfad
 des fehlerhaften Moduls: rapi.dll  Berichtskennung: 246acacb-8ad0-11e1-bcd4-20cf3052a631
 
Error - 4/21/2012 4:25:14 PM | Computer Name = Marcus-EeePC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ONENOTEM.EXE, Version: 12.0.6500.5000,
 Zeitstempel: 0x49a6b036  Name des fehlerhaften Moduls: rapi.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x465eef68  Ausnahmecode: 0xc0000005  Fehleroffset: 0x6e9f42ff
ID
 des fehlerhaften Prozesses: 0xbb0  Startzeit der fehlerhaften Anwendung: 0x01cd1ffca777c598
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
Pfad
 des fehlerhaften Moduls: rapi.dll  Berichtskennung: 19777476-8bf0-11e1-bc36-20cf3052a631
 
Error - 4/24/2012 7:30:20 AM | Computer Name = Marcus-EeePC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ONENOTEM.EXE, Version: 12.0.6500.5000,
 Zeitstempel: 0x49a6b036  Name des fehlerhaften Moduls: rapi.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x465eef68  Ausnahmecode: 0xc0000005  Fehleroffset: 0x720042ff
ID
 des fehlerhaften Prozesses: 0x910  Startzeit der fehlerhaften Anwendung: 0x01cd220d67e40653
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
Pfad
 des fehlerhaften Moduls: rapi.dll  Berichtskennung: df3c408b-8e00-11e1-bc70-20cf3052a631
 
Error - 5/3/2012 4:42:22 AM | Computer Name = Marcus-EeePC | Source = RpcNs | ID = 2
Description = 
 
Error - 5/3/2012 4:42:22 AM | Computer Name = Marcus-EeePC | Source = RpcNs | ID = 2
Description = 
 
Error - 5/3/2012 4:53:15 AM | Computer Name = Marcus-EeePC | Source = VSS | ID = 8194
Description = 
 
Error - 5/3/2012 5:08:27 AM | Computer Name = Marcus-EeePC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: setup.exe_InstallShield, Version:
 16.0.0.400, Zeitstempel: 0x4ab84bb7  Name des fehlerhaften Moduls: ISSetup.dll, Version:
 16.0.0.400, Zeitstempel: 0x4ab84b70  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000a7a6f
ID
 des fehlerhaften Prozesses: 0x1510  Startzeit der fehlerhaften Anwendung: 0x01cd290c4176ea8d
Pfad
 der fehlerhaften Anwendung: C:\Users\Marcus\AppData\Local\Temp\WZSE0.TMP\setup.exe
Pfad
 des fehlerhaften Moduls: C:\Users\Marcus\AppData\Local\Temp\WZSE0.TMP\ISSetup.dll
Berichtskennung:
 8af027a9-94ff-11e1-9883-20cf3052a631
 
Error - 5/6/2012 4:59:51 AM | Computer Name = Marcus-EeePC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ONENOTEM.EXE, Version: 12.0.6500.5000,
 Zeitstempel: 0x49a6b036  Name des fehlerhaften Moduls: rapi.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x465eef68  Ausnahmecode: 0xc0000005  Fehleroffset: 0x703442ff
ID
 des fehlerhaften Prozesses: 0xbec  Startzeit der fehlerhaften Anwendung: 0x01cd2b6663e983c8
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
Pfad
 des fehlerhaften Moduls: rapi.dll  Berichtskennung: d68f7761-9759-11e1-bc2b-20cf3052a631
 
[ System Events ]
Error - 3/11/2012 11:17:36 AM | Computer Name = Marcus-EeePC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows Mobile 2003-basierte Gerätekonnektivität" ist 
vom Dienst "Windows Mobile-basierte Geräteverbindungen" abhängig, der aufgrund folgenden
 Fehlers nicht gestartet wurde:   %%1053
 
Error - 3/11/2012 12:50:06 PM | Computer Name = Marcus-EeePC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Windows Mobile-basierte Geräteverbindungen erreicht.
 
Error - 3/11/2012 12:50:08 PM | Computer Name = Marcus-EeePC | Source = DCOM | ID = 10005
Description = 
 
Error - 3/11/2012 12:50:08 PM | Computer Name = Marcus-EeePC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Mobile-basierte Geräteverbindungen" wurde aufgrund
 folgenden Fehlers nicht gestartet:   %%1053
 
Error - 3/11/2012 4:11:44 PM | Computer Name = Marcus-EeePC | Source = DCOM | ID = 10010
Description = 
 
Error - 3/11/2012 6:24:18 PM | Computer Name = Marcus-EeePC | Source = DCOM | ID = 10010
Description = 
 
Error - 3/11/2012 6:38:30 PM | Computer Name = Marcus-EeePC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst Wlansvc erreicht.
 
Error - 3/11/2012 6:38:34 PM | Computer Name = Marcus-EeePC | Source = DCOM | ID = 10010
Description = 
 
Error - 3/14/2012 11:47:27 AM | Computer Name = Marcus-EeePC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst Netman erreicht.
 
Error - 3/20/2012 4:34:11 AM | Computer Name = Marcus-EeePC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
 
< End of report >
         
--- --- ---
[/code]

Geändert von donniedarko (14.05.2012 um 10:23 Uhr)

 

Themen zu Netbook Backdoor versucht, Passwörter gehackt!
32 bit, antivir, application/pdf, application/pdf:, avira, backdoor, bho, converter, dateisystem, defender, downloader, error, firefox, flash player, format, gmx-account, google, google earth, heuristiks/extra, heuristiks/shuriken, jdownloader, logfile, m.exe, microsoft office word, mozilla, mp3, office 2007, plug-in, programm, pup.dealio.tb, realtek, registry, rundll, searchscopes, security, senden, software, svchost.exe, temp, tracker, udp, version=1.0, wlansvc, youtube downloader




Ähnliche Themen: Netbook Backdoor versucht, Passwörter gehackt!


  1. Computer gehackt, passwörter gestohlen
    Plagegeister aller Art und deren Bekämpfung - 17.09.2015 (28)
  2. Wlan und Passwörter gehackt-Phishing
    Überwachung, Datenschutz und Spam - 20.08.2015 (1)
  3. Passwörter verwalten mit Keepass 2
    Antiviren-, Firewall- und andere Schutzprogramme - 26.12.2014 (8)
  4. Windows 7: FTP-Passwörter geknackt
    Log-Analyse und Auswertung - 09.09.2014 (15)
  5. Passwörter gephised!
    Log-Analyse und Auswertung - 09.04.2014 (15)
  6. System bereinigen nach Backdoor.graybird / backdoor.rustock etc.
    Plagegeister aller Art und deren Bekämpfung - 01.04.2013 (5)
  7. Passwörter gehackt, was tun?
    Plagegeister aller Art und deren Bekämpfung - 13.03.2013 (1)
  8. Wurde mein PC gehackt? Kann der Angreifer immer noch meine Passwörter sehen?
    Log-Analyse und Auswertung - 14.08.2012 (5)
  9. [Gehackt]Gehackt dank nem kleinen Bruder
    Plagegeister aller Art und deren Bekämpfung - 03.02.2011 (2)
  10. Backdoor.Bot / Backdoor.Gootkit / Malware.Trace -> HiJackThis + Malwarebytes logfile
    Log-Analyse und Auswertung - 02.07.2010 (6)
  11. Passwörter ausspioniert
    Log-Analyse und Auswertung - 18.05.2010 (9)
  12. Diverse Passwörter gestohlen
    Log-Analyse und Auswertung - 29.12.2008 (5)
  13. FTP Passwörter ausgespäht
    Plagegeister aller Art und deren Bekämpfung - 30.09.2008 (3)
  14. Amazon Account gehackt + E-mail gehackt !
    Plagegeister aller Art und deren Bekämpfung - 05.05.2008 (16)
  15. passwörter speichern
    Überwachung, Datenschutz und Spam - 09.12.2005 (4)
  16. auweh... alles versucht: mittel gegen neuen backdoor.agent.bt
    Log-Analyse und Auswertung - 06.12.2004 (20)

Zum Thema Netbook Backdoor versucht, Passwörter gehackt! - Hallo Leute, Gestern bekamen ein paar Leute von mir eine Spammail von meinem GMX-Account inkl. Virus. Ich vermute ich hab mir irgendwas eingefangen. Ich hoffe ihr könnt mich weiterhelfen. Code: - Netbook Backdoor versucht, Passwörter gehackt!...
Archiv
Du betrachtest: Netbook Backdoor versucht, Passwörter gehackt! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.