Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Von ICQ übertragener Trojaner - selbstständiges Verschicken von Links - MWB Log dabei

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 18.04.2010, 13:44   #1
seqizn
 
Von ICQ übertragener Trojaner - selbstständiges Verschicken von Links - MWB Log dabei - Standard

Von ICQ übertragener Trojaner - selbstständiges Verschicken von Links - MWB Log dabei



Hallo an alle,

wie schon viele andere habe ich dummerweise über ICQ eine infizierte Datei bekommen. Alles war hinter einem Bild mit .JPG Endung versteckt.

Problem:

Chatfenster werden automatisch geöffnet und dann der besagte Link an alle Leute geschickt.

Habe Malwarebytes durchlaufen lassen und mehrere infizierte Dateien entfernt.
Hier ist mein Log nach dem Scan:

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Datenbank Version: 4003

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18904

18.04.2010 14:32:36
mbam-log-2010-04-18 (14-32-36).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 114639
Laufzeit: 5 Minute(n), 33 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 9

Infizierte Speicherprozesse:
C:\Users\Public\winsvcn.exe (VirTool.DelfInject) -> Unloaded process successfully.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Trojan.BHO) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows system guard (VirTool.DelfInject) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\Public\winsvcn.exe (VirTool.DelfInject) -> Quarantined and deleted successfully.
C:\Users\Alt\AppData\Local\Temp\vqo.exe (VirTool.DelfInject) -> Quarantined and deleted successfully.
C:\Program Files\Exporter.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\NxCharacter.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\NxCooking.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\PhysXCore.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\PhysXLoader.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\SI3.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ICQToolbar\toolbaru.dll (Trojan.BHO) -> Quarantined and deleted successfully.


Wäre super wenn mir jemand sagen könnte, ob es das soweit war, oder ob ich noch weitere Schritte durchführen muss um diesen Plagegeist los zu werden.

Vielen Dank

Alt 18.04.2010, 18:24   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Von ICQ übertragener Trojaner - selbstständiges Verschicken von Links - MWB Log dabei - Standard

Von ICQ übertragener Trojaner - selbstständiges Verschicken von Links - MWB Log dabei



Hallo und

bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 18.04.2010, 21:11   #3
seqizn
 
Von ICQ übertragener Trojaner - selbstständiges Verschicken von Links - MWB Log dabei - Standard

Von ICQ übertragener Trojaner - selbstständiges Verschicken von Links - MWB Log dabei



Ich bedanke mich schon mal ganz herzlich!
Gruß

MWB Log:

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Datenbank Version: 4003

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18904

18.04.2010 22:02:29
mbam-log-2010-04-18 (22-02-29).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 340819
Laufzeit: 1 Stunde(n), 10 Minute(n), 21 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Program Files (x86)\Gamers.IRC\bin\dll\nHTMLn_2.95.dll (Trojan.Agent) -> Quarantined and deleted successfully.





OTL.Txt Log

OTL logfile created on: 18.04.2010 22:06:14 - Run 1
OTL by OldTimer - Version 3.2.1.2 Folder = C:\Users\Alt\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 36,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 117,19 Gb Total Space | 18,84 Gb Free Space | 16,08% Space Free | Partition Type: NTFS
Drive D: | 348,57 Gb Total Space | 191,56 Gb Free Space | 54,95% Space Free | Partition Type: NTFS
Drive E: | 5,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ALT-PC
Current User Name: Alt
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Alt\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
PRC - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe (Crawler.com)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Users\Alt\Program Files (x86)\DNA\btdna.exe (BitTorrent, Inc.)
PRC - D:\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Last.fm\LastFM.exe (Last.fm)
PRC - C:\Program Files (x86)\Napster\napster.exe (Napster)
PRC - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\Program Files (x86)\Winamp\Winamp.exe (Nullsoft)


========== Modules (SafeList) ==========

MOD - C:\Users\Alt\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll ()
SRV - (sp_rssrv) -- C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe (Crawler.com)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software GmbH)
SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2006.11.02 15:34:14 | 000,000,000 | ---D | M]
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (VSS) -- C:\Windows\SysWOW64\wbem\vss.mof ()


========== Driver Services (SafeList) ==========

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\DRIVERS\avipbb.sys ()
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys ()
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys ()
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys ()
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys ()
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys ()
DRV:64bit: - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\SysNative\drivers\usbaudio.sys ()
DRV:64bit: - (SiFilter) -- C:\Windows\SysNative\DRIVERS\SiWinAcc.sys ()
DRV:64bit: - (SiRemFil) -- C:\Windows\SysNative\DRIVERS\SiRemFil.sys ()
DRV:64bit: - (SI3132) -- C:\Windows\SysNative\DRIVERS\SI3132.sys ()
DRV:64bit: - (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\DRIVERS\s115mgmt.sys ()
DRV:64bit: - (s115obex) -- C:\Windows\SysNative\DRIVERS\s115obex.sys ()
DRV:64bit: - (s115mdm) -- C:\Windows\SysNative\DRIVERS\s115mdm.sys ()
DRV:64bit: - (s115mdfl) -- C:\Windows\SysNative\DRIVERS\s115mdfl.sys ()
DRV:64bit: - (s115bus) Sony Ericsson Device 115 driver (WDM) -- C:\Windows\SysNative\DRIVERS\s115bus.sys ()
DRV:64bit: - (ADIHdAudAddService) -- C:\Windows\SysNative\drivers\ADIHdAud.sys ()
DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys ()
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys ()
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.schuelervz.net/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~2\ICQTOO~1\toolbaru.dll File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "hxxp://www.schuelervz.net/"
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.04.06 13:30:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.04.06 13:30:59 | 000,000,000 | ---D | M]

[2009.06.26 00:23:46 | 000,000,000 | ---D | M] -- C:\Users\Alt\AppData\Roaming\mozilla\Extensions
[2010.04.18 16:39:41 | 000,000,000 | ---D | M] -- C:\Users\Alt\AppData\Roaming\mozilla\Firefox\Profiles\ezu3vptq.default\extensions
[2009.09.02 19:58:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Alt\AppData\Roaming\mozilla\Firefox\Profiles\ezu3vptq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.06.26 00:23:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.04.06 13:30:57 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.04.06 13:30:57 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.04.06 13:30:57 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.04.06 13:30:57 | 000,000,986 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.04.06 13:30:57 | 000,000,801 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll File not found
O3 - HKLM\..\Toolbar: (ICQ Toolbar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~2\ICQTOO~1\toolbaru.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (ICQ Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\PROGRA~2\ICQTOO~1\toolbaru.dll File not found
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\Demos\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [iTunesHelper] D:\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NapsterShell] C:\Program Files (x86)\Napster\napster.exe (Napster)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files (x86)\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [BitTorrent DNA] C:\Users\Alt\Program Files (x86)\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [SpywareTerminatorUpdate] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKCU..\Run: [Steam] c:\program files (x86)\steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab (CDownloadCtrl Object)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-24-0.cab (EPUImageControl Class)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://static.pe.schuelervz.net/photouploader/ImageUploader5.cab?nocache=1223651805 (Image Uploader Control)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} hxxp://www.systemrequirementslab.com/sysreqlab2.cab (Reg Error: Key error.)
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} hxxp://static.ak.schuelervz.net/photouploader/ImageUploader4.cab?nocache=20071128-1 (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A20B1BB0-AC3D-4530-85F3-791B81303190} hxxp://xtraz.icq.com/xtraz/products/photo/english/ICQDevilImg.cab (ICQDevilImg Control)
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} hxxp://static.ak.schuelervz.net/photouploader/ImageUploader5.cab?nocache=20080115-1 (Image Uploader Control)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab (EPUImageControl Class)
O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} hxxp://www.fiaa.eu/OPLauncher.cab (Perparer Class)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} hxxp://www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Alt\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Alt\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.02.10 03:55:59 | 000,423,304 | R--- | M] (Electronic Arts) - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2010.02.10 08:21:09 | 000,000,000 | ---D | M] - E:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2010.01.31 10:21:13 | 000,367,686 | R--- | M] () - E:\Autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2010.02.10 04:55:03 | 009,965,568 | R--- | M] () - E:\autorun.dat -- [ CDFS ]
O32 - AutoRun File - [2010.02.10 04:54:55 | 000,000,155 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{0f51fb27-19c9-11dc-8e0c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0f51fb27-19c9-11dc-8e0c-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.02.10 03:55:59 | 000,423,304 | R--- | M] (Electronic Arts)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.04.18 22:04:38 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Users\Alt\Desktop\OTL.exe
[2010.04.18 14:19:10 | 000,000,000 | ---D | C] -- C:\Users\Alt\AppData\Roaming\Malwarebytes
[2010.04.18 14:18:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.04.18 14:18:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.04.18 14:18:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.04.18 14:18:02 | 005,918,720 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Alt\Desktop\mbam-setup-1.45.exe
[2010.04.18 14:00:02 | 000,000,000 | ---D | C] -- C:\Users\Alt\AppData\Local\AOL
[2010.04.18 13:59:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.1
[2010.04.18 13:58:38 | 012,186,536 | ---- | C] (ICQ) -- C:\Program Files (x86)\install_icq7.exe
[2010.04.17 18:21:12 | 000,000,000 | ---D | C] -- C:\Users\Alt\AppData\Roaming\Spyware Terminator
[2010.04.17 18:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2010.04.17 18:20:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator
[2010.04.17 17:56:38 | 000,000,000 | ---D | C] -- C:\Users\Alt\AppData\Roaming\Avira
[2010.04.17 17:53:31 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys
[2010.04.17 17:53:31 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys
[2010.04.17 17:53:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.04.17 17:53:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2010.04.14 22:11:47 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010.04.14 22:11:43 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codeca.acm
[2010.04.14 15:45:06 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010.04.14 15:45:04 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010.04.05 18:31:15 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2010.04.05 18:31:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010.04.05 18:29:32 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.03.31 13:49:41 | 000,916,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2010.03.31 13:49:40 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2010.03.31 13:49:40 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2010.03.31 13:49:40 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010.03.31 13:49:40 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2010.03.31 13:49:40 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2010.03.31 13:49:39 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.03.31 13:49:39 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2010.03.31 13:49:39 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.03.31 13:49:39 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2010.03.31 13:49:39 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2010.03.31 13:49:39 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2010.03.31 13:49:39 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2010.03.31 13:49:39 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2010.03.31 13:49:39 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2010.03.31 13:49:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2008.10.25 17:02:08 | 132,831,016 | ---- | C] (NVIDIA Corporation ) -- C:\Users\Alt\178.24_geforce_winvista_64bit_international_whql.exe
[2008.07.30 04:40:29 | 039,968,152 | ---- | C] (Activision ) -- C:\Users\Alt\CoD4MW-1.6-1.7-PatchSetup.exe
[2008.07.30 04:33:38 | 296,330,688 | ---- | C] (Activision ) -- C:\Users\Alt\CoD4MW-1.6-PatchSetup.exe
[2008.07.30 01:15:29 | 000,305,672 | ---- | C] (Microsoft Corporation) -- C:\Users\Alt\dxwebsetup.exe
[2008.07.15 00:04:43 | 001,156,096 | ---- | C] (Irfan Skiljan) -- C:\Users\Alt\iview410_setup.exe
[2008.05.25 20:49:02 | 026,841,805 | ---- | C] (eRightSoft ) -- C:\Users\Alt\SUPERsetup.exe
[2008.05.07 20:12:07 | 016,500,592 | ---- | C] (DivX, Inc.) -- C:\Users\Alt\DivXInstaller.exe
[2007.12.16 18:36:32 | 000,364,136 | ---- | C] (Digital River) -- C:\Users\Alt\CoD4MW-1-3-PatchSetup-exe.exe
[2007.08.13 17:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\Alt\AppData\Local\CDRip.dll
[2007.06.19 17:39:54 | 027,288,880 | ---- | C] (Apple Inc.) -- C:\Users\Alt\QuickTimeInstaller.exe
[2007.06.18 19:34:19 | 004,179,293 | ---- | C] (Lavalys, Inc. ) -- C:\Program Files (x86)\everesthome220.exe
[2007.01.18 21:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Users\Alt\AppData\Local\No23 Recorder.exe
[2006.12.11 19:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\Alt\AppData\Local\basscd.dll
[2006.12.11 19:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\Alt\AppData\Local\bass.dll

========== Files - Modified Within 30 Days ==========

[2010.04.18 22:08:00 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F23B811E-3D5E-4070-B3E9-6013F476CE45}.job
[2010.04.18 22:05:01 | 013,893,632 | -HS- | M] () -- C:\Users\Alt\ntuser.dat
[2010.04.18 22:04:42 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Alt\Desktop\OTL.exe
[2010.04.18 22:00:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.04.18 21:58:00 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.04.18 20:48:14 | 000,003,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.18 20:48:14 | 000,003,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.18 18:14:32 | 018,446,004 | ---- | M] () -- C:\Users\Alt\Desktop\18042010005.mp4
[2010.04.18 17:00:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.04.18 14:54:31 | 001,445,786 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.04.18 14:54:31 | 000,628,210 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.04.18 14:54:31 | 000,594,776 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.04.18 14:54:31 | 000,126,850 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.04.18 14:54:31 | 000,104,210 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.04.18 14:48:41 | 000,034,705 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.04.18 14:48:15 | 000,034,705 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.04.18 14:48:13 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.04.18 14:48:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.04.18 14:48:10 | 4293,451,776 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.18 14:46:51 | 000,524,288 | -HS- | M] () -- C:\Users\Alt\ntuser.dat{060a5077-d963-11dc-8da2-001a92dada5e}.TMContainer00000000000000000001.regtrans-ms
[2010.04.18 14:46:51 | 000,065,536 | -HS- | M] () -- C:\Users\Alt\ntuser.dat{060a5077-d963-11dc-8da2-001a92dada5e}.TM.blf
[2010.04.18 14:46:45 | 003,966,633 | -H-- | M] () -- C:\Users\Alt\AppData\Local\IconCache.db
[2010.04.18 14:18:34 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.18 14:18:07 | 005,918,720 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Alt\Desktop\mbam-setup-1.45.exe
[2010.04.18 14:00:26 | 000,001,663 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.1.lnk
[2010.04.18 13:58:50 | 012,186,536 | ---- | M] (ICQ) -- C:\Program Files (x86)\install_icq7.exe
[2010.04.17 18:21:18 | 000,142,592 | ---- | M] () -- C:\Windows\SysWow64\drivers\sp_rsdrv2.sys
[2010.04.17 17:53:40 | 000,001,901 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.04.16 18:43:39 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.04.16 18:43:39 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.04.16 17:16:14 | 000,000,412 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2010.04.16 16:35:44 | 000,193,988 | ---- | M] () -- C:\Users\Alt\Desktop\Hammer score.JPG
[2010.04.16 15:06:25 | 000,250,655 | ---- | M] () -- C:\Users\Alt\Desktop\IMG_0480.JPG
[2010.04.16 10:08:10 | 001,877,894 | ---- | M] () -- C:\Users\Alt\Desktop\DSCF6015.JPG
[2010.04.14 18:54:31 | 001,109,177 | ---- | M] () -- C:\Users\Alt\Desktop\IMG_0479.JPG
[2010.04.14 01:42:22 | 002,889,536 | ---- | M] () -- C:\Users\Alt\Desktop\Whitechapel - The Darkest Day of Man.mp3
[2010.04.09 19:31:05 | 010,445,350 | ---- | M] () -- C:\Users\Alt\Desktop\03-justice-phantom_pt_ii_boys_noize_remix.mp3
[2010.04.09 15:00:51 | 004,726,980 | ---- | M] () -- C:\Users\Alt\Desktop\Heaven Shall Burn - The Omen.mp3
[2010.04.06 16:33:34 | 000,130,560 | ---- | M] () -- C:\Users\Alt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.05 18:31:09 | 000,000,987 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010.03.29 15:24:58 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.03.29 15:24:46 | 000,024,664 | ---- | M] () -- C:\Windows\SysNative\drivers\mbam.sys
[2010.03.25 18:42:08 | 546,397,057 | ---- | M] () -- C:\Windows\MEMORY.DMP

========== Files Created - No Company Name ==========

[2010.04.18 21:05:26 | 018,446,004 | ---- | C] () -- C:\Users\Alt\Desktop\18042010005.mp4
[2010.04.18 14:18:34 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.18 14:18:29 | 000,024,664 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2010.04.18 14:00:26 | 000,001,663 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.1.lnk
[2010.04.17 18:21:18 | 000,142,592 | ---- | C] () -- C:\Windows\SysWow64\drivers\sp_rsdrv2.sys
[2010.04.17 17:53:40 | 000,001,901 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.04.17 17:53:31 | 000,116,568 | ---- | C] () -- C:\Windows\SysNative\drivers\avipbb.sys
[2010.04.17 17:53:31 | 000,081,072 | ---- | C] () -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010.04.17 17:52:11 | 000,414,502 | ---- | C] () -- C:\Users\Alt\AppData\Local\dd_vcredistMSI45F9.txt
[2010.04.17 17:52:11 | 000,011,590 | ---- | C] () -- C:\Users\Alt\AppData\Local\dd_vcredistUI45F9.txt
[2010.04.17 16:09:59 | 001,877,894 | ---- | C] () -- C:\Users\Alt\Desktop\DSCF6015.JPG
[2010.04.16 16:35:44 | 000,193,988 | ---- | C] () -- C:\Users\Alt\Desktop\Hammer score.JPG
[2010.04.16 14:31:08 | 000,250,655 | ---- | C] () -- C:\Users\Alt\Desktop\IMG_0480.JPG
[2010.04.16 14:31:07 | 001,109,177 | ---- | C] () -- C:\Users\Alt\Desktop\IMG_0479.JPG
[2010.04.14 22:11:56 | 001,420,688 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys
[2010.04.14 22:11:55 | 000,224,256 | ---- | C] () -- C:\Windows\SysNative\iphlpsvc.dll
[2010.04.14 22:11:55 | 000,029,696 | ---- | C] () -- C:\Windows\SysNative\drivers\tunnel.sys
[2010.04.14 22:11:52 | 000,273,920 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2010.04.14 22:11:52 | 000,135,168 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb.sys
[2010.04.14 22:11:52 | 000,105,472 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb20.sys
[2010.04.14 22:11:50 | 004,690,832 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe
[2010.04.14 22:11:47 | 000,612,864 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll
[2010.04.14 22:11:43 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\l3codeca.acm
[2010.04.14 17:13:32 | 004,726,980 | ---- | C] () -- C:\Users\Alt\Desktop\Heaven Shall Burn - The Omen.mp3
[2010.04.14 15:45:06 | 000,104,960 | ---- | C] () -- C:\Windows\SysNative\cabview.dll
[2010.04.14 15:45:04 | 000,218,112 | ---- | C] () -- C:\Windows\SysNative\wintrust.dll
[2010.04.14 01:42:12 | 002,889,536 | ---- | C] () -- C:\Users\Alt\Desktop\Whitechapel - The Darkest Day of Man.mp3
[2010.04.13 16:18:50 | 000,294,912 | ---- | C] () -- C:\Windows\SysNative\browserchoice.exe
[2010.04.09 19:30:15 | 010,445,350 | ---- | C] () -- C:\Users\Alt\Desktop\03-justice-phantom_pt_ii_boys_noize_remix.mp3
[2010.04.05 18:31:09 | 000,000,987 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010.03.31 13:49:43 | 009,243,136 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2010.03.31 13:49:42 | 012,464,128 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2010.03.31 13:49:41 | 002,334,208 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2010.03.31 13:49:41 | 001,484,288 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2010.03.31 13:49:40 | 001,538,560 | ---- | C] () -- C:\Windows\SysNative\inetcpl.cpl
[2010.03.31 13:49:40 | 001,147,904 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2010.03.31 13:49:40 | 001,062,912 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2010.03.31 13:49:40 | 000,700,928 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2010.03.31 13:49:40 | 000,459,776 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2010.03.31 13:49:40 | 000,243,712 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2010.03.31 13:49:39 | 001,638,912 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2010.03.31 13:49:39 | 000,252,416 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2010.03.31 13:49:39 | 000,219,136 | ---- | C] () -- C:\Windows\SysNative\ieui.dll
[2010.03.31 13:49:39 | 000,162,816 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2010.03.31 13:49:39 | 000,132,096 | ---- | C] () -- C:\Windows\SysNative\iesysprep.dll
[2010.03.31 13:49:39 | 000,077,312 | ---- | C] () -- C:\Windows\SysNative\iesetup.dll
[2010.03.31 13:49:39 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\iernonce.dll
[2010.03.31 13:49:39 | 000,071,680 | ---- | C] () -- C:\Windows\SysNative\msfeedsbs.dll
[2010.03.31 13:49:39 | 000,070,656 | ---- | C] () -- C:\Windows\SysNative\ie4uinit.exe
[2010.03.31 13:49:39 | 000,031,744 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2010.03.31 13:49:39 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\msfeedssync.exe
[2010.02.02 18:40:33 | 000,418,448 | ---- | C] () -- C:\Users\Alt\AppData\Local\dd_vcredistMSI5526.txt
[2010.02.02 18:40:33 | 000,014,054 | ---- | C] () -- C:\Users\Alt\AppData\Local\dd_vcredistUI5526.txt
[2009.12.15 17:29:13 | 000,422,734 | ---- | C] () -- C:\Users\Alt\AppData\Local\dd_vcredistMSI2A0A.txt
[2009.12.15 17:29:13 | 000,011,452 | ---- | C] () -- C:\Users\Alt\AppData\Local\dd_vcredistUI2A0A.txt
[2009.11.22 03:23:23 | 000,034,705 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.11.22 03:23:23 | 000,034,705 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.10.13 01:07:58 | 000,001,464 | ---- | C] () -- C:\Users\Alt\AppData\Local\RecConfig.xml
[2009.01.26 16:10:12 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.01.26 16:08:59 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008.10.22 06:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008.06.11 02:07:20 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008.06.11 02:03:26 | 000,000,416 | ---- | C] () -- C:\Windows\SysWow64\dtu100.dll.manifest
[2008.06.05 08:58:26 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.05.30 16:50:44 | 000,945,160 | ---- | C] () -- C:\Users\Alt\MoveMediaPlayer_07100121.exe
[2008.05.25 20:49:42 | 000,408,576 | ---- | C] () -- C:\Windows\SysWow64\Smab.dll
[2008.05.25 20:49:42 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2008.05.25 20:49:29 | 000,027,648 | -HS- | C] () -- C:\Windows\SysWow64\Smab0.dll
[2008.03.23 15:02:21 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.03.08 16:23:30 | 001,283,968 | ---- | C] () -- C:\Users\Alt\octosetup_v_l_odd.exe
[2008.02.12 18:00:48 | 000,524,288 | -HS- | C] () -- C:\Users\Alt\ntuser.dat{060a5077-d963-11dc-8da2-001a92dada5e}.TMContainer00000000000000000002.regtrans-ms
[2008.02.12 18:00:48 | 000,524,288 | -HS- | C] () -- C:\Users\Alt\ntuser.dat{060a5077-d963-11dc-8da2-001a92dada5e}.TMContainer00000000000000000001.regtrans-ms
[2008.02.12 18:00:48 | 000,065,536 | -HS- | C] () -- C:\Users\Alt\ntuser.dat{060a5077-d963-11dc-8da2-001a92dada5e}.TM.blf
[2008.02.01 19:47:51 | 000,524,288 | -HS- | C] () -- C:\Users\Alt\ntuser.dat{afc2e927-d0af-11dc-8d55-001a92dada5e}.TMContainer00000000000000000002.regtrans-ms
[2008.02.01 19:47:51 | 000,524,288 | -HS- | C] () -- C:\Users\Alt\ntuser.dat{afc2e927-d0af-11dc-8d55-001a92dada5e}.TMContainer00000000000000000001.regtrans-ms
[2008.02.01 19:47:51 | 000,065,536 | -HS- | C] () -- C:\Users\Alt\ntuser.dat{afc2e927-d0af-11dc-8d55-001a92dada5e}.TM.blf
[2008.01.28 00:55:09 | 000,000,095 | ---- | C] () -- C:\Windows\winamp.ini
[2007.11.10 19:10:24 | 000,358,279 | ---- | C] () -- C:\Users\Alt\pb.htm
[2007.11.10 19:10:21 | 000,000,000 | ---- | C] () -- C:\Users\Alt\pbsecsv.htm
[2007.11.10 19:10:21 | 000,000,000 | ---- | C] () -- C:\Users\Alt\pbsec.htm
[2007.11.10 19:10:05 | 000,000,082 | ---- | C] () -- C:\Users\Alt\pbuser.htm
[2007.11.10 19:09:46 | 000,005,527 | ---- | C] () -- C:\Users\Alt\eula.txt
[2007.11.10 19:09:45 | 000,009,297 | ---- | C] () -- C:\Users\Alt\pbgame.htm
[2007.10.12 23:06:23 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2007.10.04 15:47:33 | 000,000,091 | ---- | C] () -- C:\Users\Alt\AppData\Local\fusioncache.dat
[2007.10.03 19:53:52 | 001,491,338 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2007.08.15 23:09:09 | 009,679,828 | ---- | C] () -- C:\Users\Alt\vlc-0.8.6c-win32.exe
[2007.08.13 17:46:00 | 000,155,136 | ---- | C] () -- C:\Users\Alt\AppData\Local\lame_enc.dll
[2007.08.05 03:34:27 | 000,524,288 | -HS- | C] () -- C:\Users\Alt\ntuser.dat{d0a6c26c-42db-11dc-9940-001a92dada5e}.TMContainer00000000000000000002.regtrans-ms
[2007.08.05 03:34:27 | 000,524,288 | -HS- | C] () -- C:\Users\Alt\ntuser.dat{d0a6c26c-42db-11dc-9940-001a92dada5e}.TMContainer00000000000000000001.regtrans-ms
[2007.08.05 03:34:27 | 000,065,536 | -HS- | C] () -- C:\Users\Alt\ntuser.dat{d0a6c26c-42db-11dc-9940-001a92dada5e}.TM.blf
[2007.08.05 00:45:43 | 000,024,226 | ---- | C] () -- C:\Users\Alt\AppData\Roaming\UserTile.png
[2007.08.01 18:08:24 | 006,051,840 | ---- | C] () -- C:\Users\Alt\icq5_1_german_setup.exe
[2007.06.17 22:22:39 | 007,582,994 | ---- | C] () -- C:\Users\Alt\Vent.rar
[2007.06.17 22:17:22 | 001,449,865 | ---- | C] () -- C:\Users\Alt\wrar370d.exe
[2007.06.17 18:02:17 | 000,172,032 | ---- | C] () -- C:\Users\Alt\hvdi.dll
[2007.06.17 18:02:17 | 000,151,552 | ---- | C] () -- C:\Users\Alt\libspeex.dll
[2007.06.17 02:14:09 | 000,000,023 | ---- | C] () -- C:\Windows\MegaManager.INI
[2007.06.16 18:14:53 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2007.06.16 15:23:47 | 000,130,560 | ---- | C] () -- C:\Users\Alt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.06.16 13:23:18 | 000,021,822 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2007.06.16 13:23:12 | 000,010,288 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007.06.16 13:19:12 | 000,001,460 | ---- | C] () -- C:\Users\Alt\AppData\Local\d3d9caps64.dat
[2007.06.16 13:19:11 | 013,893,632 | -HS- | C] () -- C:\Users\Alt\ntuser.dat
[2007.06.16 13:19:11 | 000,524,288 | -HS- | C] () -- C:\Users\Alt\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms
[2007.06.16 13:19:11 | 000,524,288 | -HS- | C] () -- C:\Users\Alt\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2007.06.16 13:19:11 | 000,262,144 | -H-- | C] () -- C:\Users\Alt\ntuser.dat.LOG2
[2007.06.16 13:19:11 | 000,262,144 | -H-- | C] () -- C:\Users\Alt\ntuser.dat.LOG1
[2007.06.16 13:19:11 | 000,065,536 | -HS- | C] () -- C:\Users\Alt\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2007.06.16 13:19:11 | 000,000,020 | -HS- | C] () -- C:\Users\Alt\ntuser.ini
[2006.10.26 01:06:48 | 000,064,000 | ---- | C] () -- C:\Users\Alt\AppData\Local\vorbisenc.dll
[2006.10.26 01:06:48 | 000,019,456 | ---- | C] () -- C:\Users\Alt\AppData\Local\vorbisfile.dll
[2006.10.26 01:06:46 | 000,143,872 | ---- | C] () -- C:\Users\Alt\AppData\Local\vorbis.dll
[2006.10.26 01:06:36 | 000,015,872 | ---- | C] () -- C:\Users\Alt\AppData\Local\ogg.dll
[2005.08.23 22:34:06 | 000,029,184 | ---- | C] () -- C:\Users\Alt\AppData\Local\no23xwrapper.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 451 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report >
__________________

Alt 18.04.2010, 21:12   #4
seqizn
 
Von ICQ übertragener Trojaner - selbstständiges Verschicken von Links - MWB Log dabei - Standard

Von ICQ übertragener Trojaner - selbstständiges Verschicken von Links - MWB Log dabei



Ich bedanke mich schon mal ganz herzlich!
Gruß

Extras.Txt Log

OTL Extras logfile created on: 18.04.2010 22:06:14 - Run 1
OTL by OldTimer - Version 3.2.1.2 Folder = C:\Users\Alt\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 36,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 117,19 Gb Total Space | 18,84 Gb Free Space | 16,08% Space Free | Partition Type: NTFS
Drive D: | 348,57 Gb Total Space | 191,56 Gb Free Space | 54,95% Space Free | Partition Type: NTFS
Drive E: | 5,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ALT-PC
Current User Name: Alt
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l ()
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- D:\Demos\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- D:\Demos\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- D:\Demos\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- D:\Demos\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = EB 69 88 6E C5 7F C9 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{558ADA68-63EF-47A1-812C-774D2FC1B3A8}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C0134-D718-4504-8AFF-CFF7820B6609}" = protocol=6 | dir=in | app=d:\d\games\bf2.exe |
"{00C3357A-1F13-4C77-8B95-00226A0B3C6E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{01D8DE56-D9E4-4195-896C-BF310C983ED7}" = protocol=17 | dir=in | app=d:\demos\utorrent.exe |
"{08E148FD-EE2D-4600-AA3D-942A3C268B15}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-engb-downloader.exe |
"{10E6E9D6-A289-48F7-B77C-8F297C557DF4}" = protocol=17 | dir=in | app=d:\d\games\bf2.exe |
"{1657DE85-F789-41DB-AF88-CB3BDDEF9105}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.1\aolload.exe |
"{191917A4-387D-4A8C-B8CC-D866C5A92094}" = protocol=6 | dir=in | app=d:\s.t.a.l.k.e.r. - shadow of chernobyl\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{1C8330A4-9D9F-46C8-906B-CDFDD2B6F5FD}" = protocol=6 | dir=in | app=c:\program files (x86)\sierra\fear\fear.exe |
"{1CBB2672-2C3D-4D21-B12C-5CC8F620A3D4}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-engb-downloader.exe |
"{1D2EA81D-7762-4401-8289-92E28D86D7BD}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{1E2593D1-8199-44DD-9B57-F99809661080}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{23E94CF2-C65D-483A-A9E8-FE01FB6EB7C0}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.1.9835-to-3.1.2.9901-engb-downloader.exe |
"{2B22697D-F592-4376-BE24-E323EAADEFE2}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-engb-downloader.exe |
"{2D4A8CFF-B149-429C-B7FC-14C5999B1BA3}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{2E2680F7-15B4-4E90-B60D-7BE4DDC4AC1F}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.1.0-engb-downloader.exe |
"{314A2863-5665-4910-ADBC-CF9EC826CAEE}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{3A84FACF-1E53-4229-A5A1-40653AA23DA4}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{400364C6-3624-4690-99F6-4B262B4314BE}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{420BBFFE-B252-4030-8CB1-21A9ACC4AF0F}" = protocol=6 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{46DDC878-73DD-4263-B85C-A1A77A08F0DF}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.1\icq.exe |
"{484743D7-F002-476D-A5FA-197D65940ADF}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.1\aolload.exe |
"{4A1AD0E5-C504-47F5-93A2-A2AEC2CFCD3A}" = protocol=17 | dir=in | app=d:\s.t.a.l.k.e.r. - shadow of chernobyl\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{51222113-7E30-49EB-9195-8B2441C9371B}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5431546A-7894-432C-9E66-4504C2F7CF24}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.1\icq.exe |
"{5554AC47-4F27-45A7-B07C-DF863E378B50}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5C0D00B2-1CB6-40C7-8048-C2F17B653DB5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{5EE7ED46-9113-49D1-9162-E24677B7B924}" = protocol=6 | dir=in | app=d:\itunes.exe |
"{5F3BA9F9-EF2A-4C6F-B1C9-A666F9C24AB2}" = protocol=17 | dir=in | app=d:\kaneandlynch.exe |
"{611C65B4-76B2-4593-BF89-27F4CF6BB86F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{6140BB47-C4B3-421D-B540-12C84A11CB90}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.1\icq.exe |
"{625FDE68-BD64-472B-A165-64C145BC4C59}" = protocol=17 | dir=in | app=c:\program files (x86)\sierra\fear\fearmp.exe |
"{6EA2F6EB-D762-4A58-844B-6F5FD45BFA88}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{6EC3B56F-C3FA-45B0-9450-060723BF0607}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{6ED0E2F9-9D87-4B8F-B593-105C084B8F9D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{6FA21880-33E6-45C4-9A2F-6E46F8DEFD8E}" = protocol=17 | dir=in | app=d:\grand theft auto iv\launchgtaiv.exe |
"{6FF6F509-7D91-4C78-9B42-533ACEB3E9A3}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.1\aolload.exe |
"{72E0FF85-30E4-4848-9E39-DC0524038C5D}" = protocol=17 | dir=in | app=d:\beta\bfbc2betaupdater.exe |
"{797A6A56-ACD7-42A9-AF21-E8A1CEA56D90}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.1\aolload.exe |
"{7A1E68E4-431E-4C3E-AFF9-09210982D8AD}" = protocol=6 | dir=in | app=d:\grand theft auto iv\launchgtaiv.exe |
"{804E6364-7DC7-4B46-A49A-62C9993B1248}" = protocol=6 | dir=in | app=d:\s.t.a.l.k.e.r. - shadow of chernobyl\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{81361FD5-BA02-498A-9D51-9199DA44F059}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-engb-downloader.exe |
"{8370602E-34C6-4700-B633-2AE2981BCAC2}" = protocol=17 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{89698B96-BF20-4E48-AB9D-FBDC18EACCBC}" = protocol=6 | dir=in | app=d:\kaneandlynch.exe |
"{8BD748DB-18D8-4524-89CB-4AB7C9E1499F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{9012E75C-59AC-4127-80FA-0FEFF80AEC4D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{9424EE90-0C65-4909-B843-FBB9133C4BF5}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{979D81F7-516E-4EE5-85D1-7759F1421945}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.1\icq.exe |
"{A08CF2DF-A085-47A8-B369-D287E92D819D}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{A08F378D-A2A4-4D45-94E7-837869799B52}" = protocol=6 | dir=in | app=d:\demos\utorrent.exe |
"{A1ECD2B6-5E8C-4C67-8EA8-61AEA3FCD998}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.3.9183-to-3.0.8.9464-engb-downloader.exe |
"{A2D32DC7-A8C4-4FA9-87E8-8C265248695D}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{A35476ED-B5B4-44CE-B594-D0C0CEDF71BE}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.1.9835-to-3.1.2.9901-engb-downloader.exe |
"{A6F26232-8FA9-4837-B8E8-773FEE264E9D}" = protocol=6 | dir=in | app=d:\demos\bfbc2updater.exe |
"{AD982B07-BBFA-4C75-A7D9-BC705D754C74}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis mp beta\bin32\crysis.exe |
"{ADF085BA-651D-4029-8CF9-A692AB53BF62}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-engb-downloader.exe |
"{B4DC9930-F7A2-41F2-A1DD-F337E350FC0A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B6A40176-D776-4FED-A657-52646D77E312}" = protocol=6 | dir=in | app=d:\rockstar games social club\rgsclauncher.exe |
"{B90D9A54-67C8-4A81-ACA8-424DBD884143}" = protocol=6 | dir=in | app=d:\beta\bfbc2betaupdater.exe |
"{BBB785DC-9DC0-4B1D-A0A7-D165A22F6E01}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-engb-downloader.exe |
"{BE268549-BE91-47E7-B3A1-D537BEC5409C}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.3.9183-to-3.0.8.9464-engb-downloader.exe |
"{BE7723D0-BEA5-417B-B4B6-E5387E0B54CA}" = protocol=17 | dir=in | app=c:\program files (x86)\sierra\fear\fear.exe |
"{C2093446-B88E-428D-9CD3-33D3CA260692}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{C2AC269F-3C4F-4BF6-87C5-DAE18DBFB55F}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.1.0-engb-downloader.exe |
"{C66A65DD-D937-4ED3-9AAD-1642A4C91F21}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-engb-downloader.exe |
"{D221B1F1-F725-443B-909F-EB66477B7763}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{DAB2099C-B524-46F0-9591-1A7405A33399}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-engb-downloader.exe |
"{DDF0DA78-9691-448C-BE1B-CF567F5461DD}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{E11D4A56-AEBE-4909-B6FE-6F6EAFB804C7}" = protocol=17 | dir=in | app=d:\rockstar games social club\rgsclauncher.exe |
"{E12849CA-1037-436F-A6B4-F6770D9C4696}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis mp beta\bin32\crysis.exe |
"{EC7211D6-63E2-406F-9F84-F54181D84B58}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{ED6E87CE-3E98-4696-8C1E-264DD21736ED}" = protocol=17 | dir=in | app=d:\demos\bfbc2updater.exe |
"{EDB33608-0745-427E-8A4C-EA96A04CAC98}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{F10C79E7-C3CE-44A0-B37C-3D34EF14D231}" = protocol=17 | dir=in | app=d:\s.t.a.l.k.e.r. - shadow of chernobyl\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{F4BC33AF-4CE4-4D6E-995E-647739716349}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F960D4F7-2260-4DB7-8CBA-D602C8B74B24}" = protocol=17 | dir=in | app=d:\itunes.exe |
"{FBBBA5F0-80EB-4ADD-ADAB-816D3BCB62B6}" = protocol=6 | dir=in | app=c:\program files (x86)\sierra\fear\fearmp.exe |
"TCP Query User{00401DEE-CACE-46F6-831C-B4DDBFFE8DB0}C:\program files (x86)\steam\steamapps\31072015\opposing force\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\31072015\opposing force\hl.exe |
"TCP Query User{05D088B4-59B7-4950-889D-0B74A5470DCD}C:\users\alt\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\alt\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{0C9F5F89-7F30-41F0-B689-39703991B600}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{0FD9136B-C5E0-4937-935A-830DCBB8A88A}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{1485BD0D-156A-4B90-AFA1-FB8131296408}D:\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-dede-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-dede-downloader.exe |
"TCP Query User{1A41FEC0-F88E-403C-B3A1-F3BB1AB6882F}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{1B2FA7AE-3C13-4EA5-9FBD-65C903EF4D05}C:\program files (x86)\napster\napster.exe" = protocol=6 | dir=in | app=c:\program files (x86)\napster\napster.exe |
"TCP Query User{1BC5EC32-8476-46B2-BCA0-AA6C1EA09C50}C:\users\alt\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\alt\program files (x86)\dna\btdna.exe |
"TCP Query User{244C9606-0955-48E4-A09A-0E4ED336A958}C:\program files (x86)\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veoh\veohclient.exe |
"TCP Query User{267C0D4A-F8C4-4D53-A134-17E3AC93B4F4}C:\program files (x86)\steam\steamapps\slotcher1\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\slotcher1\counter-strike\hl.exe |
"TCP Query User{2E4A9E49-22F6-4975-AB0D-8E2776457CE4}D:\activision\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=d:\activision\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{2F910FA9-5BD2-40B4-BBF8-4E4BC3FA98BF}D:\games & spam\steamapps\counterpart42\counter-strike\hl.exe" = protocol=6 | dir=in | app=d:\games & spam\steamapps\counterpart42\counter-strike\hl.exe |
"TCP Query User{322DF8DE-1F67-46A9-BD35-DB9650DC7AC3}D:\kane & lynch\kaneandlynch.exe" = protocol=6 | dir=in | app=d:\kane & lynch\kaneandlynch.exe |
"TCP Query User{4501B383-8261-44C2-8573-4A4029E46AD6}C:\program files (x86)\steam\steamapps\slotcher1\day of defeat\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\slotcher1\day of defeat\hl.exe |
"TCP Query User{559C2BF6-EAF1-40EB-B7E6-1935FB7BB605}D:\left 4 dead\left4dead\left4dead.exe" = protocol=6 | dir=in | app=d:\left 4 dead\left4dead\left4dead.exe |
"TCP Query User{59E2F42F-8E85-4335-9CDC-3F05CDC65235}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{5B965F18-C8C0-4198-91ED-A73A6472926D}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{609BABBB-F346-4CBA-A550-AE57F3D9B6DA}D:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe |
"TCP Query User{60AC4C5A-93FD-4F73-837E-D1665FE1BCA5}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{63DF3E6B-C2D4-4B59-A4E5-031116C9557F}D:\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\grand theft auto iv\gtaiv.exe |
"TCP Query User{66082121-1F80-4992-958C-DA8AEACFF326}C:\users\alt\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\alt\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"TCP Query User{68B6E069-E88E-438E-8F6F-BE0D05C79DDB}D:\beta\bfbc2game.exe" = protocol=6 | dir=in | app=d:\beta\bfbc2game.exe |
"TCP Query User{6C88430E-DD7F-4F1A-9389-2C769F7AE64D}D:\demos\metin\metin2.bin" = protocol=6 | dir=in | app=d:\demos\metin\metin2.bin |
"TCP Query User{6FF6ABE4-E920-449B-84D2-E0E1A1C548A5}C:\program files (x86)\sierra\fear\fpupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sierra\fear\fpupdate.exe |
"TCP Query User{710BEF8C-607D-4B8A-BBA8-6542C711BD49}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{72626FE5-82BB-4DD8-BC16-11AD694B7F9A}C:\program files (x86)\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\azureus\azureus.exe |
"TCP Query User{73DF8E52-5F78-4D94-8D44-DEE0705905EA}D:\demos\world of warcraft public test\launcher.exe" = protocol=6 | dir=in | app=d:\demos\world of warcraft public test\launcher.exe |
"TCP Query User{7B978F68-0CC4-49C3-B818-ED19D0DC959A}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{7C71FC0D-9460-433E-8EFE-09D2C203D62B}C:\users\alt\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\alt\program files (x86)\dna\btdna.exe |
"TCP Query User{81972319-C33D-477D-ADF9-482D419EE79C}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{864D5D2E-ED71-455C-8CE1-7E4CFDA58EB8}C:\program files (x86)\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icqlite\icqlite.exe |
"TCP Query User{901F4CEF-8044-429C-B82E-E38082007999}C:\program files (x86)\steam\steamapps\31072015\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\31072015\counter-strike\hl.exe |
"TCP Query User{92692E94-6F41-4C44-9977-E9D4EDB6CA94}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{935B2C0E-6FB6-4EE5-98A8-DDEC86A5F4DB}C:\program files (x86)\steam\steamapps\31072015\team fortress classic\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\31072015\team fortress classic\hl.exe |
"TCP Query User{9580E5FC-080C-410A-89C5-D5DD08C935CA}C:\program files (x86)\steam\steamapps\stephan_prang@web.de\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\stephan_prang@web.de\counter-strike\hl.exe |
"TCP Query User{9FF90464-9D3F-4F6A-83B4-4BB57D1C2AB9}C:\program files (x86)\steam\steamapps\counterpart42\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\counterpart42\counter-strike\hl.exe |
"TCP Query User{ADC6FAD8-7AFE-4009-838F-8C5EE0F2B7B8}D:\demos\metin2.bin" = protocol=6 | dir=in | app=d:\demos\metin2.bin |
"TCP Query User{ADF0570E-8710-4C3E-86B0-26EE7062BEE8}C:\users\alt\appdata\local\temp\blizzard launcher temporary - 103133e0\launcher.exe" = protocol=6 | dir=in | app=c:\users\alt\appdata\local\temp\blizzard launcher temporary - 103133e0\launcher.exe |
"TCP Query User{B1207CA1-5BEC-4EBF-95A1-2C86A8F02D0D}D:\demos\bfbc2game.exe" = protocol=6 | dir=in | app=d:\demos\bfbc2game.exe |
"TCP Query User{B536BD96-2B1E-4E40-B8BD-90BBF0EC6044}D:\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-engb-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-engb-downloader.exe |
"TCP Query User{B56881A8-A6C3-4F7E-9850-9586DF791202}D:\world of warcraft\wow-2.1.1.6739-to-2.1.2.6803-engb-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-2.1.1.6739-to-2.1.2.6803-engb-downloader.exe |
"TCP Query User{B64C1953-88EF-4220-9C83-9A25DB3E2EE5}D:\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-engb-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-engb-downloader.exe |
"TCP Query User{C1C11A9C-63B0-4D68-B7C3-9BD12B4AD5EE}C:\users\alt\appdata\local\temp\blizzard launcher temporary - 81df1f08\launcher.exe" = protocol=6 | dir=in | app=c:\users\alt\appdata\local\temp\blizzard launcher temporary - 81df1f08\launcher.exe |
"TCP Query User{CBAAD9B9-BDA9-4639-8C44-E85FCD97A21A}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{CBF99E61-A2D4-4254-B5EE-619025B9192F}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{D3E45E83-6699-46C3-B44A-A71F651BC846}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"TCP Query User{D7C74CE5-4037-4A30-A398-FE71667D3B5A}D:\activision\call of duty - world at war\codwaw.exe" = protocol=6 | dir=in | app=d:\activision\call of duty - world at war\codwaw.exe |
"TCP Query User{DD4C85CC-F662-498A-9388-F47E15F80928}C:\program files (x86)\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6\icq.exe |
"TCP Query User{E54342DC-B994-4EB8-918C-6220A7F0FB25}D:\demos\binaries\parabellumthegame.exe" = protocol=6 | dir=in | app=d:\demos\binaries\parabellumthegame.exe |
"TCP Query User{E5CEEFE1-35E4-45CC-AADF-F3EE05797D30}C:\program files (x86)\gamers.irc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gamers.irc\mirc.exe |
"TCP Query User{E7A2478A-38E0-4785-A917-AAA3DE603858}D:\d\world of warcraft\wow-2.1.0.6692-to-2.1.0.6729-engb-downloader.exe" = protocol=6 | dir=in | app=d:\d\world of warcraft\wow-2.1.0.6692-to-2.1.0.6729-engb-downloader.exe |
"TCP Query User{E92B1688-0D6F-478A-ACFE-2B17167051FD}C:\program files (x86)\steam\steamapps\31072015\half-life blue shift\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\31072015\half-life blue shift\hl.exe |
"TCP Query User{F00168A2-039F-4A1C-8647-3D9299C290BA}C:\program files (x86)\gamespy\comrade\comrade.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gamespy\comrade\comrade.exe |
"TCP Query User{F35EA7B2-A7B8-4F68-B2B3-E7248714FA66}C:\program files (x86)\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veoh\veohclient.exe |
"UDP Query User{0671E798-A315-401A-9556-FB28363C9497}C:\program files (x86)\steam\steamapps\slotcher1\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\slotcher1\counter-strike\hl.exe |
"UDP Query User{08C1A8DE-1B2A-435E-9F64-88915D21677B}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{12A87A13-C28E-4DB4-87E8-53DF2A69D33D}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{13E98D6D-B559-42BA-9BBE-6CE537433D72}C:\program files (x86)\gamespy\comrade\comrade.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gamespy\comrade\comrade.exe |
"UDP Query User{18C6ED90-2C21-4CB7-AD15-F57633C2EE71}D:\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-engb-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-engb-downloader.exe |
"UDP Query User{194195DA-091A-41FC-8EC4-108DC5626984}D:\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-engb-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-engb-downloader.exe |
"UDP Query User{196EC21D-09AD-4301-9706-86C0D9F926A5}D:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe |
"UDP Query User{1C4214E6-8EBA-4F88-95E1-F0F3ACE2715A}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"UDP Query User{211980D5-AD99-46EE-BBA4-DBCCE7E3131B}D:\demos\binaries\parabellumthegame.exe" = protocol=17 | dir=in | app=d:\demos\binaries\parabellumthegame.exe |
"UDP Query User{2289BA47-4320-43BC-9F49-8FB867423F17}C:\program files (x86)\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\azureus\azureus.exe |
"UDP Query User{23EF9636-E3BE-4558-8513-23E5FB1747E8}D:\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\grand theft auto iv\gtaiv.exe |
"UDP Query User{24AF84BB-F479-46EF-AF5E-F8E96C1CDAAA}C:\program files (x86)\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veoh\veohclient.exe |
"UDP Query User{2C51EEC8-3381-4529-AA53-A6AAA257DC0B}C:\program files (x86)\sierra\fear\fpupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sierra\fear\fpupdate.exe |
"UDP Query User{32660CFA-DD37-4D94-AE63-52BF552CFD98}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{34109888-79E8-4C2C-B497-D15B567B1AD7}C:\program files (x86)\napster\napster.exe" = protocol=17 | dir=in | app=c:\program files (x86)\napster\napster.exe |
"UDP Query User{34900913-3C19-4A25-83D0-C9BE1C1D4E68}C:\program files (x86)\steam\steamapps\31072015\half-life blue shift\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\31072015\half-life blue shift\hl.exe |
"UDP Query User{389F3FA1-CDE5-443A-B2AF-62872663A699}C:\program files (x86)\steam\steamapps\31072015\team fortress classic\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\31072015\team fortress classic\hl.exe |
"UDP Query User{3ACD20EB-EADA-4A82-A3E5-51A31F56B2CC}D:\activision\call of duty - world at war\codwaw.exe" = protocol=17 | dir=in | app=d:\activision\call of duty - world at war\codwaw.exe |
"UDP Query User{4271CC0A-507A-47C9-8CC0-D71432F84D05}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{446A413F-F10C-4204-9584-500F91B85670}C:\program files (x86)\steam\steamapps\slotcher1\day of defeat\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\slotcher1\day of defeat\hl.exe |
"UDP Query User{4593C82E-192A-47A0-B6B0-CEBAFFE3E43B}C:\program files (x86)\steam\steamapps\counterpart42\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\counterpart42\counter-strike\hl.exe |
"UDP Query User{4B8C626F-5A04-4F55-AC8E-EDA9A8CEB1AD}C:\users\alt\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\alt\program files (x86)\dna\btdna.exe |
"UDP Query User{4D16831D-A6A4-4E5F-B434-EAF1E738A159}D:\games & spam\steamapps\counterpart42\counter-strike\hl.exe" = protocol=17 | dir=in | app=d:\games & spam\steamapps\counterpart42\counter-strike\hl.exe |
"UDP Query User{54667A78-494E-469B-9344-9F6857DB69F7}C:\users\alt\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\alt\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"UDP Query User{58AF022F-9FC5-48FC-8DA0-56AA9AAAC406}C:\program files (x86)\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icqlite\icqlite.exe |
"UDP Query User{5FE3A9AE-40BC-4476-8047-F0601E2E9458}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{6531E2BC-2EA9-42A3-BB93-BC7FCBE07960}D:\beta\bfbc2game.exe" = protocol=17 | dir=in | app=d:\beta\bfbc2game.exe |
"UDP Query User{68044F6E-6F3E-4845-B4B9-57561BC3E100}D:\world of warcraft\wow-2.1.1.6739-to-2.1.2.6803-engb-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-2.1.1.6739-to-2.1.2.6803-engb-downloader.exe |
"UDP Query User{6D01188E-6E1B-4375-BDDE-3C73992FFB8E}C:\program files (x86)\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veoh\veohclient.exe |
"UDP Query User{7231DACA-D632-4508-ABF0-FE736E263101}D:\demos\world of warcraft public test\launcher.exe" = protocol=17 | dir=in | app=d:\demos\world of warcraft public test\launcher.exe |
"UDP Query User{7442F811-7E3D-4066-9768-B24B6546D6C8}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{7ADC524E-FDE2-43C9-A5C2-9958AC222628}C:\users\alt\appdata\local\temp\blizzard launcher temporary - 81df1f08\launcher.exe" = protocol=17 | dir=in | app=c:\users\alt\appdata\local\temp\blizzard launcher temporary - 81df1f08\launcher.exe |
"UDP Query User{7B23952C-D738-405F-B8F9-6F47E8ECD1FC}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{7D2F592B-B1FE-4155-AEC9-34E22E7AC04F}D:\left 4 dead\left4dead\left4dead.exe" = protocol=17 | dir=in | app=d:\left 4 dead\left4dead\left4dead.exe |
"UDP Query User{8376C83D-D947-4DD1-94FD-859001919CB5}D:\demos\metin2.bin" = protocol=17 | dir=in | app=d:\demos\metin2.bin |
"UDP Query User{8921F1C5-EB5F-4AA0-A876-6C024DEBE7AB}D:\demos\bfbc2game.exe" = protocol=17 | dir=in | app=d:\demos\bfbc2game.exe |
"UDP Query User{927F7FD4-708E-4C99-B1EE-77AA4FAB2DFB}C:\program files (x86)\steam\steamapps\stephan_prang@web.de\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\stephan_prang@web.de\counter-strike\hl.exe |
"UDP Query User{9D02BCF5-D9D8-40B8-A506-14F017A127E0}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{BB957183-D1A2-49C9-A2F9-AB8AED1CCBA6}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{BF4418E4-DB28-41CC-9AC1-AD132BA0DD9F}C:\program files (x86)\steam\steamapps\31072015\opposing force\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\31072015\opposing force\hl.exe |
"UDP Query User{C0ED8151-043B-46EE-B3D4-8696E71A2CCF}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{C1E8C2F0-24DB-4950-9D3A-638484C3F3A7}C:\program files (x86)\gamers.irc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gamers.irc\mirc.exe |
"UDP Query User{C4B3CC73-96E2-49F6-B9D2-23D4D8CBE29B}C:\program files (x86)\steam\steamapps\31072015\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\31072015\counter-strike\hl.exe |
"UDP Query User{C94420AF-E29E-477A-AC8D-415EE6A4EDC5}C:\users\alt\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\alt\program files (x86)\dna\btdna.exe |
"UDP Query User{CAEE7182-B5AC-41EC-BDC9-6D9CC61D5F91}D:\d\world of warcraft\wow-2.1.0.6692-to-2.1.0.6729-engb-downloader.exe" = protocol=17 | dir=in | app=d:\d\world of warcraft\wow-2.1.0.6692-to-2.1.0.6729-engb-downloader.exe |
"UDP Query User{CE628D93-49B2-44F1-883C-44DE658319BE}D:\demos\metin\metin2.bin" = protocol=17 | dir=in | app=d:\demos\metin\metin2.bin |
"UDP Query User{D10E235B-FCCE-495E-A9C1-14FEE25D69B3}D:\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-dede-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-dede-downloader.exe |
"UDP Query User{D1C458EF-6CE9-4029-8AD9-C4045E40B34E}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{D63C9373-8290-46F3-BC99-11E5A03F325C}D:\kane & lynch\kaneandlynch.exe" = protocol=17 | dir=in | app=d:\kane & lynch\kaneandlynch.exe |
"UDP Query User{DBE1B4E2-5478-4A0D-B9B4-28346B6C652B}D:\activision\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=d:\activision\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{DBE85630-4638-4971-A9D5-EB3B438C70AE}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{EC335B64-EC21-4E5C-94C4-1CF1CE97641D}C:\users\alt\appdata\local\temp\blizzard launcher temporary - 103133e0\launcher.exe" = protocol=17 | dir=in | app=c:\users\alt\appdata\local\temp\blizzard launcher temporary - 103133e0\launcher.exe |
"UDP Query User{F9BC223F-D86C-4074-820D-AF28B646B5A6}C:\program files (x86)\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6\icq.exe |
"UDP Query User{FCB15C55-F0C4-40B3-92DD-D901E640A2FC}C:\users\alt\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\alt\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{9EFC40E3-5F31-4F75-8445-286273F74D8E}" = Apple Mobile Device Support
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C9C243B9-03BD-44BA-A592-AB09630AE2D2}" = iTunes
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F78D5B74-2B10-4D99-B0D5-13FE1A4E0AFE}" = Sony Ericsson PC Suite x64
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"TeamSpeak 3 Client" = TeamSpeak 3 Client

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{25BEC3AB-5CD4-481D-9143-215C1BBB189E}" = Sony Ericsson PC Suite
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5894CCB4-3C86-4483-B5F8-279AD4B0B7C5}" = Parabellum Beta
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.2
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{A10D9B03-AABB-47D7-8A30-2FEA97E70BC7}" = Quake Live Mozilla Plugin
"{A20A58C4-6784-4B4B-86CC-94E2E3671031}" = Nero 7 Essentials
"{A66C4716-7E10-4A53-8101-00C3C11D6A9C}" = Kane and Lynch: Dead Men
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{BACBC990-8681-4D00-9227-F3A32123BB7A}" = Half-Life(R)
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}" = TuneUp Utilities 2007
"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D53A3D44-C983-4D21-ABF6-2AA2AB88FB28}" = Battlefield Bad Company 2 - BETA
"{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"{EA0B63C1-E579-43DD-A5F7-0DA5E9092554}" = CryEngine(R)2 Sandbox(TM)2
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"12345_is1" = WeGame Client Public Beta 1.1.6
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"DivX Setup.divx.com" = DivX-Setup
"EADM" = EA Download Manager
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fraps" = Fraps
"Free Video to Mp3 Converter_is1" = Free Video to Mp3 Converter version 3.1
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"Gamers.IRC" = Gamers.IRC 4.42
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"IrfanView" = IrfanView (remove only)
"LastFM_is1" = Last.fm 1.5.4.24567
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"mIRC" = mIRC
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 6.0" = RealPlayer
"RivaTuner" = RivaTuner v2.22
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"Spyware Terminator_is1" = Spyware Terminator
"Steam App 10" = Counter-Strike
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"SUPER ©" = SUPER © Version 2008.bld.30 (Mar 22, 2008)
"SystemRequirementsLab" = System Requirements Lab
"Tales of Pirates Online_is1" = Tales of Pirates Online 1.36
"Uninstall_is1" = Uninstall 1.0.0.0
"VLC media player" = VLC media player 0.9.8a
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"XTTB00001.XTTB00001Toolbar" = ICQ Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"Move Media Player" = Move Media Player
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"Steam App 30" = Day of Defeat
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 06.02.2010 12:13:29 | Computer Name = Alt-PC | Source = RasClient | ID = 20227
Description =

Error - 06.02.2010 12:23:48 | Computer Name = Alt-PC | Source = RasClient | ID = 20227
Description =

Error - 06.02.2010 13:38:32 | Computer Name = Alt-PC | Source = RasClient | ID = 20227
Description =

Error - 06.02.2010 13:48:33 | Computer Name = Alt-PC | Source = RasClient | ID = 20227
Description =

Error - 06.02.2010 13:56:26 | Computer Name = Alt-PC | Source = RasClient | ID = 20227
Description =

Error - 06.02.2010 13:59:02 | Computer Name = Alt-PC | Source = RasClient | ID = 20227
Description =

Error - 06.02.2010 14:36:14 | Computer Name = Alt-PC | Source = RasClient | ID = 20227
Description =

Error - 06.02.2010 14:42:01 | Computer Name = Alt-PC | Source = RasClient | ID = 20227
Description =

Error - 06.02.2010 14:50:55 | Computer Name = Alt-PC | Source = RasClient | ID = 20227
Description =

Error - 12.02.2010 13:40:29 | Computer Name = Alt-PC | Source = RasClient | ID = 20227
Description =

[ Media Center Events ]
Error - 16.04.2008 16:57:57 | Computer Name = Alt-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight
gescheitert.

[ System Events ]
Error - 17.04.2010 12:41:51 | Computer Name = Alt-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 17.04.2010 13:14:40 | Computer Name = Alt-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ProgramData\Spyware
Terminator\FileObjInfo.sys nicht geladen. Wenden Sie sich an den Softwarehersteller,
um eine kompatible Version des Treibers zu erhalten.

Error - 17.04.2010 13:14:41 | Computer Name = Alt-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ProgramData\Spyware
Terminator\FileObjInfo.sys nicht geladen. Wenden Sie sich an den Softwarehersteller,
um eine kompatible Version des Treibers zu erhalten.

Error - 17.04.2010 15:20:00 | Computer Name = Alt-PC | Source = Service Control Manager | ID = 7016
Description =

Error - 18.04.2010 07:31:08 | Computer Name = Alt-PC | Source = HTTP | ID = 15016
Description =

Error - 18.04.2010 07:31:45 | Computer Name = Alt-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 18.04.2010 07:31:45 | Computer Name = Alt-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 18.04.2010 08:48:13 | Computer Name = Alt-PC | Source = HTTP | ID = 15016
Description =

Error - 18.04.2010 08:48:59 | Computer Name = Alt-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 18.04.2010 08:48:59 | Computer Name = Alt-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >

Antwort

Themen zu Von ICQ übertragener Trojaner - selbstständiges Verschicken von Links - MWB Log dabei
anti-malware, appdata, automatisch, bild, browser, datei, dateien, explorer, guard, helper, icq, infizierte, infizierte datei, infizierte dateien, leute, link, links, local\temp, log, malwarebytes, mein log, microsoft, scan, software, spyware.onlinegames, super, system, temp, trojan.bho, trojaner, version, windows system




Ähnliche Themen: Von ICQ übertragener Trojaner - selbstständiges Verschicken von Links - MWB Log dabei


  1. Überall Werbung im Browser und selbstständiges Öffnen von Tabs und Fenster
    Plagegeister aller Art und deren Bekämpfung - 20.02.2015 (28)
  2. Windows 8: Selbstständiges Öffnen von Tabs und Fenstern beim Surfen
    Log-Analyse und Auswertung - 27.01.2015 (9)
  3. Trojaner? Mailkonto versucht Spam zu verschicken
    Plagegeister aller Art und deren Bekämpfung - 23.12.2014 (13)
  4. Selbstständiges Öffnen von Webseiten & Certified-Toolbar-Search
    Plagegeister aller Art und deren Bekämpfung - 29.09.2013 (14)
  5. Selbstständiges Öffnen von Tabs in Mozilla Firefox und Internet Explorer
    Plagegeister aller Art und deren Bekämpfung - 20.04.2013 (21)
  6. Weisser Bildschirm Trojaner WIN XP: OTL.txt dabei
    Log-Analyse und Auswertung - 13.09.2012 (12)
  7. GVU Trojaner mit Webcambild - Logfiles dabei
    Log-Analyse und Auswertung - 20.07.2012 (21)
  8. 50 Euro Trojaner - log schon dabei
    Plagegeister aller Art und deren Bekämpfung - 05.03.2012 (39)
  9. selbstständiges verschicken von emails
    Plagegeister aller Art und deren Bekämpfung - 27.09.2010 (26)
  10. Ständig in Neue Viren uns Trojaner - Log dabei
    Log-Analyse und Auswertung - 23.04.2010 (10)
  11. AW: Über ICQ-übertragener Virus gefunden
    Mülltonne - 18.04.2010 (0)
  12. Über ICQ-übertragener Virus gefunden
    Plagegeister aller Art und deren Bekämpfung - 18.04.2010 (17)
  13. Über ICQ-übertragener Virus
    Plagegeister aller Art und deren Bekämpfung - 15.04.2010 (17)
  14. 3 Trojaner eingefangen Namen sind dabei hijackthis dabei kleine Problemmeldung..
    Log-Analyse und Auswertung - 08.09.2009 (18)
  15. Selbstständiges Öffnen vom Browser
    Plagegeister aller Art und deren Bekämpfung - 21.01.2009 (6)
  16. mehrere Trojaner, HJT-Log +escan dabei
    Log-Analyse und Auswertung - 26.11.2007 (12)
  17. laaaangsam / selbstständiges arbeiten
    Log-Analyse und Auswertung - 14.02.2007 (1)

Zum Thema Von ICQ übertragener Trojaner - selbstständiges Verschicken von Links - MWB Log dabei - Hallo an alle, wie schon viele andere habe ich dummerweise über ICQ eine infizierte Datei bekommen. Alles war hinter einem Bild mit .JPG Endung versteckt. Problem: Chatfenster werden automatisch geöffnet - Von ICQ übertragener Trojaner - selbstständiges Verschicken von Links - MWB Log dabei...
Archiv
Du betrachtest: Von ICQ übertragener Trojaner - selbstständiges Verschicken von Links - MWB Log dabei auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.