| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Skype VirusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
05.09.2010, 08:24
| #1 |
| |  Skype Virus Hallo ich habe gestern von einer Freundin in Skype ein Link bekommen mit Foto  "Link" ich habe diesen geöffnet und es kam eine MSN seite seit dem Spielt mein PC verückt dauernd öffnet sich Skype und meine Maus wurde sehr langsam ich habe Spybot und AntiVir durchlaufen lassen sie fanden 4 Viren die ich gelöchst habe nun habe ich hier eine Beitrag gelesen der genau mein Problem enthälht und ich habe das gemacht was in den beitrag stand.Den GMER Log kann ich nicht senden weil mein PC den immer Abstürtz auch im Gesicherten Modus. Noch was zum Virus es fing an das sich Sykpe immer auf machte und schließte aber nie den link weiter sendete nach neu Start hatte es die Maus langsamer gemacht meine Internet addons Aktieviert und z.B. sachen umgestell wie wenn ichh "W" drückte mein Browser sich schloss Bitte um Schnelle Hilfe  Die Logs defogger defogger_disable by jpshortstuff (23.02.10.1) Log created at 16:47 on 04/08/2010 (Björn) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. HKCU AEMON Tools Lite -> RemovedChecking for services/drivers... Unable to read sptd.sys SPTD -> Disabled (Service running -> reboot required) -=E.O.F=- Geändert von chrash (05.09.2010 um 08:37 Uhr) |
|
05.09.2010, 08:25
| #2 |
| | Skype Virus Malwarebytes Log
__________________Malwarebytes' Anti-Malware 1.46 Malwarebytes Datenbank Version: 4052 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 04.08.2010 16:46:50 mbam-log-2010-08-04 (16-46-50).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 120415 Laufzeit: 6 Minute(n), 58 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 4 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\ZagrebLand (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\uvc7jk640c (Trojan.Downloader) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
05.09.2010, 08:27
| #3 |
| | Skype Virus Malwarebytes Log
__________________Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4052 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 04.08.2010 16:46:50 mbam-log-2010-08-04 (16-46-50).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 120415 Laufzeit: 6 Minute(n), 58 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 4 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\ZagrebLand (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\uvc7jk640c (Trojan.Downloader) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
05.09.2010, 08:30
| #4 |
| | Skype Virus OTL LogOTL Logfile: Code:
ATTFilter OTL logfile created on: 05.08.2010 01:13:12 - Run 1 OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Björn\Desktop\MFTools Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 454,56 Gb Total Space | 155,09 Gb Free Space | 34,12% Space Free | Partition Type: NTFS Drive D: | 11,20 Gb Total Space | 1,84 Gb Free Space | 16,46% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BJÖRN-PC Current User Name: Björn Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan ========== Processes (SafeList) ========== PRC - [2010.08.04 16:24:52 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Björn\Desktop\MFTools\OTL.exe PRC - [2010.08.03 20:46:32 | 000,063,488 | RHS- | M] () -- C:\Users\Public\nvsvc32.exe PRC - [2010.07.14 17:25:24 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2010.06.21 10:09:52 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010.06.03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2010.03.30 12:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2010.03.02 11:28:23 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2010.02.04 14:57:44 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009.05.27 18:26:07 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2009.04.07 09:39:44 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe PRC - [2009.02.27 16:10:18 | 000,299,008 | ---- | M] () -- C:\Program Files\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMHID.exe PRC - [2009.02.09 18:14:02 | 000,296,320 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe PRC - [2009.02.09 18:14:02 | 000,116,096 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe PRC - [2009.02.09 18:13:36 | 000,206,120 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe PRC - [2009.01.26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.09.26 03:36:40 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe PRC - [2008.09.25 19:42:24 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe PRC - [2008.09.25 19:41:44 | 001,152,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe PRC - [2008.09.23 12:18:52 | 000,365,904 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe PRC - [2008.09.11 13:52:52 | 000,237,650 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\stacsv.exe PRC - [2008.06.27 17:53:08 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\AEstSrv.exe PRC - [2008.06.16 08:03:20 | 000,075,008 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe PRC - [2008.01.21 04:24:13 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2008.01.21 04:23:52 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE PRC - [2007.04.19 16:45:10 | 000,074,672 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\LXCZbmgr.exe PRC - [2007.04.19 16:44:12 | 000,058,288 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmon.exe PRC - [2007.04.19 16:43:42 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxczcoms.exe PRC - [2006.11.02 14:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe ========== Modules (SafeList) ========== MOD - [2010.08.04 16:24:52 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Björn\Desktop\MFTools\OTL.exe MOD - [2008.01.21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008.01.21 04:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010.05.11 16:51:12 | 000,395,048 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.03.30 12:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010.03.18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.02.04 14:57:44 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009.04.07 09:39:44 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2009.02.09 18:14:02 | 000,296,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) TV Background Capture Service (TVBCS) SRV - [2009.02.09 18:14:02 | 000,116,096 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched) TV Task Scheduler (TVTS) SRV - [2008.09.23 12:18:52 | 000,365,904 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008.09.11 13:52:52 | 000,237,650 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\stacsv.exe -- (STacSV) SRV - [2008.06.27 17:53:08 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\AEstSrv.exe -- (AESTFilters) SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008.02.03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc) SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.04.19 16:43:42 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxczcoms.exe -- (lxcz_device) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2010.03.01 10:05:19 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010.02.16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.12.12 03:55:49 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009.11.08 20:50:42 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2009.11.08 20:50:42 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009.09.23 10:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2009.08.28 02:48:58 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\Windows\System32\SVKP.sys -- (SVKP) DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.04.07 09:39:44 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009.03.20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2009.03.20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM) DRV - [2009.03.20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008.10.22 06:50:46 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008.10.22 06:50:46 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008.10.22 06:50:46 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2008.09.26 03:36:34 | 000,059,376 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49}) DRV - [2008.09.13 09:13:00 | 007,391,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008.09.11 13:54:44 | 000,389,120 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008.08.29 01:48:46 | 003,664,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2008.08.06 05:29:26 | 000,044,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2008.07.22 17:42:34 | 000,123,904 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008.07.21 12:53:02 | 000,100,184 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2008.04.29 03:54:58 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008.04.15 09:05:58 | 000,011,136 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Mo3Fltr.sys -- (Mo3Fltr) DRV - [2008.03.27 13:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV - [2008.03.27 13:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2008.01.21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008.01.21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008.01.21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008.01.21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008.01.21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008.01.21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008.01.21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008.01.21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008.01.21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008.01.21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008.01.21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008.01.21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008.01.21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008.01.21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008.01.21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008.01.21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008.01.21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2008.01.21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008.01.18 13:31:26 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2007.06.18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006.11.02 09:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh) DRV - [2005.02.11 11:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://fullarticles.net IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.07.14 17:28:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.14 17:27:36 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.14 17:29:52 | 000,000,000 | ---D | M] [2010.02.20 16:18:27 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\mozilla\Extensions [2010.08.04 21:46:06 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\mozilla\Firefox\Profiles\1o9f872f.default\extensions [2010.05.31 20:44:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Björn\AppData\Roaming\mozilla\Firefox\Profiles\1o9f872f.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.06.20 11:39:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Björn\AppData\Roaming\mozilla\Firefox\Profiles\1o9f872f.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.03.24 16:13:02 | 000,000,917 | ---- | M] () -- C:\Users\Björn\AppData\Roaming\Mozilla\FireFox\Profiles\1o9f872f.default\searchplugins\conduit.xml [2010.08.02 20:32:11 | 000,000,950 | ---- | M] () -- C:\Users\Björn\AppData\Roaming\Mozilla\FireFox\Profiles\1o9f872f.default\searchplugins\icqplugin-1.xml [2010.06.21 10:11:12 | 000,000,950 | ---- | M] () -- C:\Users\Björn\AppData\Roaming\Mozilla\FireFox\Profiles\1o9f872f.default\searchplugins\icqplugin-2.xml [2010.08.04 10:54:11 | 000,000,950 | ---- | M] () -- C:\Users\Björn\AppData\Roaming\Mozilla\FireFox\Profiles\1o9f872f.default\searchplugins\icqplugin-3.xml [2010.05.29 11:14:06 | 000,001,056 | ---- | M] () -- C:\Users\Björn\AppData\Roaming\Mozilla\FireFox\Profiles\1o9f872f.default\searchplugins\icqplugin.xml [2010.08.04 16:03:58 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010.08.04 16:03:59 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.06.02 12:20:01 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml [2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet) O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Eazel-DE Toolbar) - {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.) O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Eazel-DE Toolbar) - {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Eazel-DE Toolbar) - {69B6939F-C70D-45C5-9BBD-E2E2CC3DD8E5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [DVDAgent] C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [lxczbmgr.exe] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard) O4 - HKLM..\Run: [SteelSeries World of Warcraft MMO Gaming Mouse] C:\Program Files\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMHID.exe () O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [TSMAgent] C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [TVAgent] C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation) O4 - HKCU..\Run: [AARC] C:\Users\Björn\Documents\System\update.exe File not found O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe File not found O4 - HKCU..\Run: [NVIDIA driver monitor] C:\Users\Public\nvsvc32.exe () O4 - HKCU..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Users\Björn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE () O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: &Alles mit BitComet herunterladen - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-DE\local\search.html () O8 - Extra context menu item: Alle &Filme mit BitComet herunterladen - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Björn\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O8 - Extra context menu item: Mit BitComet herunter&laden - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.36.0.cab (Battlefield Heroes Updater) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Björn\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Björn\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 90 Days ========== [2010.08.04 16:27:50 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2010.08.04 16:27:22 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT [2010.08.04 16:25:41 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\Malwarebytes [2010.08.04 16:25:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.08.04 16:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.08.04 16:25:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.08.04 16:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010.08.04 16:24:45 | 000,000,000 | ---D | C] -- C:\Users\Björn\Desktop\MFTools [2010.08.04 16:03:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010.08.04 16:03:24 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2010.08.04 15:49:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2010.08.04 15:49:00 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2010.08.03 20:46:47 | 000,000,000 | ---D | C] -- C:\Users\Björn\Documents\Meine empfangenen Dateien [2010.08.01 22:19:09 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\System32\devil.dll [2010.08.01 22:19:09 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\System32\avisynth.dll [2010.08.01 22:19:05 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll [2010.08.01 22:19:05 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\i420vfw.dll [2010.08.01 22:19:03 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5 [2010.08.01 21:59:37 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\Youtube Downloader HD [2010.08.01 21:59:31 | 000,000,000 | ---D | C] -- C:\Program Files\Youtube Downloader HD [2010.08.01 21:59:09 | 000,000,000 | ---D | C] -- C:\Program Files\Winload [2010.07.31 19:12:20 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\SteelSeries [2010.07.31 19:10:22 | 000,000,000 | ---D | C] -- C:\Program Files\SteelSeries [2010.07.14 17:30:28 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Local\Real [2010.07.14 17:26:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2010.07.14 17:25:37 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll [2010.07.13 21:41:03 | 000,000,000 | ---D | C] -- C:\Fraps [2010.07.09 18:36:37 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\WeGame [2010.07.06 14:06:03 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\Publish Providers [2010.07.06 13:58:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony [2010.07.06 13:58:04 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2010.07.06 13:07:36 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\Sony [2010.07.06 13:07:36 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Local\Sony [2010.07.05 23:41:55 | 000,000,000 | ---D | C] -- C:\Users\Björn\Desktop\Movie [2010.07.05 23:03:50 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\Xfire [2010.07.05 23:03:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire [2010.07.05 23:03:42 | 000,000,000 | ---D | C] -- C:\Program Files\Xfire [2010.06.30 12:57:12 | 000,000,000 | ---D | C] -- C:\Users\Björn\Documents\BioWare [2010.06.30 12:12:25 | 000,000,000 | ---D | C] -- C:\Program Files\Mass Effect 2 [2010.06.30 12:12:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BioWare [2010.06.23 18:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2010.06.22 20:02:07 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\vlc [2010.06.21 21:29:07 | 000,000,000 | ---D | C] -- C:\Program Files\GameSpy Arcade [2010.06.20 12:51:30 | 000,000,000 | ---D | C] -- C:\Users\Björn\Desktop\Machinim [2010.06.20 11:50:01 | 000,000,000 | ---D | C] -- C:\Users\Björn\Desktop\Old School [2010.06.20 11:39:55 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\DVDVideoSoftIEHelpers [2010.06.15 18:45:13 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft Beta [2010.05.26 10:05:59 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\DivX [2010.05.26 10:05:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine [2010.05.26 09:57:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared [2010.05.26 09:56:55 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2010.05.26 09:56:32 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2010.05.21 20:11:08 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6Toolbar [2010.05.21 20:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ [2010.05.21 20:09:53 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.2 [2010.05.19 09:45:47 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch [2010.05.11 13:12:22 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2009.06.07 12:06:38 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxczserv.dll [2009.06.07 12:06:38 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxczusb1.dll [2009.06.07 12:06:38 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxczinpa.dll [2009.06.07 12:06:38 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcziesc.dll [2009.06.07 12:06:38 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCZhcp.dll [2009.06.07 12:06:38 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxczprox.dll [2009.06.07 12:06:38 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxczpplc.dll [2009.06.07 12:06:37 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxczpmui.dll [2009.06.07 12:06:37 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxczlmpm.dll [2009.06.07 12:06:36 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxczhbn3.dll [2009.06.07 12:06:36 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxczcomc.dll [2009.06.07 12:06:36 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxczcomm.dll [2002.01.14 19:30:34 | 021,823,560 | ---- | C] (Microsoft) -- C:\Program Files\dotnetfx.exe ========== Files - Modified Within 90 Days ========== [2010.08.05 01:14:48 | 000,967,410 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.08.05 01:14:48 | 000,699,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.08.05 01:14:48 | 000,235,002 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.08.05 01:14:48 | 000,203,114 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.08.05 01:14:48 | 000,005,548 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010.08.05 01:13:06 | 005,767,168 | -HS- | M] () -- C:\Users\Björn\NTUSER.DAT [2010.08.05 01:09:43 | 000,031,871 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010.08.05 01:08:33 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.08.05 01:08:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.08.05 01:08:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.08.05 01:08:20 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.08.05 01:08:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.08.05 01:08:04 | 3186,577,408 | -HS- | M] () -- C:\hiberfil.sys [2010.08.05 01:08:03 | 161,709,401 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010.08.04 22:53:56 | 000,524,288 | -HS- | M] () -- C:\Users\Björn\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2010.08.04 22:53:56 | 000,065,536 | -HS- | M] () -- C:\Users\Björn\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010.08.04 22:53:47 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010.08.04 22:53:40 | 002,556,435 | -H-- | M] () -- C:\Users\Björn\AppData\Local\IconCache.db [2010.08.04 22:08:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.08.04 16:47:49 | 000,000,176 | ---- | M] () -- C:\Users\Björn\defogger_reenable [2010.08.04 16:27:27 | 000,000,873 | ---- | M] () -- C:\Users\Björn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2010.08.04 16:27:23 | 000,000,674 | ---- | M] () -- C:\Users\Björn\Desktop\ERUNT.lnk [2010.08.04 16:25:33 | 000,000,778 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.08.04 16:24:49 | 000,050,477 | ---- | M] () -- C:\Users\Björn\Desktop\defogger.exe [2010.08.04 16:24:48 | 000,284,915 | ---- | M] () -- C:\Users\Björn\Desktop\Gmer.zip [2010.08.04 16:03:29 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2010.08.04 15:49:08 | 000,001,015 | ---- | M] () -- C:\Users\Björn\Desktop\Spybot - Search & Destroy.lnk [2010.08.04 13:58:01 | 000,000,797 | ---- | M] () -- C:\Users\Björn\Documents\Meine freigegebenen Ordner.lnk [2010.08.04 10:36:29 | 000,316,680 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.08.01 21:59:33 | 000,000,872 | ---- | M] () -- C:\Users\Björn\Desktop\Youtube Downloader HD.lnk [2010.08.01 21:20:27 | 000,076,224 | ---- | M] () -- C:\Users\Björn\AppData\Local\GDIPFONTCACHEV1.DAT [2010.07.29 20:56:24 | 000,000,190 | ---- | M] () -- C:\Windows\lexstat.ini [2010.07.29 12:26:57 | 000,001,666 | ---- | M] () -- C:\Users\Björn\AppData\Roaming\wklnhst.dat [2010.07.28 15:25:14 | 000,001,032 | ---- | M] () -- C:\Users\Björn\Desktop\DVDVideoSoft Free Studio.lnk [2010.07.15 20:21:05 | 000,001,740 | ---- | M] () -- C:\Users\Public\Desktop\Ultimate-Coop.lnk [2010.07.15 19:21:35 | 000,138,168 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010.07.15 19:20:18 | 000,189,472 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr [2010.07.14 17:28:04 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk [2010.07.14 17:25:37 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll [2010.07.13 21:48:59 | 000,041,472 | ---- | M] () -- C:\Users\Björn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.07.13 21:41:05 | 000,000,514 | ---- | M] () -- C:\Users\Björn\Desktop\Fraps.lnk [2010.07.12 15:11:39 | 000,031,871 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010.07.11 23:18:25 | 000,001,432 | ---- | M] () -- C:\Users\Björn\Desktop\DivX Movies.lnk [2010.07.11 23:17:36 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2010.07.09 21:00:32 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll [2010.07.06 16:13:07 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.07.05 23:03:45 | 000,000,760 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk [2010.07.04 02:44:59 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\Driver Fetch.job [2010.07.03 13:44:46 | 000,000,825 | ---- | M] () -- C:\Users\Björn\Desktop\World of Warcraft.lnk [2010.07.02 12:45:02 | 000,000,206 | ---- | M] () -- C:\Users\Björn\Desktop\CD-Laufwerk - Verknüpfung.lnk [2010.06.22 20:00:58 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2010.06.22 19:57:34 | 019,473,201 | ---- | M] () -- C:\Users\Björn\Documents\vlc-1.1.1-win32.exe [2010.06.15 20:03:15 | 000,001,008 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft Beta.lnk [2010.06.10 13:46:22 | 000,012,288 | ---- | M] () -- C:\Users\Björn\Desktop\Gericht.wps [2010.05.26 10:05:33 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2010.05.21 15:26:37 | 000,029,398 | ---- | M] () -- C:\Users\Björn\Documents\ts3_clientui-win32-11239-2010-05-21 15_26_33.711000.dmp [2010.05.15 00:25:22 | 043,219,440 | ---- | M] () -- C:\Users\Björn\Desktop\Stevinho_2010_05_14_23_25_15.mp3 [2010.05.14 23:13:33 | 138,569,583 | ---- | M] () -- C:\Users\Björn\Desktop\Stevinho_2010_05_14_20_00_35.mp3 ========== Files Created - No Company Name ========== [2010.08.05 01:08:04 | 3186,577,408 | -HS- | C] () -- C:\hiberfil.sys [2010.08.04 16:58:56 | 000,293,376 | ---- | C] () -- C:\Users\Björn\Desktop\gmer.exe [2010.08.04 16:47:34 | 000,000,176 | ---- | C] () -- C:\Users\Björn\defogger_reenable [2010.08.04 16:27:27 | 000,000,873 | ---- | C] () -- C:\Users\Björn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2010.08.04 16:27:23 | 000,000,674 | ---- | C] () -- C:\Users\Björn\Desktop\ERUNT.lnk [2010.08.04 16:25:33 | 000,000,778 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.08.04 16:24:49 | 000,050,477 | ---- | C] () -- C:\Users\Björn\Desktop\defogger.exe [2010.08.04 16:24:48 | 000,284,915 | ---- | C] () -- C:\Users\Björn\Desktop\Gmer.zip [2010.08.04 16:03:29 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2010.08.04 15:49:08 | 000,001,015 | ---- | C] () -- C:\Users\Björn\Desktop\Spybot - Search & Destroy.lnk [2010.08.04 13:58:01 | 000,000,797 | ---- | C] () -- C:\Users\Björn\Documents\Meine freigegebenen Ordner.lnk [2010.08.01 22:19:05 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2010.08.01 21:59:33 | 000,000,872 | ---- | C] () -- C:\Users\Björn\Desktop\Youtube Downloader HD.lnk [2010.07.31 19:10:29 | 000,011,136 | ---- | C] () -- C:\Windows\System32\drivers\Mo3Fltr.sys [2010.07.15 20:21:05 | 000,001,740 | ---- | C] () -- C:\Users\Public\Desktop\Ultimate-Coop.lnk [2010.07.14 17:28:04 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk [2010.07.13 21:41:05 | 000,000,514 | ---- | C] () -- C:\Users\Björn\Desktop\Fraps.lnk [2010.07.11 23:17:36 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2010.07.09 21:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll [2010.07.05 23:03:45 | 000,000,760 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk [2010.07.02 12:45:02 | 000,000,206 | ---- | C] () -- C:\Users\Björn\Desktop\CD-Laufwerk - Verknüpfung.lnk [2010.06.22 20:00:58 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2010.06.22 19:57:02 | 019,473,201 | ---- | C] () -- C:\Users\Björn\Documents\vlc-1.1.1-win32.exe [2010.06.20 11:39:40 | 000,001,032 | ---- | C] () -- C:\Users\Björn\Desktop\DVDVideoSoft Free Studio.lnk [2010.06.15 20:03:54 | 000,003,842 | ---- | C] () -- C:\ProgramData\driverinfo.txt [2010.06.15 18:45:17 | 000,001,008 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft Beta.lnk [2010.06.09 14:02:07 | 000,012,288 | ---- | C] () -- C:\Users\Björn\Desktop\Gericht.wps [2010.05.26 10:06:17 | 000,001,432 | ---- | C] () -- C:\Users\Björn\Desktop\DivX Movies.lnk [2010.05.26 10:05:33 | 000,000,957 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2010.05.21 15:26:33 | 000,029,398 | ---- | C] () -- C:\Users\Björn\Documents\ts3_clientui-win32-11239-2010-05-21 15_26_33.711000.dmp [2010.05.11 13:12:30 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.01.14 21:52:45 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCZinst.dll [2010.01.14 21:52:44 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxczutil.dll [2010.01.14 20:30:08 | 000,004,940 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe [2010.01.13 19:27:18 | 000,000,039 | ---- | C] () -- C:\Windows\dellstat.ini [2010.01.13 16:22:31 | 000,000,190 | ---- | C] () -- C:\Windows\lexstat.ini [2009.11.30 01:46:32 | 001,073,152 | ---- | C] () -- C:\Windows\System32\libmysql_c.dll [2009.11.28 22:41:18 | 000,138,168 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2009.11.28 22:41:18 | 000,138,056 | ---- | C] () -- C:\Users\Björn\AppData\Roaming\PnkBstrK.sys [2009.11.08 19:22:21 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2009.11.08 19:22:21 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2009.11.04 14:01:45 | 000,001,666 | ---- | C] () -- C:\Users\Björn\AppData\Roaming\wklnhst.dat [2009.11.03 21:46:03 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2009.09.30 12:45:19 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2009.09.30 12:45:19 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2009.08.07 19:51:34 | 000,178,430 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2009.05.30 23:39:35 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll [2009.05.30 23:39:35 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll [2009.05.30 23:39:35 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll [2009.05.30 22:49:48 | 000,000,025 | ---- | C] () -- C:\Windows\SIERRA.INI [2009.05.26 20:44:44 | 000,041,472 | ---- | C] () -- C:\Users\Björn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.05.25 21:38:25 | 000,031,871 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009.05.25 21:38:20 | 000,031,871 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009.05.25 21:04:54 | 000,000,000 | ---- | C] () -- C:\Users\Björn\AppData\Local\QSwitch.txt [2009.05.25 21:04:54 | 000,000,000 | ---- | C] () -- C:\Users\Björn\AppData\Local\DSwitch.txt [2009.05.25 21:04:54 | 000,000,000 | ---- | C] () -- C:\Users\Björn\AppData\Local\AtStart.txt [2009.03.13 10:47:56 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log [2009.03.13 10:47:47 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log [2009.03.13 10:47:26 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log [2009.03.13 10:46:51 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log [2009.03.13 10:45:08 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log [2008.10.21 22:42:19 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log [2008.10.21 22:38:30 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log [2008.10.21 22:37:14 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [2008.10.21 22:36:19 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log [2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2007.02.07 18:58:12 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini [2007.01.22 10:49:34 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxczcoin.dll [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.06.07 14:23:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv7.dll [2006.03.27 13:19:14 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxczvs.dll [2006.03.09 11:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2006.03.07 12:59:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv6.dll [2006.01.30 21:42:22 | 000,000,270 | ---- | C] () -- C:\Windows\System32\lxczcoin.ini [2006.01.10 18:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv5.dll [2006.01.10 18:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv4.dll ========== LOP Check ========== [2010.01.12 03:42:35 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\.minecraft [2009.05.26 17:00:27 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Acreon [2010.07.29 10:58:56 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\BitComet [2009.09.05 01:02:04 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Command & Conquer 3 Tiberium Wars [2009.12.13 05:38:34 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\DAEMON Tools Lite [2010.06.20 11:39:55 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\DVDVideoSoftIEHelpers [2009.08.04 04:17:31 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\FloodLightGames [2010.07.30 15:10:58 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\ICQ [2009.08.04 01:20:33 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien [2009.06.05 18:56:01 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien [2009.08.10 01:22:36 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\muvee Technologies [2009.09.30 12:48:39 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\PC Suite [2009.05.28 17:15:43 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\PlayFirst [2010.07.06 14:06:03 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Publish Providers [2009.09.30 12:45:12 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Samsung [2010.07.06 16:18:26 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Sony [2009.08.04 03:02:53 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\SPORE Creature Creator [2010.07.31 19:12:20 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\SteelSeries [2009.11.04 14:01:52 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Template [2010.07.17 00:19:32 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\TS3Client [2009.07.20 18:08:51 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Ubisoft [2010.07.09 18:36:37 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\WeGame [2009.05.25 23:57:38 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\WildTangent [2009.11.09 00:17:44 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\XRay Engine [2010.08.01 22:05:37 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Youtube Downloader HD [2010.07.04 02:44:59 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\Driver Fetch.job [2010.08.04 22:53:50 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 492 bytes -> C:\ProgramData\Temp:05EE1EEF < End of report > |
|
05.09.2010, 08:30
| #5 |
| | Skype Virus Extra LogOTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 05.08.2010 01:13:12 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Björn\Desktop\MFTools
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 454,56 Gb Total Space | 155,09 Gb Free Space | 34,12% Space Free | Partition Type: NTFS
Drive D: | 11,20 Gb Total Space | 1,84 Gb Free Space | 16,46% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: BJÖRN-PC
Current User Name: Björn
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{041B8753-2D8A-4881-8587-945DCEF6EEE7}" = lport=65535 | protocol=6 | dir=in | name=bitcomet |
"{04552F0C-EDB8-4235-BE3A-FB8B50DA5C89}" = lport=50003 | protocol=6 | dir=in | name=wowdownlaoder |
"{0F4F0AA6-F924-4234-9FA0-31371FC7074A}" = lport=8098 | protocol=6 | dir=in | name=hdr sum 2 adh11 |
"{1CD665DB-F21E-434B-B32A-A9E0A2CA8FD1}" = lport=60001 | protocol=6 | dir=in | name=bitcomet1 |
"{31AB2683-B441-4F70-9FC9-7EB3E336EDA7}" = lport=60004 | protocol=6 | dir=in | name=bitcomet5 |
"{371032DF-C1AA-4F6E-938D-CF12416A60D0}" = lport=50005 | protocol=6 | dir=in | name=wowdownlaoder |
"{3FC93E87-F242-4973-8F99-D76B664E2549}" = rport=138 | protocol=17 | dir=out | app=system |
"{46148B60-9FA4-4F28-8DA5-539371B4B02E}" = rport=139 | protocol=6 | dir=out | app=system |
"{4B84621C-4A34-49AE-A9B2-AE3FA9843B71}" = lport=8093 | protocol=6 | dir=in | name=hdr sum 2 adh6 |
"{58582F40-2E10-4CA3-9A6C-540708655577}" = lport=8097 | protocol=6 | dir=in | name=hdr sum 2 adh10 |
"{5869D978-0B63-4CC4-B39B-735CE86D4A2B}" = lport=8092 | protocol=6 | dir=in | name=hdr sum 2 adh5 |
"{5D0E98E4-710B-4885-B559-3B1C3B69336C}" = lport=137 | protocol=17 | dir=in | app=system |
"{635627B0-268E-40E0-935A-EC73B797C492}" = lport=3724 | protocol=6 | dir=in | name=wow |
"{640CA683-E858-4075-B378-067032EE2AFC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{67EC2063-44E0-48CA-B36C-434BA98AD1FD}" = lport=60000 | protocol=6 | dir=in | name=bitcomet2 |
"{73200B60-7BEC-44A7-AC35-661B4AA378C5}" = lport=60005 | protocol=6 | dir=in | name=bitcomet |
"{77677EC5-EC6F-49C5-A91B-3A941F0B2C8A}" = lport=8095 | protocol=6 | dir=in | name=hdr sum 2 adh8 |
"{7E69BF62-161B-472B-9932-6D9BC3064200}" = lport=12027 | protocol=6 | dir=in | name=bitcomet |
"{90129A70-ACED-4F9A-9A4A-A990C60C2F9E}" = rport=445 | protocol=6 | dir=out | app=system |
"{961F06DC-B54A-4E8E-AA1E-0F5A0F586209}" = lport=50002 | protocol=6 | dir=in | name=wowdownlaoder |
"{9E726FF2-61E7-405D-B0F7-567306735964}" = lport=50000 | protocol=6 | dir=in | name=wowdownlaoder |
"{A2CB6567-3CA6-4862-9EF9-E2375A02D59B}" = lport=50001 | protocol=6 | dir=in | name=wowdownlaoder |
"{A4A9E3A7-FDFC-4FCA-A464-DD00EF29071F}" = lport=8089 | protocol=6 | dir=in | name=hdr sum 2 adh1 |
"{A5757777-D0EB-4D5D-9644-3D866FC6D7DF}" = lport=8090 | protocol=6 | dir=in | name=hdr sum 2 adh3 |
"{A680725F-D614-4DA4-A46B-4577E264BEAD}" = lport=6112 | protocol=6 | dir=in | name=wow1 |
"{B1C59F8A-EE62-43D6-B29D-FEDE353C451C}" = lport=50004 | protocol=6 | dir=in | name=wowdownlaoder |
"{B67F0ACD-0C3B-4D79-86C1-A185142B4EC8}" = lport=139 | protocol=6 | dir=in | app=system |
"{B9BBA7E4-A2A3-4B1A-A2C2-6FA3A51B9BB2}" = lport=60003 | protocol=6 | dir=in | name=bitcomet4 |
"{CF9DE968-3EE6-421A-B999-A2542E62D4C4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D493AAC1-73D3-4284-9387-3DDC26C95BD7}" = lport=8096 | protocol=6 | dir=in | name=hdr sum 2 adh9 |
"{D62D89C6-FCDD-4099-AEFF-10AEE4199FBE}" = lport=21021 | protocol=6 | dir=in | name=bitvomet2 |
"{D8236EBD-92F6-4EAF-9BBA-38804EFD5CBE}" = lport=8091 | protocol=6 | dir=in | name=hdr sum 2 adh4 |
"{DA5C7B44-C38C-4943-A9B3-9ECC6A670E48}" = lport=138 | protocol=17 | dir=in | app=system |
"{DCB4378C-F25B-4F1C-8993-5BE9F30CEED2}" = rport=137 | protocol=17 | dir=out | app=system |
"{E001DD58-17D0-402C-8AD4-72D183AF5A10}" = lport=8100 | protocol=6 | dir=in | name=hdr sum 2 adh13 |
"{EB8CAABC-6386-4856-97B2-94B3D6FB436D}" = lport=8099 | protocol=6 | dir=in | name=hdr sum 2 adh12 |
"{EDAE20C6-2270-4F60-88BF-A8EFEADCE297}" = lport=60002 | protocol=6 | dir=in | name=bitcomet3 |
"{F092318A-F12A-47A8-8199-72DABC0A5C91}" = lport=445 | protocol=6 | dir=in | app=system |
"{F19239FC-3A5C-41B3-85B2-23D4BB70AE36}" = lport=8094 | protocol=6 | dir=in | name=hdr sum 2 adh7 |
"{F59FCC13-0818-490C-867D-6562C70E9688}" = lport=8088 | protocol=6 | dir=in | name=hdr sum 2 adh |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0290123C-6247-42B7-93C2-365D77A19A3F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{03FD839C-8A85-4F93-B215-A6472E3685F5}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{072BA6D8-E63B-4C03-9B42-60CAFA677E44}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{08178135-8B98-4450-BFD1-4470BDFC1A92}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{0BA57BBB-E036-48F2-9D7C-89BEC2B9DD57}" = protocol=17 | dir=in | app=c:\program files\electronic arts\aufstieg des hexenkönigs\game.dat |
"{0DAF7D01-9AC0-4342-BB16-587021CE1EE0}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{102EA5BB-BCCD-439F-AE15-3D7CD5AF2CFC}" = protocol=6 | dir=in | app=c:\program files\valve\steam\steamapps\king_boernar_one\counter-strike\hl.exe |
"{14D7B948-3BCF-4C2E-B123-EB1982736704}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{1536F827-89AB-4029-950C-D5B1F5964D29}" = protocol=6 | dir=in | app=c:\program files\valve\steam\steamapps\king_boernar_one\deathmatch classic\hl.exe |
"{172FB860-2EA2-415E-94AD-D2C28BC12500}" = dir=in | app=c:\program files\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat |
"{1AF30E7B-B762-42A7-8A81-09D9C2879FFD}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxczpswx.exe |
"{1E7D581E-A217-4B4F-B420-8F187E67191F}" = protocol=17 | dir=in | app=c:\program files\world of warcraft beta\launcher.exe |
"{1ECCB3D7-145B-4A8D-8A16-BC5340363D46}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{1ECE8C64-08F1-4E9D-A60F-D62111BDC069}" = protocol=17 | dir=in | app=c:\program files\valve\steam\steamapps\king_boernar_one\counter-strike\hl.exe |
"{2321EB84-3FB3-4D7A-A630-E7E55B69ACD0}" = protocol=17 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat |
"{23920524-D9B6-4D66-980F-E548FE9E1DFE}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{2628E076-5CDB-43AC-A89B-95F4D3E54316}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{282A505F-B637-473D-BF27-BD868816EE98}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{2DA0D189-3ADD-4191-9D1B-926301DA1086}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{3161B4B9-AE3D-4BB3-9156-33598731AAE9}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{321D783F-5AB2-491B-84D2-FA2DFF505EC4}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{381C1CCC-EF70-4B20-B71F-1BB0DD1F63C9}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qp.exe |
"{3FBB468F-A1DC-466F-98AD-987985412BFD}" = protocol=6 | dir=in | app=c:\windows\system32\lxczcoms.exe |
"{425ED314-7CBF-4E95-A3D0-C3F137E99D79}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{445F88B9-DD95-43E1-A6D5-F0EEC1F38FDD}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{453C247F-F305-4849-B43D-5BF861E71FA6}" = protocol=6 | dir=in | app=c:\program files\world of warcraft beta\launcher.exe |
"{4765F7A8-312E-4627-8B4F-ED868A27628D}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"{4DEEDF2A-8ADD-4AB8-A9F2-430C29D39131}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{4F219F3A-50CA-4BC4-9FA9-2979B21D738A}" = protocol=17 | dir=in | app=c:\program files\electronic arts\aufstieg des hexenkönigs\lotrbfme2ep1.exe |
"{5A8609A8-EAC8-4DE2-9C7B-546B61C332DC}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qpservice.exe |
"{6089CC86-7280-4E3D-ACFC-0D141EE24172}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{62044337-0E36-4A43-859A-6439E69BDEBA}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe |
"{69AD05EF-8FC7-4FD4-88F4-6A10065015E8}" = protocol=6 | dir=in | app=c:\program files\deep silver\s.t.a.l.k.e.r. - clear sky\bin\xrengine.exe |
"{71CF66DA-C9AD-4D04-BD5C-82B74C9B6599}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{73988392-7734-4DEF-AFAA-27C9A211390E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{78801CB8-268C-4BBB-875F-5D4EE14C3AF4}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe |
"{78B16CFC-110A-4E87-B4AA-1F76CA5BBCBD}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{7F852EB4-0041-444F-8CF9-F32F8513CF68}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"{80F902C9-55F3-4941-AE92-9345E5E4C339}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{85CEA917-067B-446F-A934-AF35E5FCBDBF}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{8A032486-5186-4BD6-B08B-94DDFD324B43}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{8AEE9F92-9083-4B6B-85B0-EBCB8E538541}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe |
"{8ECFC225-9643-4F05-BE64-03ACB3EA5F71}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{9A5A6688-FA20-4BFC-9F72-0696C20AAF0C}" = protocol=17 | dir=in | app=c:\program files\deep silver\s.t.a.l.k.e.r. - clear sky\bin\dedicated\xrengine.exe |
"{A35CE006-BD03-4401-A280-D1E584A967D6}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe |
"{A3E56163-6191-4CCB-8C2F-9847C36F5192}" = protocol=6 | dir=in | app=c:\program files\deep silver\s.t.a.l.k.e.r. - clear sky\bin\dedicated\xrengine.exe |
"{A49A320D-23F8-463B-BE56-210183844A97}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A49AE740-BA5E-4509-8D57-004B52557D60}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{A5AF4E47-65AC-4AA9-98C7-34E3CE59F71F}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{A665D95E-3497-4F98-9328-E02CC996C2B6}" = protocol=17 | dir=in | app=c:\program files\deep silver\s.t.a.l.k.e.r. - clear sky\bin\xrengine.exe |
"{A6F11AA6-E159-4BF9-8E1F-B1E9F51E2AB4}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{A7CB4C27-CC8D-4AF3-ABFF-9B3571DBAE3F}" = protocol=6 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat |
"{AC00DB30-F21B-4436-909E-C739467887A4}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{AE72BB3A-ADFA-4408-9AF2-0CCD1414AD12}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{B8C3BB70-B056-4CD3-A921-5A78E91180AF}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{BD063326-FCEB-4BE3-80D5-77634291EE2A}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{C5207E45-3C82-4708-8273-C64CDC740167}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{C5E67140-6B33-4262-8F6E-10161501B749}" = protocol=17 | dir=in | app=c:\program files\valve\steam\steamapps\king_boernar_one\deathmatch classic\hl.exe |
"{CAA0B5E6-3715-4F8D-ACDE-DB31D6F65DCA}" = protocol=6 | dir=in | app=c:\program files\electronic arts\aufstieg des hexenkönigs\game.dat |
"{CE7A75D2-1464-408A-B5C8-B7A77CE9D583}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{D6F84346-B513-465D-BF02-461C4280D254}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe |
"{D928935D-480B-47DB-B8A4-8CF8D3B2171B}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{DBDD43B5-B099-404E-B084-1D006A622A49}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{DE0F0D39-3100-4393-9847-12BB7136342A}" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{DEAAA573-8F03-46D2-ABC0-BB35132FDA51}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxczpswx.exe |
"{E0D320B7-E618-4661-A208-44DF5D645FE1}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{E35FFCA6-447F-4A29-953D-D6BCF647B95E}" = protocol=17 | dir=in | app=c:\windows\system32\lxczcoms.exe |
"{E73EAC38-7190-498B-AE4C-D71060F007EB}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{E964CE82-A7B4-4AD2-9F07-C8EAECEAA071}" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{E9E6FCE8-EE1E-4713-BB5F-6D158C315974}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{ED98AB37-C31F-47C7-AE54-198103A442BB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EE0ED61F-F912-4DCB-A623-71A11FAB3CA1}" = protocol=6 | dir=in | app=c:\program files\electronic arts\aufstieg des hexenkönigs\lotrbfme2ep1.exe |
"{EF89B128-D5D5-4B0F-8DBD-9488FBC3DE56}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{F39A5B53-0481-450B-B579-B9E45AE385C8}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{FAE18D54-D498-4812-8326-AA49FAAEFD48}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe |
"TCP Query User{0571BBEA-81EB-4D96-95CC-1F859CD5ECA2}C:\program files\world of warcraft beta\wow-4.0.0.12164-to-4.0.0.12232-dede-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft beta\wow-4.0.0.12164-to-4.0.0.12232-dede-downloader.exe |
"TCP Query User{0583DD99-07FD-41C6-9152-0E754FD276E9}C:\program files\world of warcraft beta\wow-4.0.0.12065-to-4.0.0.12122-dede-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft beta\wow-4.0.0.12065-to-4.0.0.12122-dede-downloader.exe |
"TCP Query User{0BCC0A77-54BC-4462-BD58-63E7233AC498}C:\users\björn\desktop\krimskrams\l4d2.exe\left.4.dead.2.working.demo-steamless\left4dead2.exe" = protocol=6 | dir=in | app=c:\users\björn\desktop\krimskrams\l4d2.exe\left.4.dead.2.working.demo-steamless\left4dead2.exe |
"TCP Query User{0FA230EE-B7A6-4945-BCB5-D1AAAD2F9209}C:\program files\ea games\battlefield 2\bf2voipserver.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2voipserver.exe |
"TCP Query User{117E7F17-2941-4872-A8E4-36B74F0080BC}C:\program files\ea games\battlefield 2\bf2_w32ded.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2_w32ded.exe |
"TCP Query User{122A0319-ADFC-44B9-9743-258E9D835C51}C:\program files\valve\steam\steamapps\king_boernar_one\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\steam\steamapps\king_boernar_one\counter-strike\hl.exe |
"TCP Query User{16B5B38B-0F42-4F49-8AC0-EA97B5F8E18A}C:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe |
"TCP Query User{2565AC98-F859-4325-B224-70DDC0B1A485}C:\users\björn\desktop\l4d2.exe\left.4.dead.2.working.demo-steamless\left4dead2.exe" = protocol=6 | dir=in | app=c:\users\björn\desktop\l4d2.exe\left.4.dead.2.working.demo-steamless\left4dead2.exe |
"TCP Query User{2632EEAC-1FF3-4846-A05E-1CD429F7F301}C:\users\björn\desktop\l4d2.exe\left.4.dead.2.working.demo-steamless\left4dead2.exe" = protocol=6 | dir=in | app=c:\users\björn\desktop\l4d2.exe\left.4.dead.2.working.demo-steamless\left4dead2.exe |
"TCP Query User{298EC5DE-F030-409B-84FE-73769D660550}C:\users\björn\downloads\wow_cataclysm_beta_dede.exe" = protocol=6 | dir=in | app=c:\users\björn\downloads\wow_cataclysm_beta_dede.exe |
"TCP Query User{2C4281A9-00B7-4384-BB13-DFFFD4FA500F}C:\program files\world of warcraft beta\wow-4.0.0.12266-to-4.0.0.12319-dede-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft beta\wow-4.0.0.12266-to-4.0.0.12319-dede-downloader.exe |
"TCP Query User{315089B5-FCF2-4FEE-8224-6F69EDF9E29E}C:\program files\world of warcraft beta\wow-4.0.0.12232-to-4.0.0.12266-dede-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft beta\wow-4.0.0.12232-to-4.0.0.12266-dede-downloader.exe |
"TCP Query User{33C27919-BFE9-4ECA-913A-4CCDCC8C2898}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{468E0EE0-E1DF-41A3-894F-C85D11EE3A7C}C:\program files\world of warcraft beta\wow-4.0.0.12025-to-4.0.0.12065-dede-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft beta\wow-4.0.0.12025-to-4.0.0.12065-dede-downloader.exe |
"TCP Query User{4AE639C4-10CF-4AA5-A6A7-646A88BEC2AD}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
"TCP Query User{4D7C18DA-EEC4-4763-9947-E5B5575E0E6B}C:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-dede-downloader.exe |
"TCP Query User{4DC17050-C1A0-4B77-90F6-8F0D403EF003}C:\program files\valve\steam\steamapps\king_boernar_one\condition zero\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\steam\steamapps\king_boernar_one\condition zero\hl.exe |
"TCP Query User{529962AA-407C-41F0-A775-656AEFF722A2}C:\program files\world of warcraft beta\wow-4.0.0.12539-dede-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft beta\wow-4.0.0.12539-dede-downloader.exe |
"TCP Query User{5772811E-EC8D-4FF5-9B80-9565E850E36A}C:\program files\world of warcraft beta\wow-4.0.0.12319-to-4.0.0.12479-dede-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft beta\wow-4.0.0.12319-to-4.0.0.12479-dede-downloader.exe |
"TCP Query User{5E3DC51A-01E5-4577-B16C-5F4CF80CD658}C:\program files\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold crusader\stronghold crusader.exe |
"TCP Query User{60ED7EBA-0832-490A-86C4-AE13FEEE831A}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{6852F3A8-071B-44B1-8611-4510E9337FA2}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{6A595C5C-62CD-4E8F-8294-AA9811F4B520}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{6DB69788-EDA3-4187-BF5A-4E9B1FABD9D0}C:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe |
"TCP Query User{6F24857A-6F9A-4479-968B-87A1A9D9F496}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"TCP Query User{834EE6FE-95CD-40F4-8F4A-18B8292ECAEA}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{95D8AD27-E6A3-4877-B963-26437B435790}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{99D0AC4C-9A49-4E37-8462-896098E1B875}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{9B2E7CC3-BD28-4B2A-935B-A13E3614E506}C:\users\björn\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe" = protocol=6 | dir=in | app=c:\users\björn\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe |
"TCP Query User{9B661795-93A5-46D3-A238-14D2B6B923EA}C:\users\björn\desktop\bf2 sp hack\dead space\deadspace.exe" = protocol=6 | dir=in | app=c:\users\björn\desktop\bf2 sp hack\dead space\deadspace.exe |
"TCP Query User{9E41134B-7CEE-4994-B568-46B86484169F}C:\program files\ea games\battlefield 2\bf2_w32ded.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2_w32ded.exe |
"TCP Query User{A91CE3F3-5111-4F88-A911-F401793F5B91}C:\program files\electronic arts\die schlacht um mittelerde ii\patchget.dat" = protocol=6 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\patchget.dat |
"TCP Query User{BCF7C17E-9FC9-4035-95F4-A531428474C8}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"TCP Query User{C7B88659-056B-462A-8236-50AF6F685A94}C:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe |
"TCP Query User{DE15D98E-29C8-4F11-8698-F121BBA187AA}C:\users\björn\desktop\deadspace.exe" = protocol=6 | dir=in | app=c:\users\björn\desktop\deadspace.exe |
"TCP Query User{E0809172-4517-4376-8D09-554DE1C2B8AF}C:\program files\world of warcraft beta\wow-4.0.0.12122-to-4.0.0.12164-dede-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft beta\wow-4.0.0.12122-to-4.0.0.12164-dede-downloader.exe |
"TCP Query User{E3500B38-C386-450A-81D6-3990CA617E37}C:\program files\lionhead studios ltd\black & white\runblack.exe" = protocol=6 | dir=in | app=c:\program files\lionhead studios ltd\black & white\runblack.exe |
"TCP Query User{E572AEAC-8894-4F39-AD0F-111B455F94DA}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"TCP Query User{EA2AACEE-726B-41BF-8086-3129ADB58877}C:\users\björn\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(2).exe" = protocol=6 | dir=in | app=c:\users\björn\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(2).exe |
"TCP Query User{EDC1CE90-B88F-4E2F-AF89-6D233F343C3F}C:\program files\valve\steam\steamapps\king_boernar_one\condition zero\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\steam\steamapps\king_boernar_one\condition zero\hl.exe |
"TCP Query User{F1F3E223-7E4C-4958-BE0C-8620C93531DA}C:\program files\novo's easy wow server\0.3.4\udrive\usr\local\mysql\bin\mysqld-opt.exe" = protocol=6 | dir=in | app=c:\program files\novo's easy wow server\0.3.4\udrive\usr\local\mysql\bin\mysqld-opt.exe |
"TCP Query User{F6399347-827E-4CBD-857F-A27BED37C4F7}C:\program files\ea games\battlefield 2\bf2voipserver_w32ded.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2voipserver_w32ded.exe |
"TCP Query User{FFC7C78F-071B-43A9-AF6E-7873D2A53D6A}C:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe |
"UDP Query User{0B404EDF-ECDC-4341-943F-ABADFE0E773C}C:\program files\world of warcraft beta\wow-4.0.0.12065-to-4.0.0.12122-dede-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft beta\wow-4.0.0.12065-to-4.0.0.12122-dede-downloader.exe |
"UDP Query User{11010F3A-18DA-4716-A02C-97DE74D58A5D}C:\program files\valve\steam\steamapps\king_boernar_one\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\steam\steamapps\king_boernar_one\counter-strike\hl.exe |
"UDP Query User{15B92534-B8E1-4453-AC1E-C160F1AA9D79}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{16D3EB45-5F14-4C2F-8F71-04CA3CC17E5E}C:\program files\world of warcraft beta\wow-4.0.0.12164-to-4.0.0.12232-dede-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft beta\wow-4.0.0.12164-to-4.0.0.12232-dede-downloader.exe |
"UDP Query User{1BAAC89B-B587-4DDD-BCE4-2A6A11C1AE9A}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{21B6041B-C5F9-4423-9622-7A28D83D6813}C:\users\björn\desktop\l4d2.exe\left.4.dead.2.working.demo-steamless\left4dead2.exe" = protocol=17 | dir=in | app=c:\users\björn\desktop\l4d2.exe\left.4.dead.2.working.demo-steamless\left4dead2.exe |
"UDP Query User{23A43207-4BFF-418C-BC84-B7EC0E45B824}C:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe |
"UDP Query User{30E4BE24-1708-49ED-8A04-B060B9D4EA1E}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"UDP Query User{363AD18D-4796-48A7-95DB-22979CC70D5B}C:\users\björn\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe" = protocol=17 | dir=in | app=c:\users\björn\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe |
"UDP Query User{3CE9170F-374F-4268-84B0-8884828405C6}C:\program files\ea games\battlefield 2\bf2voipserver.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2voipserver.exe |
"UDP Query User{46BBA3F9-EEF3-4CC5-98DC-8D374B561F59}C:\users\björn\downloads\wow_cataclysm_beta_dede.exe" = protocol=17 | dir=in | app=c:\users\björn\downloads\wow_cataclysm_beta_dede.exe |
"UDP Query User{4D6C30E0-D272-4BBC-B205-9D3DFB02BAEB}C:\program files\lionhead studios ltd\black & white\runblack.exe" = protocol=17 | dir=in | app=c:\program files\lionhead studios ltd\black & white\runblack.exe |
"UDP Query User{4D8775B5-54AA-4768-98F4-B7D55376BC64}C:\users\björn\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(2).exe" = protocol=17 | dir=in | app=c:\users\björn\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(2).exe |
"UDP Query User{527E3BFA-95FB-4BF5-8E88-5210CE1D3824}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{58B9AEE8-7E5D-466A-ABD6-058E42157081}C:\program files\world of warcraft beta\wow-4.0.0.12122-to-4.0.0.12164-dede-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft beta\wow-4.0.0.12122-to-4.0.0.12164-dede-downloader.exe |
"UDP Query User{64EFC31D-02ED-4A2D-8367-B18A6ADDA04B}C:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-dede-downloader.exe |
"UDP Query User{651F839A-8500-4901-AC62-68BD9DE2A692}C:\users\björn\desktop\l4d2.exe\left.4.dead.2.working.demo-steamless\left4dead2.exe" = protocol=17 | dir=in | app=c:\users\björn\desktop\l4d2.exe\left.4.dead.2.working.demo-steamless\left4dead2.exe |
"UDP Query User{6E81F4BB-992B-4466-AAD6-A026C19BFD35}C:\program files\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold crusader\stronghold crusader.exe |
"UDP Query User{79777BE3-B06A-4BDC-9D58-F012E592D576}C:\program files\ea games\battlefield 2\bf2_w32ded.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2_w32ded.exe |
"UDP Query User{7BB3DE6A-9F0F-4E4D-88DE-D63679AD6E04}C:\program files\world of warcraft beta\wow-4.0.0.12266-to-4.0.0.12319-dede-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft beta\wow-4.0.0.12266-to-4.0.0.12319-dede-downloader.exe |
"UDP Query User{8E7B5328-01B9-4E9F-97BB-76A74361557D}C:\users\björn\desktop\krimskrams\l4d2.exe\left.4.dead.2.working.demo-steamless\left4dead2.exe" = protocol=17 | dir=in | app=c:\users\björn\desktop\krimskrams\l4d2.exe\left.4.dead.2.working.demo-steamless\left4dead2.exe |
"UDP Query User{90A459B6-5554-46D4-BD5E-CFD1A5FB4B1B}C:\program files\valve\steam\steamapps\king_boernar_one\condition zero\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\steam\steamapps\king_boernar_one\condition zero\hl.exe |
"UDP Query User{91F3D2C6-0915-496D-948B-EB4A683DDD3F}C:\program files\ea games\battlefield 2\bf2voipserver_w32ded.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2voipserver_w32ded.exe |
"UDP Query User{92DABB2E-C906-4618-9151-02B6B8638B69}C:\program files\world of warcraft beta\wow-4.0.0.12232-to-4.0.0.12266-dede-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft beta\wow-4.0.0.12232-to-4.0.0.12266-dede-downloader.exe |
"UDP Query User{9573F0D6-1435-4D5A-AF36-C4864E9151FF}C:\users\björn\desktop\deadspace.exe" = protocol=17 | dir=in | app=c:\users\björn\desktop\deadspace.exe |
"UDP Query User{95742509-B071-411A-801E-5196ABBC9DEA}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"UDP Query User{A89924B4-0FEB-4C2B-8944-A03104754A7B}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{A9AACBE3-33E2-4109-95A1-30602E296E1E}C:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe |
"UDP Query User{AACAE313-7F27-40B6-9237-6C8662A8ACCA}C:\users\björn\desktop\bf2 sp hack\dead space\deadspace.exe" = protocol=17 | dir=in | app=c:\users\björn\desktop\bf2 sp hack\dead space\deadspace.exe |
"UDP Query User{AFD9CABB-1430-4472-B20D-E328DF9AD50C}C:\program files\world of warcraft beta\wow-4.0.0.12025-to-4.0.0.12065-dede-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft beta\wow-4.0.0.12025-to-4.0.0.12065-dede-downloader.exe |
"UDP Query User{B4D562A7-5062-4252-B0B3-28F620140ED8}C:\program files\world of warcraft beta\wow-4.0.0.12319-to-4.0.0.12479-dede-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft beta\wow-4.0.0.12319-to-4.0.0.12479-dede-downloader.exe |
"UDP Query User{C254E029-E41B-4F1D-9A4B-736AF0614CC2}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"UDP Query User{C682958F-DF0D-45D1-A20B-E218ECF25838}C:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe |
"UDP Query User{C849E993-B585-41F2-9D84-1273275DF784}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
"UDP Query User{CC4C8260-F360-468D-97F5-588B1C105FBA}C:\program files\valve\steam\steamapps\king_boernar_one\condition zero\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\steam\steamapps\king_boernar_one\condition zero\hl.exe |
"UDP Query User{D2426D9F-F7C4-45F1-89D2-14FAFCDCE5B7}C:\program files\ea games\battlefield 2\bf2_w32ded.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2_w32ded.exe |
"UDP Query User{DA9CC698-6913-4BCC-8738-8BFC6C7BEB28}C:\program files\electronic arts\die schlacht um mittelerde ii\patchget.dat" = protocol=17 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\patchget.dat |
"UDP Query User{E557975B-D4C8-4778-A464-10762EEACAD4}C:\program files\novo's easy wow server\0.3.4\udrive\usr\local\mysql\bin\mysqld-opt.exe" = protocol=17 | dir=in | app=c:\program files\novo's easy wow server\0.3.4\udrive\usr\local\mysql\bin\mysqld-opt.exe |
"UDP Query User{ED138A1B-C7EF-40DC-8BC4-CB8650C801B9}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{EE4B972F-9E87-4446-9947-C23D4632AAC1}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{F2482AE6-6106-4C90-8239-F5CC876229EE}C:\program files\world of warcraft beta\wow-4.0.0.12539-dede-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft beta\wow-4.0.0.12539-dede-downloader.exe |
"UDP Query User{F9C6A7D9-2694-478D-96D0-52039DBB1F9E}C:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{149BBCB8-674F-48D2-969C-9D0EA88DA7D6}" = HP User Guides 0129
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24E85B9C-6E60-4723-89CC-71B66881A020}" = BF2 Editor
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{30D3B7BC-5798-45D9-822D-05CA18F39E99}" = HPTCSSetup
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{92510C2A-30E3-4F8D-AE8A-93AB7B63EE8F}" = Gothic II Gold
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{B0C30E93-D3D9-4F04-A2AC-54749B573275}" = Command & Conquer 3
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B931FB80-537A-4600-00AD-AC5DEDB6C25B}" = Aufstieg des Hexenkönigs™
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{C9DF0468-5F31-4799-B4FE-CBAD37FFB8DE}" = World of Warcraft MMO Gaming Mouse
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB71A20E-B1B4-4562-81FA-33E1DBD0342F}" = ProtectSmart Hard Drive Protection
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D9D1A2FD-56B2-4F21-B959-745FE43CAB8C}" = Vegas Pro 9.0
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}" = Black and White
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{EFC5939F-470F-454E-B3DA-F51FDD83F6CE}" = HP MediaSmart SmartMenu
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AOL Toolbar" = AOL Toolbar 5.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BF2SP64" = BF2SP64
"BitComet" = BitComet 1.20
"CCleaner" = CCleaner
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Setup.divx.com" = DivX-Setup
"Eazel-DE Toolbar" = Eazel-DE Toolbar
"ERUNT_is1" = ERUNT 1.1j
"FC48FCA50073F28F7ABD65882D3757CA8E041DD9" = Windows Driver Package - SteelSeries (HidUsb) HIDClass (11/06/2008 1.0.0.0)
"FFOLKES Unlocks123 mod v1.4.1" = FFOLKES Unlocks123 mod v1.4.1
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"GameSpy Arcade" = GameSpy Arcade
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"LameACM" = Lame ACM MP3 Codec
"Lexmark 1200 Series" = Lexmark 1200 Series
"LHTTSENG" = L&H TTS3000 British English
"LHTTSGED" = L&H TTS3000 Deutsch
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.7)" = Mozilla Firefox (3.6.7)
"NVIDIA Drivers" = NVIDIA Drivers
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"S.T.A.L.K.E.R. - Clear Sky_is1" = S.T.A.L.K.E.R. - Clear Sky
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Steam App 40" = Deathmatch Classic
"Steam App 590" = Left 4 Dead 2 Demo
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"Ultimate-Coop 1.0_is1" = Ultimate-Coop 1.0
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.5
"WildTangent hp Master Uninstall" = My HP Games
"Winload Toolbar" = Winload Toolbar
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"World of Warcraft Beta" = World of Warcraft Beta
"Xfire" = Xfire (remove only)
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.2
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"CreepSmash.com" = CreepSmash.com
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"www.mondgesaenge.de - G2ADB" = Gothic II Addon-Datenbank
"www.mondgesaenge.de - MDB" = Marvin Datenbank
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 04.08.2010 11:11:52 | Computer Name = Björn-PC | Source = WinMgmt | ID = 10
Description =
Error - 04.08.2010 11:17:36 | Computer Name = Björn-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 04.08.2010 11:17:36 | Computer Name = Björn-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 04.08.2010 11:17:54 | Computer Name = Björn-PC | Source = WinMgmt | ID = 10
Description =
Error - 04.08.2010 11:18:53 | Computer Name = Björn-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 04.08.2010 11:18:56 | Computer Name = Björn-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 04.08.2010 11:21:44 | Computer Name = Björn-PC | Source = LoadPerf | ID = 3012
Description =
Error - 04.08.2010 11:21:44 | Computer Name = Björn-PC | Source = LoadPerf | ID = 3012
Description =
Error - 04.08.2010 11:21:44 | Computer Name = Björn-PC | Source = LoadPerf | ID = 3011
Description =
Error - 04.08.2010 11:25:10 | Computer Name = Björn-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 13.09.2009 08:24:39 | Computer Name = Björn-PC | Source = PlugPlayManager | ID = 12
Description = Das Gerät "JMB38X SD Host Controller" (PCI\VEN_197B&DEV_2381&SUBSYS_30F4103C&REV_00\4&120488ab&0&02E4)
wurde ohne vorbereitende Maßnahmen vom System entfernt.
Error - 13.09.2009 08:24:39 | Computer Name = Björn-PC | Source = PlugPlayManager | ID = 12
Description = Das Gerät "JMB38X MS Host Controller" (PCI\VEN_197B&DEV_2383&SUBSYS_30F4103C&REV_00\4&120488ab&0&03E4)
wurde ohne vorbereitende Maßnahmen vom System entfernt.
Error - 13.09.2009 08:24:39 | Computer Name = Björn-PC | Source = PlugPlayManager | ID = 12
Description = Das Gerät "JMB38X xD Host Controller" (PCI\VEN_197B&DEV_2384&SUBSYS_30F4103C&REV_00\4&120488ab&0&04E4)
wurde ohne vorbereitende Maßnahmen vom System entfernt.
Error - 13.09.2009 08:59:42 | Computer Name = Björn-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 13.09.2009 um 14:25:43 unerwartet heruntergefahren.
Error - 13.09.2009 08:59:46 | Computer Name = Björn-PC | Source = HTTP | ID = 15016
Description =
Error - 13.09.2009 09:00:29 | Computer Name = Björn-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 13.09.2009 09:04:28 | Computer Name = Björn-PC | Source = PlugPlayManager | ID = 12
Description = Das Gerät "JMB38X SD/MMC Host Controller" (PCI\VEN_197B&DEV_2382&SUBSYS_30F4103C&REV_00\4&120488ab&0&01E4)
wurde ohne vorbereitende Maßnahmen vom System entfernt.
Error - 13.09.2009 09:04:29 | Computer Name = Björn-PC | Source = PlugPlayManager | ID = 12
Description = Das Gerät "JMB38X SD Host Controller" (PCI\VEN_197B&DEV_2381&SUBSYS_30F4103C&REV_00\4&120488ab&0&02E4)
wurde ohne vorbereitende Maßnahmen vom System entfernt.
Error - 13.09.2009 09:04:29 | Computer Name = Björn-PC | Source = PlugPlayManager | ID = 12
Description = Das Gerät "JMB38X MS Host Controller" (PCI\VEN_197B&DEV_2383&SUBSYS_30F4103C&REV_00\4&120488ab&0&03E4)
wurde ohne vorbereitende Maßnahmen vom System entfernt.
Error - 13.09.2009 09:04:29 | Computer Name = Björn-PC | Source = PlugPlayManager | ID = 12
Description = Das Gerät "JMB38X xD Host Controller" (PCI\VEN_197B&DEV_2384&SUBSYS_30F4103C&REV_00\4&120488ab&0&04E4)
wurde ohne vorbereitende Maßnahmen vom System entfernt.
< End of report >
|
|
05.09.2010, 08:32
| #6 |
| | Skype Virus Otl LogOTL Logfile: Code:
ATTFilter OTL logfile created on: 05.08.2010 01:13:12 - Run 1 OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Björn\Desktop\MFTools Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 454,56 Gb Total Space | 155,09 Gb Free Space | 34,12% Space Free | Partition Type: NTFS Drive D: | 11,20 Gb Total Space | 1,84 Gb Free Space | 16,46% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BJÖRN-PC Current User Name: Björn Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan ========== Processes (SafeList) ========== PRC - [2010.08.04 16:24:52 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Björn\Desktop\MFTools\OTL.exe PRC - [2010.08.03 20:46:32 | 000,063,488 | RHS- | M] () -- C:\Users\Public\nvsvc32.exe PRC - [2010.07.14 17:25:24 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2010.06.21 10:09:52 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010.06.03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2010.03.30 12:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2010.03.02 11:28:23 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2010.02.04 14:57:44 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009.05.27 18:26:07 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2009.04.07 09:39:44 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe PRC - [2009.02.27 16:10:18 | 000,299,008 | ---- | M] () -- C:\Program Files\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMHID.exe PRC - [2009.02.09 18:14:02 | 000,296,320 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe PRC - [2009.02.09 18:14:02 | 000,116,096 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe PRC - [2009.02.09 18:13:36 | 000,206,120 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe PRC - [2009.01.26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.09.26 03:36:40 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe PRC - [2008.09.25 19:42:24 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe PRC - [2008.09.25 19:41:44 | 001,152,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe PRC - [2008.09.23 12:18:52 | 000,365,904 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe PRC - [2008.09.11 13:52:52 | 000,237,650 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\stacsv.exe PRC - [2008.06.27 17:53:08 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\AEstSrv.exe PRC - [2008.06.16 08:03:20 | 000,075,008 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe PRC - [2008.01.21 04:24:13 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2008.01.21 04:23:52 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE PRC - [2007.04.19 16:45:10 | 000,074,672 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\LXCZbmgr.exe PRC - [2007.04.19 16:44:12 | 000,058,288 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmon.exe PRC - [2007.04.19 16:43:42 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxczcoms.exe PRC - [2006.11.02 14:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe ========== Modules (SafeList) ========== MOD - [2010.08.04 16:24:52 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Björn\Desktop\MFTools\OTL.exe MOD - [2008.01.21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008.01.21 04:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010.05.11 16:51:12 | 000,395,048 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.03.30 12:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010.03.18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.02.04 14:57:44 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009.04.07 09:39:44 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2009.02.09 18:14:02 | 000,296,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) TV Background Capture Service (TVBCS) SRV - [2009.02.09 18:14:02 | 000,116,096 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched) TV Task Scheduler (TVTS) SRV - [2008.09.23 12:18:52 | 000,365,904 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008.09.11 13:52:52 | 000,237,650 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\stacsv.exe -- (STacSV) SRV - [2008.06.27 17:53:08 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\AEstSrv.exe -- (AESTFilters) SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008.02.03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc) SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.04.19 16:43:42 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxczcoms.exe -- (lxcz_device) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2010.03.01 10:05:19 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010.02.16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.12.12 03:55:49 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009.11.08 20:50:42 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2009.11.08 20:50:42 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009.09.23 10:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2009.08.28 02:48:58 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\Windows\System32\SVKP.sys -- (SVKP) DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.04.07 09:39:44 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009.03.20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2009.03.20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM) DRV - [2009.03.20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008.10.22 06:50:46 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008.10.22 06:50:46 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008.10.22 06:50:46 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2008.09.26 03:36:34 | 000,059,376 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49}) DRV - [2008.09.13 09:13:00 | 007,391,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008.09.11 13:54:44 | 000,389,120 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008.08.29 01:48:46 | 003,664,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2008.08.06 05:29:26 | 000,044,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2008.07.22 17:42:34 | 000,123,904 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008.07.21 12:53:02 | 000,100,184 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2008.04.29 03:54:58 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008.04.15 09:05:58 | 000,011,136 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Mo3Fltr.sys -- (Mo3Fltr) DRV - [2008.03.27 13:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV - [2008.03.27 13:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2008.01.21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008.01.21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008.01.21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008.01.21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008.01.21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008.01.21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008.01.21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008.01.21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008.01.21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008.01.21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008.01.21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008.01.21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008.01.21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008.01.21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008.01.21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008.01.21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008.01.21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2008.01.21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008.01.18 13:31:26 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2007.06.18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006.11.02 09:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh) DRV - [2005.02.11 11:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://fullarticles.net IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.07.14 17:28:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.14 17:27:36 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.14 17:29:52 | 000,000,000 | ---D | M] [2010.02.20 16:18:27 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\mozilla\Extensions [2010.08.04 21:46:06 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\mozilla\Firefox\Profiles\1o9f872f.default\extensions [2010.05.31 20:44:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Björn\AppData\Roaming\mozilla\Firefox\Profiles\1o9f872f.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.06.20 11:39:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Björn\AppData\Roaming\mozilla\Firefox\Profiles\1o9f872f.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.03.24 16:13:02 | 000,000,917 | ---- | M] () -- C:\Users\Björn\AppData\Roaming\Mozilla\FireFox\Profiles\1o9f872f.default\searchplugins\conduit.xml [2010.08.02 20:32:11 | 000,000,950 | ---- | M] () -- C:\Users\Björn\AppData\Roaming\Mozilla\FireFox\Profiles\1o9f872f.default\searchplugins\icqplugin-1.xml [2010.06.21 10:11:12 | 000,000,950 | ---- | M] () -- C:\Users\Björn\AppData\Roaming\Mozilla\FireFox\Profiles\1o9f872f.default\searchplugins\icqplugin-2.xml [2010.08.04 10:54:11 | 000,000,950 | ---- | M] () -- C:\Users\Björn\AppData\Roaming\Mozilla\FireFox\Profiles\1o9f872f.default\searchplugins\icqplugin-3.xml [2010.05.29 11:14:06 | 000,001,056 | ---- | M] () -- C:\Users\Björn\AppData\Roaming\Mozilla\FireFox\Profiles\1o9f872f.default\searchplugins\icqplugin.xml [2010.08.04 16:03:58 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010.08.04 16:03:59 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.06.02 12:20:01 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml [2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet) O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Eazel-DE Toolbar) - {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.) O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Eazel-DE Toolbar) - {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Eazel-DE Toolbar) - {69B6939F-C70D-45C5-9BBD-E2E2CC3DD8E5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [DVDAgent] C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [lxczbmgr.exe] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard) O4 - HKLM..\Run: [SteelSeries World of Warcraft MMO Gaming Mouse] C:\Program Files\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMHID.exe () O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [TSMAgent] C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [TVAgent] C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation) O4 - HKCU..\Run: [AARC] C:\Users\Björn\Documents\System\update.exe File not found O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe File not found O4 - HKCU..\Run: [NVIDIA driver monitor] C:\Users\Public\nvsvc32.exe () O4 - HKCU..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Users\Björn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE () O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: &Alles mit BitComet herunterladen - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-DE\local\search.html () O8 - Extra context menu item: Alle &Filme mit BitComet herunterladen - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Björn\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O8 - Extra context menu item: Mit BitComet herunter&laden - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.36.0.cab (Battlefield Heroes Updater) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Björn\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Björn\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 90 Days ========== [2010.08.04 16:27:50 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2010.08.04 16:27:22 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT [2010.08.04 16:25:41 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\Malwarebytes [2010.08.04 16:25:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.08.04 16:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.08.04 16:25:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.08.04 16:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010.08.04 16:24:45 | 000,000,000 | ---D | C] -- C:\Users\Björn\Desktop\MFTools [2010.08.04 16:03:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010.08.04 16:03:24 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2010.08.04 15:49:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2010.08.04 15:49:00 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2010.08.03 20:46:47 | 000,000,000 | ---D | C] -- C:\Users\Björn\Documents\Meine empfangenen Dateien [2010.08.01 22:19:09 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\System32\devil.dll [2010.08.01 22:19:09 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\System32\avisynth.dll [2010.08.01 22:19:05 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll [2010.08.01 22:19:05 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\i420vfw.dll [2010.08.01 22:19:03 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5 [2010.08.01 21:59:37 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\Youtube Downloader HD [2010.08.01 21:59:31 | 000,000,000 | ---D | C] -- C:\Program Files\Youtube Downloader HD [2010.08.01 21:59:09 | 000,000,000 | ---D | C] -- C:\Program Files\Winload [2010.07.31 19:12:20 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\SteelSeries [2010.07.31 19:10:22 | 000,000,000 | ---D | C] -- C:\Program Files\SteelSeries [2010.07.14 17:30:28 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Local\Real [2010.07.14 17:26:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2010.07.14 17:25:37 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll [2010.07.13 21:41:03 | 000,000,000 | ---D | C] -- C:\Fraps [2010.07.09 18:36:37 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\WeGame [2010.07.06 14:06:03 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\Publish Providers [2010.07.06 13:58:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony [2010.07.06 13:58:04 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2010.07.06 13:07:36 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\Sony [2010.07.06 13:07:36 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Local\Sony [2010.07.05 23:41:55 | 000,000,000 | ---D | C] -- C:\Users\Björn\Desktop\Movie [2010.07.05 23:03:50 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\Xfire [2010.07.05 23:03:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire [2010.07.05 23:03:42 | 000,000,000 | ---D | C] -- C:\Program Files\Xfire [2010.06.30 12:57:12 | 000,000,000 | ---D | C] -- C:\Users\Björn\Documents\BioWare [2010.06.30 12:12:25 | 000,000,000 | ---D | C] -- C:\Program Files\Mass Effect 2 [2010.06.30 12:12:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BioWare [2010.06.23 18:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2010.06.22 20:02:07 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\vlc [2010.06.21 21:29:07 | 000,000,000 | ---D | C] -- C:\Program Files\GameSpy Arcade [2010.06.20 12:51:30 | 000,000,000 | ---D | C] -- C:\Users\Björn\Desktop\Machinim [2010.06.20 11:50:01 | 000,000,000 | ---D | C] -- C:\Users\Björn\Desktop\Old School [2010.06.20 11:39:55 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\DVDVideoSoftIEHelpers [2010.06.15 18:45:13 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft Beta [2010.05.26 10:05:59 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\DivX [2010.05.26 10:05:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine [2010.05.26 09:57:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared [2010.05.26 09:56:55 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2010.05.26 09:56:32 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2010.05.21 20:11:08 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6Toolbar [2010.05.21 20:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ [2010.05.21 20:09:53 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.2 [2010.05.19 09:45:47 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch [2010.05.11 13:12:22 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2009.06.07 12:06:38 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxczserv.dll [2009.06.07 12:06:38 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxczusb1.dll [2009.06.07 12:06:38 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxczinpa.dll [2009.06.07 12:06:38 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcziesc.dll [2009.06.07 12:06:38 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCZhcp.dll [2009.06.07 12:06:38 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxczprox.dll [2009.06.07 12:06:38 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxczpplc.dll [2009.06.07 12:06:37 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxczpmui.dll [2009.06.07 12:06:37 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxczlmpm.dll [2009.06.07 12:06:36 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxczhbn3.dll [2009.06.07 12:06:36 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxczcomc.dll [2009.06.07 12:06:36 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxczcomm.dll [2002.01.14 19:30:34 | 021,823,560 | ---- | C] (Microsoft) -- C:\Program Files\dotnetfx.exe ========== Files - Modified Within 90 Days ========== [2010.08.05 01:14:48 | 000,967,410 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.08.05 01:14:48 | 000,699,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.08.05 01:14:48 | 000,235,002 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.08.05 01:14:48 | 000,203,114 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.08.05 01:14:48 | 000,005,548 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010.08.05 01:13:06 | 005,767,168 | -HS- | M] () -- C:\Users\Björn\NTUSER.DAT [2010.08.05 01:09:43 | 000,031,871 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010.08.05 01:08:33 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.08.05 01:08:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.08.05 01:08:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.08.05 01:08:20 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.08.05 01:08:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.08.05 01:08:04 | 3186,577,408 | -HS- | M] () -- C:\hiberfil.sys [2010.08.05 01:08:03 | 161,709,401 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010.08.04 22:53:56 | 000,524,288 | -HS- | M] () -- C:\Users\Björn\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2010.08.04 22:53:56 | 000,065,536 | -HS- | M] () -- C:\Users\Björn\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010.08.04 22:53:47 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010.08.04 22:53:40 | 002,556,435 | -H-- | M] () -- C:\Users\Björn\AppData\Local\IconCache.db [2010.08.04 22:08:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.08.04 16:47:49 | 000,000,176 | ---- | M] () -- C:\Users\Björn\defogger_reenable [2010.08.04 16:27:27 | 000,000,873 | ---- | M] () -- C:\Users\Björn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2010.08.04 16:27:23 | 000,000,674 | ---- | M] () -- C:\Users\Björn\Desktop\ERUNT.lnk [2010.08.04 16:25:33 | 000,000,778 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.08.04 16:24:49 | 000,050,477 | ---- | M] () -- C:\Users\Björn\Desktop\defogger.exe [2010.08.04 16:24:48 | 000,284,915 | ---- | M] () -- C:\Users\Björn\Desktop\Gmer.zip [2010.08.04 16:03:29 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2010.08.04 15:49:08 | 000,001,015 | ---- | M] () -- C:\Users\Björn\Desktop\Spybot - Search & Destroy.lnk [2010.08.04 13:58:01 | 000,000,797 | ---- | M] () -- C:\Users\Björn\Documents\Meine freigegebenen Ordner.lnk [2010.08.04 10:36:29 | 000,316,680 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.08.01 21:59:33 | 000,000,872 | ---- | M] () -- C:\Users\Björn\Desktop\Youtube Downloader HD.lnk [2010.08.01 21:20:27 | 000,076,224 | ---- | M] () -- C:\Users\Björn\AppData\Local\GDIPFONTCACHEV1.DAT [2010.07.29 20:56:24 | 000,000,190 | ---- | M] () -- C:\Windows\lexstat.ini [2010.07.29 12:26:57 | 000,001,666 | ---- | M] () -- C:\Users\Björn\AppData\Roaming\wklnhst.dat [2010.07.28 15:25:14 | 000,001,032 | ---- | M] () -- C:\Users\Björn\Desktop\DVDVideoSoft Free Studio.lnk [2010.07.15 20:21:05 | 000,001,740 | ---- | M] () -- C:\Users\Public\Desktop\Ultimate-Coop.lnk [2010.07.15 19:21:35 | 000,138,168 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010.07.15 19:20:18 | 000,189,472 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr [2010.07.14 17:28:04 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk [2010.07.14 17:25:37 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll [2010.07.13 21:48:59 | 000,041,472 | ---- | M] () -- C:\Users\Björn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.07.13 21:41:05 | 000,000,514 | ---- | M] () -- C:\Users\Björn\Desktop\Fraps.lnk [2010.07.12 15:11:39 | 000,031,871 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010.07.11 23:18:25 | 000,001,432 | ---- | M] () -- C:\Users\Björn\Desktop\DivX Movies.lnk [2010.07.11 23:17:36 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2010.07.09 21:00:32 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll [2010.07.06 16:13:07 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.07.05 23:03:45 | 000,000,760 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk [2010.07.04 02:44:59 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\Driver Fetch.job [2010.07.03 13:44:46 | 000,000,825 | ---- | M] () -- C:\Users\Björn\Desktop\World of Warcraft.lnk [2010.07.02 12:45:02 | 000,000,206 | ---- | M] () -- C:\Users\Björn\Desktop\CD-Laufwerk - Verknüpfung.lnk [2010.06.22 20:00:58 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2010.06.22 19:57:34 | 019,473,201 | ---- | M] () -- C:\Users\Björn\Documents\vlc-1.1.1-win32.exe [2010.06.15 20:03:15 | 000,001,008 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft Beta.lnk [2010.06.10 13:46:22 | 000,012,288 | ---- | M] () -- C:\Users\Björn\Desktop\Gericht.wps [2010.05.26 10:05:33 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2010.05.21 15:26:37 | 000,029,398 | ---- | M] () -- C:\Users\Björn\Documents\ts3_clientui-win32-11239-2010-05-21 15_26_33.711000.dmp [2010.05.15 00:25:22 | 043,219,440 | ---- | M] () -- C:\Users\Björn\Desktop\Stevinho_2010_05_14_23_25_15.mp3 [2010.05.14 23:13:33 | 138,569,583 | ---- | M] () -- C:\Users\Björn\Desktop\Stevinho_2010_05_14_20_00_35.mp3 ========== Files Created - No Company Name ========== [2010.08.05 01:08:04 | 3186,577,408 | -HS- | C] () -- C:\hiberfil.sys [2010.08.04 16:58:56 | 000,293,376 | ---- | C] () -- C:\Users\Björn\Desktop\gmer.exe [2010.08.04 16:47:34 | 000,000,176 | ---- | C] () -- C:\Users\Björn\defogger_reenable [2010.08.04 16:27:27 | 000,000,873 | ---- | C] () -- C:\Users\Björn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2010.08.04 16:27:23 | 000,000,674 | ---- | C] () -- C:\Users\Björn\Desktop\ERUNT.lnk [2010.08.04 16:25:33 | 000,000,778 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.08.04 16:24:49 | 000,050,477 | ---- | C] () -- C:\Users\Björn\Desktop\defogger.exe [2010.08.04 16:24:48 | 000,284,915 | ---- | C] () -- C:\Users\Björn\Desktop\Gmer.zip [2010.08.04 16:03:29 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2010.08.04 15:49:08 | 000,001,015 | ---- | C] () -- C:\Users\Björn\Desktop\Spybot - Search & Destroy.lnk [2010.08.04 13:58:01 | 000,000,797 | ---- | C] () -- C:\Users\Björn\Documents\Meine freigegebenen Ordner.lnk [2010.08.01 22:19:05 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2010.08.01 21:59:33 | 000,000,872 | ---- | C] () -- C:\Users\Björn\Desktop\Youtube Downloader HD.lnk [2010.07.31 19:10:29 | 000,011,136 | ---- | C] () -- C:\Windows\System32\drivers\Mo3Fltr.sys [2010.07.15 20:21:05 | 000,001,740 | ---- | C] () -- C:\Users\Public\Desktop\Ultimate-Coop.lnk [2010.07.14 17:28:04 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk [2010.07.13 21:41:05 | 000,000,514 | ---- | C] () -- C:\Users\Björn\Desktop\Fraps.lnk [2010.07.11 23:17:36 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2010.07.09 21:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll [2010.07.05 23:03:45 | 000,000,760 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk [2010.07.02 12:45:02 | 000,000,206 | ---- | C] () -- C:\Users\Björn\Desktop\CD-Laufwerk - Verknüpfung.lnk [2010.06.22 20:00:58 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2010.06.22 19:57:02 | 019,473,201 | ---- | C] () -- C:\Users\Björn\Documents\vlc-1.1.1-win32.exe [2010.06.20 11:39:40 | 000,001,032 | ---- | C] () -- C:\Users\Björn\Desktop\DVDVideoSoft Free Studio.lnk [2010.06.15 20:03:54 | 000,003,842 | ---- | C] () -- C:\ProgramData\driverinfo.txt [2010.06.15 18:45:17 | 000,001,008 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft Beta.lnk [2010.06.09 14:02:07 | 000,012,288 | ---- | C] () -- C:\Users\Björn\Desktop\Gericht.wps [2010.05.26 10:06:17 | 000,001,432 | ---- | C] () -- C:\Users\Björn\Desktop\DivX Movies.lnk [2010.05.26 10:05:33 | 000,000,957 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2010.05.21 15:26:33 | 000,029,398 | ---- | C] () -- C:\Users\Björn\Documents\ts3_clientui-win32-11239-2010-05-21 15_26_33.711000.dmp [2010.05.11 13:12:30 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.01.14 21:52:45 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCZinst.dll [2010.01.14 21:52:44 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxczutil.dll [2010.01.14 20:30:08 | 000,004,940 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe [2010.01.13 19:27:18 | 000,000,039 | ---- | C] () -- C:\Windows\dellstat.ini [2010.01.13 16:22:31 | 000,000,190 | ---- | C] () -- C:\Windows\lexstat.ini [2009.11.30 01:46:32 | 001,073,152 | ---- | C] () -- C:\Windows\System32\libmysql_c.dll [2009.11.28 22:41:18 | 000,138,168 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2009.11.28 22:41:18 | 000,138,056 | ---- | C] () -- C:\Users\Björn\AppData\Roaming\PnkBstrK.sys [2009.11.08 19:22:21 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2009.11.08 19:22:21 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2009.11.04 14:01:45 | 000,001,666 | ---- | C] () -- C:\Users\Björn\AppData\Roaming\wklnhst.dat [2009.11.03 21:46:03 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2009.09.30 12:45:19 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2009.09.30 12:45:19 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2009.08.07 19:51:34 | 000,178,430 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2009.05.30 23:39:35 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll [2009.05.30 23:39:35 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll [2009.05.30 23:39:35 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll [2009.05.30 22:49:48 | 000,000,025 | ---- | C] () -- C:\Windows\SIERRA.INI [2009.05.26 20:44:44 | 000,041,472 | ---- | C] () -- C:\Users\Björn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.05.25 21:38:25 | 000,031,871 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009.05.25 21:38:20 | 000,031,871 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009.05.25 21:04:54 | 000,000,000 | ---- | C] () -- C:\Users\Björn\AppData\Local\QSwitch.txt [2009.05.25 21:04:54 | 000,000,000 | ---- | C] () -- C:\Users\Björn\AppData\Local\DSwitch.txt [2009.05.25 21:04:54 | 000,000,000 | ---- | C] () -- C:\Users\Björn\AppData\Local\AtStart.txt [2009.03.13 10:47:56 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log [2009.03.13 10:47:47 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log [2009.03.13 10:47:26 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log [2009.03.13 10:46:51 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log [2009.03.13 10:45:08 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log [2008.10.21 22:42:19 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log [2008.10.21 22:38:30 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log [2008.10.21 22:37:14 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [2008.10.21 22:36:19 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log [2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2007.02.07 18:58:12 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini [2007.01.22 10:49:34 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxczcoin.dll [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.06.07 14:23:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv7.dll [2006.03.27 13:19:14 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxczvs.dll [2006.03.09 11:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2006.03.07 12:59:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv6.dll [2006.01.30 21:42:22 | 000,000,270 | ---- | C] () -- C:\Windows\System32\lxczcoin.ini [2006.01.10 18:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv5.dll [2006.01.10 18:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv4.dll ========== LOP Check ========== [2010.01.12 03:42:35 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\.minecraft [2009.05.26 17:00:27 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Acreon [2010.07.29 10:58:56 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\BitComet [2009.09.05 01:02:04 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Command & Conquer 3 Tiberium Wars [2009.12.13 05:38:34 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\DAEMON Tools Lite [2010.06.20 11:39:55 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\DVDVideoSoftIEHelpers [2009.08.04 04:17:31 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\FloodLightGames [2010.07.30 15:10:58 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\ICQ [2009.08.04 01:20:33 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien [2009.06.05 18:56:01 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien [2009.08.10 01:22:36 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\muvee Technologies [2009.09.30 12:48:39 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\PC Suite [2009.05.28 17:15:43 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\PlayFirst [2010.07.06 14:06:03 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Publish Providers [2009.09.30 12:45:12 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Samsung [2010.07.06 16:18:26 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Sony [2009.08.04 03:02:53 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\SPORE Creature Creator [2010.07.31 19:12:20 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\SteelSeries [2009.11.04 14:01:52 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Template [2010.07.17 00:19:32 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\TS3Client [2009.07.20 18:08:51 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Ubisoft [2010.07.09 18:36:37 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\WeGame [2009.05.25 23:57:38 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\WildTangent [2009.11.09 00:17:44 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\XRay Engine [2010.08.01 22:05:37 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Youtube Downloader HD [2010.07.04 02:44:59 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\Driver Fetch.job [2010.08.04 22:53:50 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 492 bytes -> C:\ProgramData\Temp:05EE1EEF < End of report > |
|
05.09.2010, 14:24
| #7 |
| | Skype Virus Ich habe jetzt nochmal Spy Bot und Malwarebytes durchlaufen lassen erfand einen Trojaner Namens Virtumonde.sdn ich habe ihn gelöscht und CC Cleaner durchlaufen lassen und danach noch Malwarebytes Hier der Log dazu Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4052 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 05.08.2010 15:20:28 mbam-log-2010-08-05 (15-20-28).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 120165 Laufzeit: 5 Minute(n), 14 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
05.09.2010, 16:55
| #8 | |
| | Skype Virus Da ich ein schusselkopf  bin habe ich vergessen Malwarbytes zu aktualisieren der Aktualisierte Log  Zitat:
|
|
| Themen zu Skype Virus |
| antivir, autostart, beitrag, daemon, dauernd, disable, disabled, foto, freundin, gestern, langsam, link, maus, msn, problem, reboot, required, schnelle hilfe, sehr langsam, seite, skype, skype virus, spiel, spybot, tools, verückt, viren, virus |
Linear-Darstellung
