Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Virus der Sich über Skype verschickt

Virus der Sich über Skype verschickt


Log-Analyse und Auswertung: Virus der Sich über Skype verschickt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 1 von 2 1 2
Alt 07.09.2010, 14:39   #1
Lomoko
 
Virus der Sich über Skype verschickt - Böse

Virus der Sich über Skype verschickt


Hallo
Ich habe von meinem Freund vor 2 Tagen einen Link über Skype geschickt bekommen. Die Nachricht sah ca. so aus: "Foto :P w*w.facebook..." .Leider war das ein Downloadlink für einen Virus der sich selbstständig über skype verschickt
Ich hab mit Malwarebytes einen Scan gemacht, weiß aber noch nicht ob der Virus jetzt weg ist.
Bitte um schnelle Hilfe

Hier ein Logfile von Hijackthis:

HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:33:05, on 07.09.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
 
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Window Hide Tool\Window Hide Tool.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\ProgramData\Skype\Plugins\Plugins\9F9CE45F74274F5689DEAD48836386CA\MusicMaestro.exe
C:\Program Files\Opera\Opera.exe
C:\Users\*****\Desktop\HiJackThis204.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://fullarticles.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O1 - Hosts: ÿþ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Videoraptor_WebRipPlugin Class - {3C0372C2-04C3-4100-BAB1-1D42C552BC48} - C:\Program Files\RapidSolution\Videoraptor\plugins\IE\VR_WebRipIePlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Window Hide Tool] C:\Program Files\Window Hide Tool\Window Hide Tool.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: BTTray.lnk = ?
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1cb059687ea4443) (gupdate1cb059687ea4443) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
 
--
End of file - 9043 bytes
--- --- ---
Alt 07.09.2010, 15:23   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virus der Sich über Skype verschickt - Standard

Virus der Sich über Skype verschickt


Hallo und

Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
  • Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.



Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________
Alt 09.09.2010, 18:03   #3
Lomoko
 
Virus der Sich über Skype verschickt - Böse

Virus der Sich über Skype verschickt


Danke für die schnelle Antwort
ok ich hab den Scan mit Malwarebites gemacht ...
Hier die 2 Logfiles von OTL:
OTL.txt:
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 09.09.2010 18:54:05 - Run 2
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\Jamil\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,09 Gb Total Space | 30,84 Gb Free Space | 21,40% Space Free | Partition Type: NTFS
Drive D: | 144,00 Gb Total Space | 143,91 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: *****
Current User Name: *****
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Jamil\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Programme\TortoiseSVN\bin\TSVNCache.exe (hxxp://tortoisesvn.net)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe (SAMSUNG Electronics)
PRC - C:\Programme\Samsung\Samsung Update Plus\SLUBackgroundService.exe ()
PRC - C:\Programme\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programme\Samsung\EBM\EasyBatteryMgr3.exe (SAMSUNG Electronics co., LTD.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Window Hide Tool\Window Hide Tool.exe (FOMINE SOFTWARE)
PRC - C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Programme\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Jamil\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Akamai) -- c:\Programme\Common Files\Akamai\rswin_3745.dll ()
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLWriter) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (Samsung Update Plus) -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe ()
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (adfs) -- C:\Windows\System32\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (VMC302) -- C:\Windows\System32\drivers\vmc302.sys (Vimicro Corporation)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (KMDFMEMIO) -- C:\Windows\System32\drivers\KMDFMEMIO.sys (SAMSUNG ELECTRONICS CO., LTD.)
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\Windows\System32\drivers\sfvfs02.sys (Protection Technology (StarForce))
DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (sfsync04) StarForce Protection Synchronization Driver (version 4.x) -- C:\Windows\System32\drivers\sfsync04.sys (Protection Technology (StarForce))
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (NPPTNT2) -- C:\Windows\System32\npptNT2.sys (INCA Internet Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2819421788-1116645337-2531941000-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKU\S-1-5-21-2819421788-1116645337-2531941000-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://fullarticles.net
IE - HKU\S-1-5-21-2819421788-1116645337-2531941000-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = 
IE - HKU\S-1-5-21-2819421788-1116645337-2531941000-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = 
IE - HKU\S-1-5-21-2819421788-1116645337-2531941000-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 
IE - HKU\S-1-5-21-2819421788-1116645337-2531941000-1007\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2819421788-1116645337-2531941000-1007\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2819421788-1116645337-2531941000-1007\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-2819421788-1116645337-2531941000-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.8
FF - prefs.js..extensions.enabledItems: staff@hide-my-ip.com:1.0
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.4
FF - prefs.js..extensions.enabledItems: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:11.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: fireform@mozilla.org:0.7.4
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: googletube@googletube.com:2.0.2
FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\videoraptor-firefox-surf-and-catch-extension@audials.com: C:\Program Files\RapidSolution\Videoraptor\plugins\GeckoBased\videoraptor-firefox-surf-and-catch-extension@audials.com\ [2009.09.10 19:43:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.08.23 17:57:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.08.23 17:57:32 | 000,000,000 | ---D | M]
 
[2008.11.02 12:40:50 | 000,000,000 | ---D | M] -- C:\Users\Jamil\AppData\Roaming\mozilla\Extensions
[2010.09.09 17:07:20 | 000,000,000 | ---D | M] -- C:\Users\Jamil\AppData\Roaming\mozilla\Firefox\Profiles\eydwj6kh.default\extensions
[2009.09.03 16:39:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jamil\AppData\Roaming\mozilla\Firefox\Profiles\eydwj6kh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.12.01 17:23:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jamil\AppData\Roaming\mozilla\Firefox\Profiles\eydwj6kh.default\extensions\{9815d32d-08c2-42ca-a8c6-43e501a4512f}
[2010.05.24 16:51:43 | 000,000,000 | ---D | M] (Tamper Data) -- C:\Users\Jamil\AppData\Roaming\mozilla\Firefox\Profiles\eydwj6kh.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
[2010.08.25 14:18:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jamil\AppData\Roaming\mozilla\Firefox\Profiles\eydwj6kh.default\extensions\{bfe3406c-6f31-4789-86d5-efa50e12c9eb}
[2010.02.12 15:57:27 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Jamil\AppData\Roaming\mozilla\Firefox\Profiles\eydwj6kh.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010.05.24 15:01:34 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\Jamil\AppData\Roaming\mozilla\Firefox\Profiles\eydwj6kh.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2010.08.23 18:02:19 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Jamil\AppData\Roaming\mozilla\Firefox\Profiles\eydwj6kh.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009.11.30 18:53:02 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Jamil\AppData\Roaming\mozilla\Firefox\Profiles\eydwj6kh.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010.08.25 14:14:15 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Jamil\AppData\Roaming\mozilla\Firefox\Profiles\eydwj6kh.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010.08.23 18:04:38 | 000,000,000 | ---D | M] -- C:\Users\Jamil\AppData\Roaming\mozilla\Firefox\Profiles\eydwj6kh.default\extensions\fireform@mozilla.org
[2010.08.26 14:19:47 | 000,000,000 | ---D | M] -- C:\Users\Jamil\AppData\Roaming\mozilla\Firefox\Profiles\eydwj6kh.default\extensions\googletube@googletube.com
[2010.08.26 14:19:47 | 000,000,000 | ---D | M] -- C:\Users\Jamil\AppData\Roaming\mozilla\Firefox\Profiles\eydwj6kh.default\extensions\staged-xpis
[2010.09.06 18:26:00 | 000,000,950 | ---- | M] () -- C:\Users\Jamil\AppData\Roaming\Mozilla\FireFox\Profiles\eydwj6kh.default\searchplugins\icqplugin-1.xml
[2010.01.25 18:39:08 | 000,000,950 | ---- | M] () -- C:\Users\Jamil\AppData\Roaming\Mozilla\FireFox\Profiles\eydwj6kh.default\searchplugins\icqplugin-2.xml
[2010.02.12 15:57:29 | 000,000,950 | ---- | M] () -- C:\Users\Jamil\AppData\Roaming\Mozilla\FireFox\Profiles\eydwj6kh.default\searchplugins\icqplugin-3.xml
[2010.02.16 17:11:32 | 000,000,950 | ---- | M] () -- C:\Users\Jamil\AppData\Roaming\Mozilla\FireFox\Profiles\eydwj6kh.default\searchplugins\icqplugin-4.xml
[2010.08.23 17:57:44 | 000,000,950 | ---- | M] () -- C:\Users\Jamil\AppData\Roaming\Mozilla\FireFox\Profiles\eydwj6kh.default\searchplugins\icqplugin-5.xml
[2008.03.31 09:52:00 | 000,000,168 | ---- | M] () -- C:\Users\Jamil\AppData\Roaming\Mozilla\FireFox\Profiles\eydwj6kh.default\searchplugins\icqplugin.gif
[2008.03.31 09:52:00 | 000,000,618 | ---- | M] () -- C:\Users\Jamil\AppData\Roaming\Mozilla\FireFox\Profiles\eydwj6kh.default\searchplugins\icqplugin.src
[2009.07.13 17:12:02 | 000,000,944 | ---- | M] () -- C:\Users\Jamil\AppData\Roaming\Mozilla\FireFox\Profiles\eydwj6kh.default\searchplugins\icqplugin.xml
[2009.11.30 18:52:52 | 000,003,915 | ---- | M] () -- C:\Users\Jamil\AppData\Roaming\Mozilla\FireFox\Profiles\eydwj6kh.default\searchplugins\sweetim.xml
[2009.01.01 04:09:48 | 000,002,108 | ---- | M] () -- C:\Users\Jamil\AppData\Roaming\Mozilla\FireFox\Profiles\eydwj6kh.default\searchplugins\youtube-videosuche.xml
[2030.08.12 18:25:37 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009.07.15 19:25:08 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2008.11.01 17:28:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}
[2010.06.29 14:51:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009.02.02 20:59:34 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\staff@hide-my-ip.com
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.07.03 01:34:44 | 000,083,376 | ---- | M] (NHN USA Inc.) -- C:\Programme\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
[2010.08.23 17:57:28 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.08.23 17:57:28 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.08.23 17:57:28 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.08.23 17:57:28 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.08.23 17:57:28 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.08.27 16:37:12 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Videoraptor_WebRipPlugin Class) - {3C0372C2-04C3-4100-BAB1-1D42C552BC48} - C:\Programme\RapidSolution\Videoraptor\plugins\IE\VR_WebRipIePlugin.dll (RapidSolution Software)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) -  - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-2819421788-1116645337-2531941000-1007\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2819421788-1116645337-2531941000-1007..\Run: [AdobeBridge]  File not found
O4 - HKU\S-1-5-21-2819421788-1116645337-2531941000-1007..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe File not found
O4 - HKU\S-1-5-21-2819421788-1116645337-2531941000-1007..\Run: [PlayNC Launcher]  File not found
O4 - HKU\S-1-5-21-2819421788-1116645337-2531941000-1007..\Run: [Window Hide Tool] C:\Programme\Window Hide Tool\Window Hide Tool.exe (FOMINE SOFTWARE)
O4 - HKU\S-1-5-21-2819421788-1116645337-2531941000-1007..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab (Java Plug-in 1.5.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0c26c755-4700-11df-928e-0013779f08e7}\Shell\AutoRun\command - "" = fk.exe
O33 - MountPoints2\{0c26c755-4700-11df-928e-0013779f08e7}\Shell\open\Command - "" = fk.exe
O33 - MountPoints2\{6ae7d77e-2149-11df-9585-0013779f08e7}\Shell\AutoRun\command - "" = F:\fk.exe -- File not found
O33 - MountPoints2\{6ae7d77e-2149-11df-9585-0013779f08e7}\Shell\open\Command - "" = F:\fk.exe -- File not found
O33 - MountPoints2\{8912fab6-207c-11df-aded-0013779f08e7}\Shell\AutoRun\command - "" = q3kku.exe
O33 - MountPoints2\{8912fab6-207c-11df-aded-0013779f08e7}\Shell\open\Command - "" = q3kku.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2030.08.12 18:23:40 | 000,088,632 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSCrySec.sys
[2030.08.12 18:23:40 | 000,039,352 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
[2030.08.12 18:23:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.09.08 14:36:20 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Jamil\Desktop\OTL.exe
[2010.09.07 15:31:49 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Jamil\Desktop\HiJackThis204.exe
[2010.09.06 18:25:18 | 000,000,000 | ---D | C] -- C:\Users\Jamil\AppData\Roaming\Malwarebytes
[2010.09.06 18:25:11 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.09.06 18:25:10 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.09.06 18:25:10 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.09.06 18:25:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.29 13:00:32 | 000,000,000 | ---D | C] -- C:\Users\Jamil\AppData\Local\Google
[2010.08.24 20:18:22 | 000,000,000 | ---D | C] -- C:\Users\Jamil\Documents\RSBot
[2010.08.23 20:52:38 | 000,000,000 | ---D | C] -- C:\Users\Jamil\AppData\Roaming\Sinvise Systems
[2010.08.23 20:52:38 | 000,000,000 | ---D | C] -- C:\Programme\Sinvise Systems
[2010.08.23 12:18:34 | 000,000,000 | ---D | C] -- C:\Users\Jamil\Desktop\PowerMiner
[2010.08.20 21:21:02 | 000,000,000 | ---D | C] -- C:\Programme\Motherload Goldium
[2010.08.20 13:44:48 | 000,000,000 | ---D | C] -- C:\Users\Jamil\Desktop\motherload_goldium1
[2010.08.11 13:47:54 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.08.11 13:47:54 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.08.11 13:47:54 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.08.11 13:47:54 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.08.11 13:47:53 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.08.11 13:47:53 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.08.11 13:47:53 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.08.11 13:47:52 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.08.11 13:47:52 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.08.11 13:47:52 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.08.11 13:47:52 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.08.11 13:47:52 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.08.11 13:47:51 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.08.11 13:47:51 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.08.11 13:47:51 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.08.11 13:47:49 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010.08.11 13:47:37 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.08.11 13:47:30 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.08.11 13:47:27 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.08.11 13:47:01 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010.08.11 12:39:33 | 000,000,000 | ---D | C] -- C:\Users\Jamil\Documents\Pamela Call Recordings
[2006.11.24 07:14:44 | 000,139,264 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll
[2006.11.24 07:14:44 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK.dll
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.09 18:55:25 | 002,621,440 | -HS- | M] () -- C:\Users\Jamil\NTUSER.DAT
[2010.09.09 18:55:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C62253A0-2E4A-4BD1-86FD-EB01207F396D}.job
[2010.09.09 18:53:59 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{FF261FA7-7105-4F11-8296-6D2938362A78}.job
[2010.09.09 18:53:00 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{8337BFB5-6B16-4EE4-9C26-DD8713BA2643}.job
[2010.09.09 18:52:06 | 000,074,741 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.09.09 18:52:06 | 000,074,741 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.09.09 18:51:55 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.09 18:51:37 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.09 18:51:37 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.09 18:51:35 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.09 18:51:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.09 18:51:27 | 3215,572,992 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.09 18:50:40 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.09.09 18:50:34 | 000,524,288 | -HS- | M] () -- C:\Users\Jamil\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.09.09 18:50:34 | 000,065,536 | -HS- | M] () -- C:\Users\Jamil\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.09.09 18:50:32 | 006,291,456 | -H-- | M] () -- C:\Users\Jamil\AppData\Local\IconCache.db
[2010.09.09 18:03:02 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.09 16:57:42 | 001,593,106 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.09.09 16:57:42 | 000,685,990 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.09.09 16:57:42 | 000,642,982 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.09.09 16:57:42 | 000,150,258 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.09.09 16:57:42 | 000,121,870 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.09.08 14:36:20 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Jamil\Desktop\OTL.exe
[2010.09.07 15:31:49 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Jamil\Desktop\HiJackThis204.exe
[2010.09.06 18:25:13 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.03 15:03:40 | 000,000,099 | ---- | M] () -- C:\Users\Jamil\jagex_runescape_preferences2.dat
[2010.09.03 14:51:03 | 000,000,046 | ---- | M] () -- C:\Users\Jamil\jagex_runescape_preferences.dat
[2010.08.30 20:02:58 | 000,000,884 | ---- | M] () -- C:\Users\Jamil\Desktop\towerdefence.jnlp
[2010.08.27 21:45:23 | 002,317,024 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.08.27 17:17:49 | 000,108,824 | ---- | M] () -- C:\Users\Jamil\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.08.27 16:37:12 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2010.08.23 15:50:57 | 001,370,803 | ---- | M] () -- C:\Users\Jamil\Desktop\RSBot.jar
[2010.08.23 12:23:35 | 000,000,000 | ---- | M] () -- C:\Users\Jamil\jagex__preferences3.dat
[2010.08.23 10:23:21 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.08.13 11:35:07 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{879AA953-E363-40CC-9061-B66A641D78EE}.job
 
========== Files Created - No Company Name ==========
 
[2010.09.06 18:25:13 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.30 20:02:58 | 000,000,884 | ---- | C] () -- C:\Users\Jamil\Desktop\towerdefence.jnlp
[2010.08.23 15:50:56 | 001,370,803 | ---- | C] () -- C:\Users\Jamil\Desktop\RSBot.jar
[2010.08.23 12:23:35 | 000,000,000 | ---- | C] () -- C:\Users\Jamil\jagex__preferences3.dat
[2010.06.28 17:45:54 | 000,074,741 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.06.28 17:45:35 | 000,074,741 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.06.24 18:03:46 | 000,028,915 | ---- | C] () -- C:\Users\Jamil\AppData\Roaming\UserTile.png
[2010.05.11 14:58:10 | 000,003,120 | ---- | C] () -- C:\Windows\System32\2d2ca2ce-704a-428c-8cbe-0736b29190aa.dll
[2010.04.17 17:39:15 | 000,002,251 | ---- | C] () -- C:\Windows\System32\config.ini
[2010.02.23 17:11:44 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.12.31 18:35:32 | 000,081,920 | ---- | C] () -- C:\Windows\System32\emfxp.dll
[2009.10.20 20:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2009.09.24 14:42:30 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.15 14:56:21 | 000,001,356 | ---- | C] () -- C:\Users\Jamil\AppData\Local\d3d9caps.dat
[2009.07.11 11:27:09 | 000,000,347 | ---- | C] () -- C:\Users\Jamil\AppData\Roaming\RSBot Accounts.ini
[2009.06.16 17:44:51 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009.03.02 11:33:32 | 000,067,584 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.03.02 11:33:32 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2009.02.02 20:59:33 | 000,151,552 | ---- | C] () -- C:\Windows\System32\securenet.dll
[2008.11.28 16:28:30 | 000,015,360 | ---- | C] () -- C:\Users\Jamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.22 06:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2008.07.08 16:50:18 | 000,000,684 | ---- | C] () -- C:\Windows\HotFixList.ini
[2008.07.08 16:31:32 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini
[2008.07.08 16:31:32 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini
[2008.07.08 14:45:50 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007.02.15 09:51:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\NDADLL.dll
[2006.11.29 10:00:28 | 000,307,200 | ---- | C] () -- C:\Windows\System32\LDBGenWizView.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.10.09 03:01:28 | 000,061,440 | ---- | C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll
[2001.11.14 05:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 64 bytes -> C:\Users\Jamil\Desktop\2012.avi:TOC.WMV
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:F6C0CA66
< End of report >
--- --- ---










Extras.txt:
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 09.09.2010 18:54:05 - Run 2
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\Jamil\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,09 Gb Total Space | 30,84 Gb Free Space | 21,40% Space Free | Partition Type: NTFS
Drive D: | 144,00 Gb Total Space | 143,91 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: *****
Current User Name: *****
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2819421788-1116645337-2531941000-1007\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01A3B7C8-98E2-47A7-913F-4355AE9F8911}" = lport=6114 | protocol=17 | dir=in | name=port für wc3 11 | 
"{03A0C126-8B75-4E0C-83D6-ED495F260918}" = lport=6113 | protocol=17 | dir=in | name=port für wc3 10 | 
"{0E9505AE-23C1-4B1F-9B6D-E7B558E6CA88}" = lport=6113 | protocol=6 | dir=in | name=port für wc3 2 | 
"{1320926C-C7EF-4D91-B90E-88E157079F52}" = lport=80 | protocol=6 | dir=in | name=multiclicker | 
"{17C9712C-B0FF-4DE2-8825-DACFF07A2A6D}" = lport=445 | protocol=6 | dir=in | app=system | 
"{18B97F52-1335-40E2-AE33-11487F4F8E4F}" = lport=49158 | protocol=6 | dir=in | name=akamai netsession interface | 
"{1A7F6D48-0584-46BF-A8BE-72A85E2FFAD9}" = lport=6929 | protocol=6 | dir=in | name=league of legends launcher | 
"{1ACC8B81-4A32-4952-B23E-3B83139AA64F}" = lport=138 | protocol=17 | dir=in | app=system | 
"{1BF75FE5-12DF-438D-BBF6-54778A514815}" = lport=6954 | protocol=6 | dir=in | name=league of legends launcher | 
"{20000877-69F7-4346-B4CE-B9E1BB47C55E}" = rport=138 | protocol=17 | dir=out | app=system | 
"{209E8F42-041B-4D3D-8C5A-CEDD33B4595F}" = lport=6118 | protocol=6 | dir=in | name=port für wc3 7 | 
"{2421AD02-7B76-4997-AC99-2159E4367F33}" = lport=6899 | protocol=6 | dir=in | name=league of legends launcher | 
"{2677158A-5F0E-4049-969B-0CF2018C79DB}" = rport=445 | protocol=6 | dir=out | app=system | 
"{287A1E19-03F0-43DF-A6CF-DAA30EBA18FF}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{3E872842-114A-4FFA-BA51-49FB903CFE66}" = lport=6969 | protocol=17 | dir=in | name=league of legends launcher | 
"{3FD0B431-FA3C-48C4-97FD-5484C4111559}" = rport=137 | protocol=17 | dir=out | app=system | 
"{41438F11-4EDA-430B-908C-487E3173BC3D}" = lport=6969 | protocol=6 | dir=in | name=league of legends launcher | 
"{4296BA34-7B52-468C-87A9-CB09D3DDFF8E}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{46274583-14EE-473D-B418-58985EA04505}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{4F52BCE1-57C3-404F-9BC0-56B524A47170}" = lport=6946 | protocol=6 | dir=in | name=league of legends launcher | 
"{549A43E8-65D1-4FC8-85A8-26D048D78B73}" = lport=6114 | protocol=6 | dir=in | name=port für wc3 3 | 
"{5511A0C5-3BAE-4D80-A742-4066FA58E15C}" = lport=6929 | protocol=17 | dir=in | name=league of legends launcher | 
"{5A5CACB9-A9DC-4CA0-8C73-6ADEB81F3B58}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{5B5FCCE0-E91A-497D-9C94-F52C751A7E6F}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher | 
"{5F6A27E9-1591-4CB5-AB4D-7BCECA8D6C0F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{661E2D12-2A7F-4889-B741-ED6389613B8D}" = lport=6117 | protocol=17 | dir=in | name=port für wc3 14 | 
"{6F8A2714-4A9B-4729-B50B-A2934E1C898C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{70C558A4-6BC2-4AEE-ABD2-6A0B81122BC9}" = lport=6117 | protocol=6 | dir=in | name=port für wc3 6 | 
"{804049D4-DED0-4E95-8661-51F0CE41A775}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher | 
"{881AAAA4-EBB1-4183-B295-9D2E457F2B0E}" = lport=6899 | protocol=17 | dir=in | name=league of legends launcher | 
"{8ABCC9E7-012C-4381-8D14-3116CB64C1A6}" = lport=6928 | protocol=6 | dir=in | name=league of legends launcher | 
"{98F463DC-7C8B-4357-A8FF-9444366A4912}" = lport=6928 | protocol=17 | dir=in | name=league of legends launcher | 
"{99011A95-FB0A-462B-A741-034B9683A4AF}" = lport=6946 | protocol=17 | dir=in | name=league of legends launcher | 
"{A4797194-62FA-460F-90FB-27EDD0F84325}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 
"{B2D96143-E997-416D-AE4C-06693535069C}" = lport=6119 | protocol=6 | dir=in | name=port für wc3 8 | 
"{B626E769-C837-4CA9-9239-A5363142D2C2}" = lport=6935 | protocol=17 | dir=in | name=league of legends launcher | 
"{B90197B0-98B8-4132-BB41-BF493DD0CD59}" = lport=139 | protocol=6 | dir=in | app=system | 
"{BA0360A0-B45E-409D-8A58-22A0DA3FE876}" = lport=6112 | protocol=6 | dir=in | name=port für wc3 | 
"{BC28846F-2E76-4E38-B531-2A48DAAF9D12}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{C0DF6874-69A7-49E3-93F3-584497F24458}" = lport=6935 | protocol=6 | dir=in | name=league of legends launcher | 
"{C47442F4-0A62-4ACE-A02B-065C838E242E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C644570E-17B8-4601-A65F-E80EE9425ABE}" = lport=137 | protocol=17 | dir=in | app=system | 
"{C83D8097-685D-4BDC-9107-3E74EC938033}" = lport=6116 | protocol=6 | dir=in | name=port für wc3 5 | 
"{CB055B5F-DB50-4749-997F-627EA208CB56}" = lport=6118 | protocol=17 | dir=in | name=port für wc3 15 | 
"{CB92A1AD-FC46-4107-9BE5-3967D14B1142}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{CC947BA1-83DA-4672-8564-4F28F009A101}" = lport=6112 | protocol=17 | dir=in | name=port für wc3 9 | 
"{CF46FF53-2E8A-4155-859D-C95E457840B8}" = lport=6954 | protocol=17 | dir=in | name=league of legends launcher | 
"{D28882E0-7F1C-4E0E-8062-10E073D4C4DB}" = lport=6119 | protocol=17 | dir=in | name=port für wc3 16 | 
"{E0F18376-F1E7-4603-81C9-6688EDF26ACA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{E33E0E9A-EE74-40AF-B60F-147B1B36D79C}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{E912E8C0-725B-4AAE-89C4-D664C62E8944}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{EA270AE5-F905-4F22-97FC-21D0DAF7EDDE}" = lport=6115 | protocol=6 | dir=in | name=port für wc3 4 | 
"{EE241F81-CFC9-456B-93FF-82FE714566A2}" = lport=6116 | protocol=17 | dir=in | name=port für wc3 13 | 
"{EF52E82A-5FCF-47FD-A087-B5C2707494CB}" = lport=6115 | protocol=17 | dir=in | name=port für wc3 12 | 
"{F6F8B718-BD7D-406E-9FB4-1A092BAB40DA}" = lport=80 | protocol=17 | dir=in | name=multiclicker udp | 
"{FC0AEC55-BED7-4381-B956-96A224A80686}" = rport=139 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07CFB254-E900-4211-B980-59823D8F81CE}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{101655F5-0BC3-418A-94D2-C5FD25816A77}" = protocol=6 | dir=in | app=c:\users\jamil\appdata\local\temp\ijjioptimizer.exe | 
"{10D6A773-6AAC-466A-90F3-0C99806F34DE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{1477F413-A50E-49AF-BD42-76F088881C51}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{1EDA0504-9963-46B3-9576-508641C62655}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{291D306C-48AA-4223-B4A4-5D53D8E45FDD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{341751B9-1C02-4222-9102-9B45B71F1CCA}" = protocol=17 | dir=in | app=c:\program files\league of legends\game\league of legends.exe | 
"{35A3779F-1D36-4A27-B8DA-0771AF95C0DF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{4949C24B-DAE2-4D2D-994A-05A47CA85942}" = protocol=6 | dir=in | app=c:\program files\league of legends\game\league of legends.exe | 
"{56365955-CFB4-4364-A810-D9C431226295}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"{602AE41F-9658-48C1-902A-66EC8611CABB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{66FB2A51-6564-406A-91FA-923650445B91}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe | 
"{6779FCAE-5815-46CF-89C3-D6A107FAA6AC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{6842BFE3-A552-421A-9816-D3ADA8CE489B}" = protocol=17 | dir=in | app=c:\program files\league of legends\air\lolclient.exe | 
"{6C708175-E552-40D1-A8A6-13CFD9899760}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{84191DD0-70A3-456E-8BEF-3FD902C6F12F}" = protocol=6 | dir=in | app=f:\bux.to\multiclicker2_2.2.1\multiclicker2-win.exe | 
"{8861174F-D897-4C12-A1AA-1927AF30704B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{9F6F551D-9172-4A34-B1BA-6AADBD7A739B}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{A86BEEFA-7850-4910-BFEC-24045401AE13}" = protocol=6 | dir=in | app=c:\program files\warcraft iii\frozen throne.exe | 
"{A9F715BD-30ED-4E17-B458-FFC396D14538}" = protocol=17 | dir=in | app=c:\users\jamil\appdata\local\temp\ijjioptimizer.exe | 
"{B32F37D4-96B3-440A-B6B5-D83931DC672D}" = protocol=6 | dir=in | app=c:\program files\league of legends\air\lolclient.exe | 
"{BFBB8943-7FE0-402A-B9E8-232A83313254}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{C427023B-6E66-4F90-ABC7-3CC50E7096EE}" = protocol=17 | dir=in | app=c:\program files\warcraft iii\frozen throne.exe | 
"{D1C8073F-BA3B-40C8-BEB6-31EBD5E03AAB}" = protocol=17 | dir=in | app=c:\program files\pfportchecker\pfportchecker.exe | 
"{DBE44E05-DB51-41B3-BB47-2B17D5155C9B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{DF214890-B7E0-47D7-86DF-9B44016F94B2}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe | 
"{E008381C-1F5E-4656-956C-8CA18BF8700B}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"{E75CBF35-506F-418D-825D-14AC26E40972}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe | 
"{EBD2B5A2-1932-4D86-B245-ED247ACC00DD}" = protocol=17 | dir=in | app=f:\bux.to\multiclicker2_2.2.1\multiclicker2-win.exe | 
"{EBEC1D42-E7EC-4096-9DDF-3C84323392DA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{F10BF96B-B5A8-46BA-96BA-0060ABC4E762}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F7AEFE4E-DC07-43E8-88DD-D2C382CF1C57}" = protocol=6 | dir=in | app=c:\program files\pfportchecker\pfportchecker.exe | 
"{FC879E76-5E8E-4BA3-9774-4B86EE8DBEF5}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{FFE802C9-B147-4651-9BE1-5B48A6CDC045}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"TCP Query User{006A811B-7F2F-4D2E-8DAA-4602496507EE}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe | 
"TCP Query User{01CE9D1B-3FC8-4B15-A241-3C0CCC2FF19D}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe | 
"TCP Query User{3A810276-DF71-4489-AC2D-28F6A0705AFA}C:\users\jamil\desktop\programme\poison ivy\poison ivy 2.3.2.exe" = protocol=6 | dir=in | app=c:\users\jamil\desktop\programme\poison ivy\poison ivy 2.3.2.exe | 
"TCP Query User{3E684051-2ABB-45CF-8C2F-8840B11D799A}C:\users\jamil\desktop\xampp-win32-1.7.2\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\users\jamil\desktop\xampp-win32-1.7.2\xampp\mysql\bin\mysqld.exe | 
"TCP Query User{458FA33E-DC02-4442-B9DE-BF750D2630EA}C:\program files\die gilde 2 - gold edition\guildii.exe" = protocol=6 | dir=in | app=c:\program files\die gilde 2 - gold edition\guildii.exe | 
"TCP Query User{686ECA9F-3AD5-4368-867A-ABCE773FB304}C:\program files\ijji\ijji reactor\reactor.exe" = protocol=6 | dir=in | app=c:\program files\ijji\ijji reactor\reactor.exe | 
"TCP Query User{6D841A8C-DD92-4308-867B-3154138907DA}C:\users\jamil\desktop\xampp-win32-1.7.2\xampp\filezillaftp\filezilla server.exe" = protocol=6 | dir=in | app=c:\users\jamil\desktop\xampp-win32-1.7.2\xampp\filezillaftp\filezilla server.exe | 
"TCP Query User{951B93C9-0C24-4763-8FBF-1DB4712C2223}C:\users\jamil\desktop\bowman installation\bowman\hl.exe" = protocol=6 | dir=in | app=c:\users\jamil\desktop\bowman installation\bowman\hl.exe | 
"TCP Query User{96C6750C-8C80-431E-B271-6D8E1B6778B8}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | 
"TCP Query User{99DC41B0-A16C-4DE3-AE2F-85CD8911B332}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{9CDED84D-15BE-4395-AB45-6F6ABBB8BE23}C:\ijji\english\gunz\gunz.exe" = protocol=6 | dir=in | app=c:\ijji\english\gunz\gunz.exe | 
"TCP Query User{B595DE4C-760A-49A0-BEE9-581A95E3576C}C:\users\jamil\desktop\photoshop cs5\bowman\hl.exe" = protocol=6 | dir=in | app=c:\users\jamil\desktop\photoshop cs5\bowman\hl.exe | 
"TCP Query User{B6F0E2BF-9F93-4235-800C-E1459C0852C1}C:\users\jamil\desktop\xampp-win32-1.7.2\xampp\mercurymail\mercury.exe" = protocol=6 | dir=in | app=c:\users\jamil\desktop\xampp-win32-1.7.2\xampp\mercurymail\mercury.exe | 
"TCP Query User{C636FA35-0771-4A79-AA60-158A04B28296}C:\users\jamil\saved games\worms_4_-_mayhem\worms 4 - mayhem\worms 4 mayhem.exe" = protocol=6 | dir=in | app=c:\users\jamil\saved games\worms_4_-_mayhem\worms 4 - mayhem\worms 4 mayhem.exe | 
"TCP Query User{F93B0C37-57C8-4ABA-8120-37758CFD178F}C:\users\jamil\desktop\xampp-win32-1.7.2\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\users\jamil\desktop\xampp-win32-1.7.2\xampp\apache\bin\httpd.exe | 
"TCP Query User{FA928BFA-70B7-4D53-82DF-666A5232272D}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{05F06591-4EFF-4694-8AD4-A13CA11C2B41}C:\users\jamil\desktop\xampp-win32-1.7.2\xampp\mercurymail\mercury.exe" = protocol=17 | dir=in | app=c:\users\jamil\desktop\xampp-win32-1.7.2\xampp\mercurymail\mercury.exe | 
"UDP Query User{163C52A8-55A2-43F7-8A49-8B749DCD5CD1}C:\users\jamil\desktop\xampp-win32-1.7.2\xampp\filezillaftp\filezilla server.exe" = protocol=17 | dir=in | app=c:\users\jamil\desktop\xampp-win32-1.7.2\xampp\filezillaftp\filezilla server.exe | 
"UDP Query User{200FA16E-C5C4-442D-9FAA-DAEB947A824E}C:\users\jamil\desktop\photoshop cs5\bowman\hl.exe" = protocol=17 | dir=in | app=c:\users\jamil\desktop\photoshop cs5\bowman\hl.exe | 
"UDP Query User{247B70A3-D274-43E5-9346-94BF95180816}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | 
"UDP Query User{2C8D019C-78E9-48FB-A199-9FDBEFBE2577}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{3F9F7CD5-DE6A-42FE-AE8D-E47EFB78608F}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe | 
"UDP Query User{56DF6FDA-F45F-4CE8-8F0F-977A1B85BAFB}C:\program files\ijji\ijji reactor\reactor.exe" = protocol=17 | dir=in | app=c:\program files\ijji\ijji reactor\reactor.exe | 
"UDP Query User{6343B1A9-45A0-4A28-88F1-C8659B8FB2AD}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{9E8C1D48-D146-4D37-981D-15B78B1D84AF}C:\users\jamil\desktop\programme\poison ivy\poison ivy 2.3.2.exe" = protocol=17 | dir=in | app=c:\users\jamil\desktop\programme\poison ivy\poison ivy 2.3.2.exe | 
"UDP Query User{A35EB479-8C13-4FE0-890D-452324536F37}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe | 
"UDP Query User{B5A3EE2B-D475-4AA6-9F87-3C9B78C08842}C:\users\jamil\saved games\worms_4_-_mayhem\worms 4 - mayhem\worms 4 mayhem.exe" = protocol=17 | dir=in | app=c:\users\jamil\saved games\worms_4_-_mayhem\worms 4 - mayhem\worms 4 mayhem.exe | 
"UDP Query User{C564B7BE-199B-410A-9F55-48B7A0A45FA5}C:\program files\die gilde 2 - gold edition\guildii.exe" = protocol=17 | dir=in | app=c:\program files\die gilde 2 - gold edition\guildii.exe | 
"UDP Query User{C5756753-E5BF-41F1-8F34-EB0C7D263575}C:\users\jamil\desktop\bowman installation\bowman\hl.exe" = protocol=17 | dir=in | app=c:\users\jamil\desktop\bowman installation\bowman\hl.exe | 
"UDP Query User{DF927837-37AC-4BD8-AFE7-CEB3378887FF}C:\ijji\english\gunz\gunz.exe" = protocol=17 | dir=in | app=c:\ijji\english\gunz\gunz.exe | 
"UDP Query User{E057CE6E-99D1-4681-9288-2F4A80441716}C:\users\jamil\desktop\xampp-win32-1.7.2\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\users\jamil\desktop\xampp-win32-1.7.2\xampp\mysql\bin\mysqld.exe | 
"UDP Query User{E49F5289-2401-439D-82C4-438CBA6D01A5}C:\users\jamil\desktop\xampp-win32-1.7.2\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\users\jamil\desktop\xampp-win32-1.7.2\xampp\apache\bin\httpd.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software  1.12.37.1
"{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}" = imagine digital freedom - Samsung
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{19D26A2C-D822-484F-908F-34EA2FB8852E}" = Shutdown Timer
"{1D2C96C3-A3F3-49E7-B839-95279DED837F}" = Opera 10.60
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 20
"{31CF6C0E-51F0-41D2-B088-A6A143C4303C}" = SweetIM Toolbar for Internet Explorer 3.6
"{3248F0A8-6813-11D6-A77B-00B0D0150120}" = J2SE Runtime Environment 5.0 Update 12
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32A3A4F4-B792-11D6-A78A-00B0D0160140}" = Java(TM) SE Development Kit 6 Update 14
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{33BBE45C-6296-488A-B7D5-37E692E71B3F}" = TortoiseSVN 1.6.5.16974 (32 bit)
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{71A51B09-E7D3-11DB-A386-005056C00008}" = Vimicro UVC Camera
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{738B0934-6676-44F6-AB52-32F4E60DCA7F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7FB12670-0F93-4E1E-B2F5-4F339199A03A}" = Microsoft SQL Server Native Client
"{804F1285-8CBF-408D-8CDC-D4D40003B2E4}" = PlayCamera
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{849A32C3-E75A-4791-9B11-E568BA3525A4}" = Microsoft SQL Server VSS Writer
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8F714418-F3C3-3BF0-B548-E4BDA7AD41DE}" = Microsoft Visual Basic 2008 Express Edition with SP1 - DEU
"{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}" = DIE SIEDLER - Das Erbe der Könige
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = ijji REACTOR
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{9455959E-D588-EFAE-329C-F66CC797F32A}" = Adobe Media Player
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"{9C450606-ED24-4958-92BA-B8940C99D441}" = PixiePack Codec Pack
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BA5F3E0E-8F3E-47BD-88E4-AD3EB5225F51}" = Intel(R) PROSet/Wireless WiFi-Software
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BCB313A5-1AD0-4829-9D6F-EB41C3CFCD4B}" = Phase 5 HTML-Editor
"{C0A5F1FA-C541-486A-A965-6C033F9AAD82}" = Videoraptor
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}" = iTunes
"{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E56D39F8-2A9F-44B4-B068-A72E45A073E6}" = Safari
"{E728E952-DD4F-4BCD-A5C8-40FBFEFF91FE}" = OpenOffice.org Installer 1.0
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1CBC6F7-D82D-4DC5-B81C-9A14F418593A}_is1" = WC3Banlist
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FA440BE8-EC2F-4478-A01A-077DA0606501}" = Microsoft SQL Server Compact 3.5 SP1 (Deutsch)
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Akamai" = Akamai NetSession Interface
"Axife Mouse Recorder DEMO_is1" = Axife Mouse Recorder DEMO 5.01
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"CCleaner" = CCleaner
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"Chicken Invaders 2_is1" = Chicken Invaders 2 v2.40
"CrisisX_0" = CrisisX Client v8.5 
"Die Gilde 2 - Gold Edition" = Die Gilde 2 - Gold Edition
"Finale NotePad 2008" = Finale NotePad 2008
"Flugratten" = Flugratten (remove only)
"GhostMouse 2.0" = GhostMouse 2.0
"Google Chrome" = Google Chrome
"Gunz" = ijji - Gunz
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"Icy Tower v1.4_is1" = Icy Tower v1.4
"InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"League of Legends_is1" = League of Legends
"Local TCP Port Opener_is1" = Local TCP Port Opener 1.1
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Basic 2008 Express Edition with SP1 - DEU" = Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU
"Mozilla Firefox (3.6.4)" = Mozilla Firefox (3.6.4)
"No-IP.com DUC" = No-IP.com DUC (remove only)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Obsidium1.4" = Obsidium Software Protection System
"PFPortChecker" = PFPortChecker 1.0.32
"Polipo" = Polipo 1.0.4.1
"PROHYBRIDR" = 2007 Microsoft Office system
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"TalkAndWrite_is1" = TalkAndWrite
"TmNationsForever_is1" = TmNationsForever
"Tor" = Tor 0.2.1.25
"Trapcode Particular v2" = Trapcode Particular v2
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.8.7
"Vidalia" = Vidalia 0.2.7
"Voozie Maker" = Voozie Maker
"Warcraft III" = Warcraft III
"Window Hide Tool_is1" = Window Hide Tool 2.0
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2819421788-1116645337-2531941000-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"3668825e4f57a7ea" = Local TCP Port Opener
"CreepSmash.com" = CreepSmash.com
"Warcraft III" = Warcraft III: All Products
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.6.0
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 23.08.2010 10:04:46 | Computer Name = James | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 23.08.2010 10:05:17 | Computer Name = James | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 23.08.2010 10:05:25 | Computer Name = James | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 23.08.2010 10:05:38 | Computer Name = James | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 23.08.2010 10:05:47 | Computer Name = James | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 23.08.2010 10:05:56 | Computer Name = James | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 23.08.2010 10:06:24 | Computer Name = James | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 23.08.2010 10:06:41 | Computer Name = James | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 23.08.2010 10:07:06 | Computer Name = James | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 23.08.2010 10:07:21 | Computer Name = James | Source = Windows Search Service | ID = 3013
Description = 
 
[ System Events ]
Error - 07.09.2010 12:55:37 | Computer Name = James | Source = bowser | ID = 8003
Description = 
 
Error - 08.09.2010 08:33:33 | Computer Name = James | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 08.09.2010 08:34:18 | Computer Name = James | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 08.09.2010 12:25:28 | Computer Name = James | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 08.09.2010 12:25:57 | Computer Name = James | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 09.09.2010 10:51:30 | Computer Name = James | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 09.09.2010 10:51:56 | Computer Name = James | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 09.09.2010 10:52:41 | Computer Name = James | Source = bowser | ID = 8003
Description = 
 
Error - 09.09.2010 12:51:49 | Computer Name = James | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 09.09.2010 12:52:18 | Computer Name = James | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
 
< End of report >
--- --- ---
__________________
Alt 09.09.2010, 19:59   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virus der Sich über Skype verschickt - Standard

Virus der Sich über Skype verschickt


Zitat:
ok ich hab den Scan mit Malwarebites gemacht ...
Und wo ist das Log vom Fullscan?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 12.09.2010, 14:38   #5
Lomoko
 
Virus der Sich über Skype verschickt - Standard

Virus der Sich über Skype verschickt


Hier ist das Log vom Fullscan:


Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4555

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

12.09.2010 15:29:54
mbam-log-2010-09-12 (15-29-54).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 420985
Laufzeit: 1 Stunde(n), 41 Minute(n), 1 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)


Alt 12.09.2010, 21:12   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virus der Sich über Skype verschickt - Standard

Virus der Sich über Skype verschickt


Zitat:
Datenbank Version: 4555
Du hast Malwarebytes vorher nicht aktualisiert. Bitte updaten und einen Vollscan machen.
Poste dann das neue Log und auch alle anderen falls es mehrere von Malwarebytes gibt.
__________________
--> Virus der Sich über Skype verschickt

Alt 17.09.2010, 15:22   #7
Lomoko
 
Virus der Sich über Skype verschickt - Standard

Virus der Sich über Skype verschickt


Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4638

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

17.09.2010 16:20:43
mbam-log-2010-09-17 (16-20-43).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 422519
Laufzeit: 1 Stunde(n), 55 Minute(n), 57 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Alt 17.09.2010, 18:02   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virus der Sich über Skype verschickt - Standard

Virus der Sich über Skype verschickt


Hast Du noch mehr Logs von Malwarebytes? Nach jedem Durchgang gibt es ein neues Log!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 19.09.2010, 11:27   #9
Lomoko
 
Virus der Sich über Skype verschickt - Standard

Virus der Sich über Skype verschickt


Wo finde ich denn die Logs ? Ich hab bis jetzt alle Logs gepostet die ich bekommen hab.

Alt 19.09.2010, 17:46   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virus der Sich über Skype verschickt - Standard

Virus der Sich über Skype verschickt


Über das Programm selbst im Reiter Logdateien
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 21.09.2010, 14:12   #11
Lomoko
 
Virus der Sich über Skype verschickt - Standard

Virus der Sich über Skype verschickt


1. Logfile

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4555

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

06.09.2010 19:16:48
mbam-log-2010-09-06 (19-16-48).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 178291
Laufzeit: 6 Minute(n), 4 Sekunde(n)

Infizierte Speicherprozesse: 2
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 6
Infizierte Registrierungswerte: 3
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 7

Infizierte Speicherprozesse:
C:\Users\****\AppData\Local\Temp\Ond.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Users\Public\jusched.exe (Trojan.Downloader) -> Unloaded process successfully.

Infizierte Speichermodule:
C:\Users\****\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\bifrost (Bifrose.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\JDK5SWFMZY (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XBV6RD5SZF (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xbv6rd5szf (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\metropolis (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\java developer script browse (Trojan.Downloader) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
C:\Users\****\AppData\Roaming\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\Users\****\AppData\Local\Temp\Ond.exe (Trojan.Downloader) -> Delete on reboot.
C:\Users\****\AppData\Local\Temp\Onb.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\****\AppData\Roaming\Bifrost\logg.dat (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\Users\****\AppData\Roaming\Bifrost\youCantsee.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\Users\****\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
C:\Users\Public\jusched.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

Alt 21.09.2010, 14:14   #12
Lomoko
 
Virus der Sich über Skype verschickt - Standard

Virus der Sich über Skype verschickt


2. Logfile

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4555

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

07.09.2010 15:19:36
mbam-log-2010-09-07 (15-19-36).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 177708
Laufzeit: 9 Minute(n), 6 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Alt 21.09.2010, 14:14   #13
Lomoko
 
Virus der Sich über Skype verschickt - Standard

Virus der Sich über Skype verschickt


3. Logfile

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4555

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

09.09.2010 18:50:06
mbam-log-2010-09-09 (18-50-06).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 420667
Laufzeit: 1 Stunde(n), 55 Minute(n), 59 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\****\Desktop\Schule\Phäaken\Latein\Gta San Andreas\trainer.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

Alt 21.09.2010, 14:15   #14
Lomoko
 
Virus der Sich über Skype verschickt - Standard

Virus der Sich über Skype verschickt


4. Logfile

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4555

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

12.09.2010 15:29:54
mbam-log-2010-09-12 (15-29-54).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 420985
Laufzeit: 1 Stunde(n), 41 Minute(n), 1 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Alt 21.09.2010, 14:15   #15
Lomoko
 
Virus der Sich über Skype verschickt - Standard

Virus der Sich über Skype verschickt


5. Logfile

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4607

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

13.09.2010 20:15:31
mbam-log-2010-09-13 (20-15-31).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 215192
Laufzeit: 1 Stunde(n), 35 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Antwort
Seite 1 von 2 1 2

Themen zu Virus der Sich über Skype verschickt
adobe, bho, defender, desktop, downloadlink, explorer, google, hijack, hijackthis, icq, internet, internet explorer, logfile, microsoft, object, opera, pdf, plug-in, programdata, registry, scan, senden, software, sweetim, system, virus, virus facebook skype, vista, windows, wmp


« Hijackthis Logfile auswerten | Gelber Smylie auf dem Desktop Firewall blockiert *.exe »


Ähnliche Themen: Virus der Sich über Skype verschickt


  1. Skype verschickt automatisch Links an alle meine Kontakte
    Plagegeister aller Art und deren Bekämpfung - 14.10.2015 (12)
  2. Links über Skype und Mails werden verschickt - aber nicht von mir
    Log-Analyse und Auswertung - 14.09.2015 (10)
  3. Skype verschickt Nachrichten mit Links an meine Kontakte
    Plagegeister aller Art und deren Bekämpfung - 03.09.2015 (3)
  4. Skype Verschickt automatisch Links an Kontakte (wahrscheinlich Trojaner)
    Plagegeister aller Art und deren Bekämpfung - 31.08.2015 (10)
  5. Windows 8.1/N900: Skype verschickt mit meinem Account "Hi! goo.gl/*"
    Plagegeister aller Art und deren Bekämpfung - 10.07.2015 (15)
  6. Skype verschickt komische Nachrichten-{hi}Benutzername!{mess}{links}usw.
    Smartphone, Tablet & Handy Security - 08.07.2015 (2)
  7. Skype über VPN im Ausland, speziell in Shanghai, China
    Netzwerk und Hardware - 10.10.2013 (2)
  8. virus/trojaner über skype eingefangen "sie ist auf diesem foto?"
    Log-Analyse und Auswertung - 24.04.2013 (22)
  9. virus/trojaner über skype eingefangen "sie ist auf diesem foto?"
    Plagegeister aller Art und deren Bekämpfung - 23.04.2013 (21)
  10. 3x | habe mir virus/trojaner über skype eingefangen "sie ist auf diesem foto?"
    Mülltonne - 23.04.2013 (1)
  11. 2x | virus/trojaner über skype eingefangen "sie ist auf diesem foto?"
    Mülltonne - 23.04.2013 (1)
  12. TR/Crypt.ZPACK.Gen2 Virus in Program Files (x86)/Skype/Phone/Skype.exe
    Plagegeister aller Art und deren Bekämpfung - 10.03.2013 (1)
  13. Spam über GMX Konto verschickt
    Überwachung, Datenschutz und Spam - 01.01.2013 (5)
  14. Facebook Virus über skype bekommen
    Log-Analyse und Auswertung - 07.09.2010 (0)
  15. Virus der sich über skype verschickt! h**p://facebook.twitterbizzer.com/photo_id.php
    Log-Analyse und Auswertung - 26.08.2010 (17)
  16. Virus(?) verschickt sich selbst übers ICQ
    Log-Analyse und Auswertung - 17.04.2010 (4)
  17. Backdoor Virus öffnet selbst seiten im IE, und verschickt sich selbst über MSN
    Log-Analyse und Auswertung - 22.07.2009 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Virus der Sich über Skype verschickt - Hallo Ich habe von meinem Freund vor 2 Tagen einen Link über Skype geschickt bekommen. Die Nachricht sah ca. so aus: "Foto :P w*w.facebook..." .Leider war das ein Downloadlink für - Virus der Sich über Skype verschickt...
Archiv
Du betrachtest: Virus der Sich über Skype verschickt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55