| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: 100 Tan TrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
28.09.2010, 15:27
| #1 |
 |  100 Tan Trojaner Hallo! Ich habe mich hier angemeldet, da ich dringend Hilfe benötige. Ich habe mir den sogenannten 100-Tan Trojaner eingefangen. Beschreibung hier: hxxp://www.datensicherheit.de/aktuelles/100-tan-trojaner-bedroht-online-banking-10815 Genau so ist es bei mir, nach dem einloggen in mein Deutsche-Bank Konto, öffnet sich das Fenster welches mich zur Eingabe all meiner Tans auffordert. Das zudem in schlechtem Deutsch. Schließen lässt sich das Fenster nicht, es hilft nur das Browserfenster ganz zu schließen. Natürlich habe ich sofort meine Bank angerufen und Tanliste und Pin sperren lassen. Aber jetzt muss ich den Trojaner ja wieder loswerden. Ich habe Windows Vista installiert (und immer aktualisiert) und benutze den McAfee Virusscanner, auch auf dem aktuellsten Stand. Zudem habe ich Spybot S&D drüberlaufen lassen, der hat auch ein bisschen was gefunden und gelöscht, das Problem besteht aber weiterhin. Dummerweise habe ich nicht viel Ahnung von Computern, also ich bin eine reine Nutzerin, kann auch ein bisschen Html, aber was wirklich drinsteckt, keine Ahnung! Und wie ich den Trojaner loswerden kann, weiß ich noch weniger, ich habe schon rumgefragt und wie eine Irre gegoogelt, aber außer der Warnung nichts gefunden. Dabei ist die schon vom März, da müsste es doch mittlerweile ein "Gegenmittel" geben, oder? Ich habe OTL drüber laufen lassen und diese Meldung bekommen:OTL Logfile: Code:
ATTFilter OTL logfile created on: 27.09.2010 22:35:39 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Alex\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 40,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289,59 Gb Total Space | 62,48 Gb Free Space | 21,57% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 7,80 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 931,28 Gb Total Space | 407,51 Gb Free Space | 43,76% Space Free | Partition Type: FAT32
Computer Name: ALEX-PC
Current User Name: Alex
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 60 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\Alex\Downloads\OTL(2).exe (OldTimer Tools)
PRC - C:\Users\Alex\Downloads\stinger10101056.exe ()
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe (Hewlett-Packard Company)
========== Modules (SafeList) ==========
MOD - C:\Users\Alex\Downloads\OTL(2).exe (OldTimer Tools)
MOD - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (DAUpdaterSvc) -- C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe File not found
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (avg8emc) -- C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg8wd) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (OMSI download service) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (AntiVirScheduler) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP1\WNt500x86\Sandra.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (cpuz132) -- C:\Users\Alex\AppData\Local\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (AvgLdx86) -- C:\Windows\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\Windows\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (AvgTdiX) -- C:\Windows\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH)
DRV - (s1018mdm) -- C:\Windows\System32\drivers\s1018mdm.sys (MCCI Corporation)
DRV - (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) -- C:\Windows\System32\drivers\s1018unic.sys (MCCI Corporation)
DRV - (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s1018mgmt.sys (MCCI Corporation)
DRV - (s1018obex) -- C:\Windows\System32\drivers\s1018obex.sys (MCCI Corporation)
DRV - (s1018bus) Sony Ericsson Device 1018 driver (WDM) -- C:\Windows\System32\drivers\s1018bus.sys (MCCI Corporation)
DRV - (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) -- C:\Windows\System32\drivers\s1018nd5.sys (MCCI Corporation)
DRV - (s1018mdfl) -- C:\Windows\System32\drivers\s1018mdfl.sys (MCCI Corporation)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (WSVD) -- C:\Windows\System32\drivers\WSVD.sys (CyberLink)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (AVIRA GmbH)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.lge.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.lge.com
IE - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.daemon-search.com/startpage
IE - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429
FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.19.1
FF - prefs.js..extensions.enabledItems: {a3b24d40-bac4-11dc-95ff-0800200c9a66}:0.2.2
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009.12.29 13:28:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.01 11:53:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.14 21:36:48 | 000,000,000 | ---D | M]
[2009.03.19 00:11:14 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\mozilla\Extensions
[2010.09.26 15:02:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\5jzetttv.default\extensions
[2009.09.13 12:40:47 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\5jzetttv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.06.09 02:29:01 | 000,000,000 | ---D | M] (jDownFF) -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\5jzetttv.default\extensions\{a3b24d40-bac4-11dc-95ff-0800200c9a66}
[2010.05.19 22:56:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\5jzetttv.default\extensions\foxyproxy@eric.h.jung
[2009.05.11 20:51:32 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.12.21 19:30:30 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2009.12.21 19:30:30 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2009.12.21 19:30:30 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2009.12.21 19:30:30 | 000,000,986 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2009.12.21 19:30:30 | 000,000,801 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.08.01 13:50:44 | 000,000,964 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found
O3 - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HPWUTOOLBOX] C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LG Intelligent Update] C:\Program Files\lg_swupdate\giljabistart.exe (BIT LEADER)
O4 - HKLM..\Run: [LG Magnifier] C:\Program Files\LG Software\LG Magnifier\MagnifyingGlass.exe (LG Electronics Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000..\Run: [{5922F140-477B-367C-3581-9E8A4E0E9892}] C:\Users\Alex\AppData\Roaming\Moqaud\gidux.exe File not found
O4 - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O7 - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://dl8-cdn-01.sun.com/s/ESD7/JSCDL/jdk/6u12-b04/jinstall-6u12-windows-i586-jc.cab?e=1237055674647&h=49e6986c88dad41bf802c875eb09ed66/&filename=jinstall-6u12-windows-i586-jc.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL File not found
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Alex\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Alex\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.11.21 08:38:08 | 000,000,144 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2002.10.17 09:56:50 | 000,000,036 | RH-- | M] () - I:\AUTORUN.INF -- [ FAT32 ]
O32 - AutoRun File - [2003.03.21 12:00:56 | 000,000,000 | RH-D | M] - I:\AUTORUN -- [ FAT32 ]
O33 - MountPoints2\{35eaa569-d00e-11dd-9650-001e68a5a781}\Shell\AutoRun\command - "" = E:\FrameworkCheck.exe -- [2008.12.01 10:05:40 | 000,049,152 | R--- | M] ()
O33 - MountPoints2\{536a2a80-4d0f-11de-910e-001e68a5a781}\Shell\AutoRun\command - "" = setup.exe
O33 - MountPoints2\{87d71230-f703-11de-97bd-001e68a5a781}\Shell - "" = AutoRun
O33 - MountPoints2\{87d71230-f703-11de-97bd-001e68a5a781}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O33 - MountPoints2\{e18773f1-1303-11df-9f8a-000df0563adb}\Shell - "" = AutoRun
O33 - MountPoints2\{e18773f1-1303-11df-9f8a-000df0563adb}\Shell\AutoRun\command - "" = H:\Startme.exe -- File not found
O33 - MountPoints2\{f8622e54-9fb6-11df-b71c-000df0563adb}\Shell - "" = AutoRun
O33 - MountPoints2\{f8622e54-9fb6-11df-b71c-000df0563adb}\Shell\AutoRun\command - "" = H:\Setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: HP Update 4200C - hkey= - key= - C:\sj655\hpupdate.exe File not found
MsConfig - StartUpReg: ICQ - hkey= - key= - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - F:\Programme\I-Tunes\iTunesHelper.exe File not found
MsConfig - StartUpReg: KeybdUtility - hkey= - key= - C:\Program Files\LG Software\LG OSD\HotKey.exe (LG Electronics)
MsConfig - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: Sony Ericsson PC Suite - hkey= - key= - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe ()
MsConfig - State: "startup" - 2
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.voxacm160 - C:\Windows\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv32 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation)
Drivers32: VIDC.MKVC - C:\Windows\System32\KMVIDC32.DLL ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 60 Days ==========
[2010.09.23 22:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\Codemasters
[2010.09.23 22:29:53 | 000,000,000 | ---D | C] -- C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP
[2010.09.23 20:41:39 | 000,000,000 | ---D | C] -- C:\ProgramData\2DBoy
[2010.09.23 20:40:12 | 000,000,000 | ---D | C] -- C:\Program Files\WorldOfGoo
[2010.09.22 18:49:20 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\NinjaBlade
[2010.09.22 18:26:01 | 000,000,000 | ---D | C] -- C:\Program Files\ND Games
[2010.09.21 17:55:33 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Yrbevy
[2010.09.21 17:55:33 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Moqaud
[2010.09.19 18:55:29 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\Neuer Ordner (2)
[2010.09.15 16:01:15 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\Neuer Ordner
[2010.09.15 11:36:17 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2010.09.12 21:41:04 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\LucasArts
[2010.09.12 12:31:59 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\storage
[2010.09.12 12:08:01 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2010.09.12 12:08:01 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2010.09.12 12:08:00 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2010.09.12 12:08:00 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2010.09.04 23:45:53 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010.09.04 00:23:25 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Games for Windows - LIVE Demos
[2010.09.03 22:12:12 | 000,000,000 | ---D | C] -- C:\Program Files\Warhammer 40000 Dawn of War II - Chaos Rising
[2010.09.01 18:19:27 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Meine Spiele
[2010.09.01 17:54:35 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010.09.01 17:54:35 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010.09.01 17:54:33 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010.09.01 00:09:08 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010.09.01 00:00:18 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\2K Games
[2010.08.31 21:19:30 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Red Alert 3
[2010.08.31 19:44:47 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Red Alert 3
[2010.08.28 01:03:13 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\SpieleEntwicklungsKombinat
[2010.08.28 00:52:28 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\SpieleEntwicklungsKombinat
[2010.08.28 00:52:23 | 000,000,000 | ---D | C] -- C:\ProgramData\SpieleEntwicklungsKombinat
[2010.08.26 18:21:06 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Ironclad Games
[2010.08.26 16:42:47 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Stardock
[2010.08.26 16:41:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\{6C72D0C5-6D41-4646-A187-62A044E7F55E}
[2010.08.26 16:40:56 | 000,000,000 | ---D | C] -- C:\Program Files\Stardock
[2010.08.26 16:40:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Stardock
[2010.08.26 16:23:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\{6CB64CD5-C014-45A7-88E2-55D8C0DB6489}
[2010.08.26 16:23:48 | 000,000,000 | ---D | C] -- C:\Programme
[2010.08.26 16:23:28 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\PackageAware
[2010.08.24 23:23:51 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\AliensVsPredator
[2010.08.17 18:52:14 | 000,000,000 | ---D | C] -- C:\Games
[2010.08.15 12:23:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010.08.13 14:10:01 | 000,000,000 | ---D | C] -- C:\Program Files\hp deskjet 940c series
[2010.08.13 14:09:49 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2010.08.13 13:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2010.08.12 00:14:10 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010.08.12 00:14:05 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010.08.12 00:14:03 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.08.12 00:14:03 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010.08.12 00:14:02 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.08.12 00:14:02 | 000,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.08.12 00:14:02 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.08.12 00:14:02 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.08.12 00:14:02 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.08.12 00:14:02 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010.08.12 00:14:02 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.08.12 00:13:51 | 003,598,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.08.12 00:13:50 | 003,545,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.08.12 00:13:46 | 002,036,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.08.12 00:13:44 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010.08.06 14:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010.08.04 15:30:11 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Components
[2010.08.04 15:29:43 | 000,348,160 | ---- | C] (eJay AG) -- C:\Windows\System32\eJ_UniDialog.ocx
[2010.08.04 15:29:43 | 000,286,720 | ---- | C] (Ejay AG) -- C:\Windows\System32\EjWaveEditorCtrl.ocx
[2010.08.04 15:29:43 | 000,100,864 | ---- | C] (zwei) -- C:\Windows\System32\eJ_Explorer.ocx
[2010.08.04 15:29:43 | 000,077,824 | ---- | C] (eJay Entertainment GmbH) -- C:\Windows\System32\eJ_Enumerator.dll
[2010.08.04 15:29:42 | 000,236,032 | ---- | C] (Abysmal Software) -- C:\Windows\System32\devil.dll
[2010.08.04 15:29:42 | 000,159,744 | ---- | C] (Dart Communications) -- C:\Windows\System32\DartSock.dll
[2010.08.04 15:29:42 | 000,106,496 | ---- | C] (Dart Communications) -- C:\Windows\System32\DartWeb.dll
[2010.08.04 15:29:41 | 000,036,864 | ---- | C] (eJay) -- C:\Windows\System32\eJayWMExport.dll
[2010.08.04 15:29:35 | 000,000,000 | ---D | C] -- C:\eJay
[2010.08.04 15:29:19 | 000,097,280 | ---- | C] (Common Controls Replacement Project (CCRP)) -- C:\Windows\System32\ccrpbds5.dll
[2010.08.01 13:44:04 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Ubisoft
[2010.08.01 13:44:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2010.02.06 23:15:49 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe4E89.dll
[8 C:\Users\Alex\Desktop\*.tmp files -> C:\Users\Alex\Desktop\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 60 Days ==========
[2010.09.27 22:32:59 | 003,670,016 | -HS- | M] () -- C:\Users\Alex\NTUSER.DAT
[2010.09.27 21:57:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.27 21:11:23 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.27 21:11:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.27 21:08:59 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.27 18:45:10 | 065,362,881 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010.09.27 18:21:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.09.26 17:41:20 | 000,054,932 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.09.26 17:41:20 | 000,054,932 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.09.26 17:41:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.25 16:41:59 | 000,247,808 | ---- | M] () -- C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.25 00:01:15 | 000,002,033 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.09.24 00:07:17 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Play Rise of the Argonauts.lnk
[2010.09.22 22:24:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.22 22:23:25 | 3218,288,640 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.16 04:30:45 | 000,524,288 | -HS- | M] () -- C:\Users\Alex\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.09.16 04:30:45 | 000,065,536 | -HS- | M] () -- C:\Users\Alex\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.09.16 04:13:23 | 000,000,836 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.09.16 04:09:43 | 003,574,303 | -H-- | M] () -- C:\Users\Alex\AppData\Local\IconCache.db
[2010.09.15 16:18:12 | 000,176,230 | ---- | M] () -- C:\Users\Alex\Desktop\iphone3gs_3up.jpg
[2010.09.15 15:00:06 | 002,298,344 | ---- | M] () -- C:\Users\Alex\Desktop\DSC00675.JPG
[2010.09.06 18:02:24 | 001,445,310 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.09.06 18:02:24 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.09.06 18:02:24 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.09.06 18:02:24 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.09.06 18:02:24 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.09.04 23:45:56 | 000,000,712 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010.08.26 14:34:41 | 000,234,381 | ---- | M] () -- C:\Users\Alex\Desktop\Unbenannt.jpg
[2010.08.13 14:25:34 | 000,003,854 | ---- | M] () -- C:\Windows\wsnk.his
[2010.08.13 14:25:34 | 000,001,016 | ---- | M] () -- C:\Windows\wsnk.ini
[2010.08.12 12:44:29 | 000,550,912 | ---- | M] () -- C:\Users\Alex\Documents\Dok1.doc
[2010.08.12 12:37:52 | 000,006,512 | ---- | M] () -- C:\Users\Alex\.recently-used.xbel
[2010.08.12 03:32:30 | 000,420,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.08.04 21:37:52 | 000,496,458 | ---- | M] () -- C:\Windows\t_eJay4.inf
[2010.08.04 15:32:19 | 000,001,481 | ---- | M] () -- C:\Users\Alex\Desktop\Techno eJay 4.lnk
[8 C:\Users\Alex\Desktop\*.tmp files -> C:\Users\Alex\Desktop\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.09.25 00:01:15 | 000,002,033 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.09.24 00:07:17 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Play Rise of the Argonauts.lnk
[2010.09.15 16:18:04 | 000,176,230 | ---- | C] () -- C:\Users\Alex\Desktop\iphone3gs_3up.jpg
[2010.09.15 16:02:09 | 002,298,344 | ---- | C] () -- C:\Users\Alex\Desktop\DSC00675.JPG
[2010.09.05 21:22:01 | 402,297,213 | ---- | C] () -- C:\Users\Alex\Desktop\sighthd-bodyoflies-720p.mkv
[2010.09.04 23:45:56 | 000,000,712 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010.08.26 14:34:38 | 000,234,381 | ---- | C] () -- C:\Users\Alex\Desktop\Unbenannt.jpg
[2010.08.13 14:23:20 | 000,003,854 | ---- | C] () -- C:\Windows\wsnk.his
[2010.08.13 14:23:20 | 000,001,016 | ---- | C] () -- C:\Windows\wsnk.ini
[2010.08.12 12:44:29 | 000,550,912 | ---- | C] () -- C:\Users\Alex\Documents\Dok1.doc
[2010.08.12 12:37:52 | 000,006,512 | ---- | C] () -- C:\Users\Alex\.recently-used.xbel
[2010.08.04 21:37:52 | 000,496,458 | ---- | C] () -- C:\Windows\t_eJay4.inf
[2010.08.04 15:32:19 | 000,001,481 | ---- | C] () -- C:\Users\Alex\Desktop\Techno eJay 4.lnk
[2010.08.04 15:29:42 | 000,029,696 | ---- | C] () -- C:\Windows\System32\pthread.dll
[2010.08.04 15:29:41 | 000,057,344 | ---- | C] () -- C:\Windows\System32\eJayxQuell.ax
[2010.08.04 15:29:41 | 000,045,056 | ---- | C] () -- C:\Windows\System32\eJayxWaveDest.ax
[2010.05.28 19:33:38 | 000,196,096 | ---- | C] () -- C:\Program Files\b1guninst100.exe
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.03.01 15:47:27 | 000,000,871 | ---- | C] () -- C:\Windows\disney.ini
[2010.02.15 00:18:03 | 000,047,104 | ---- | C] () -- C:\Windows\System32\KMVIDC32.DLL
[2010.01.04 17:08:59 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2009.11.16 23:19:42 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009.06.10 01:14:58 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009.06.10 01:14:57 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009.05.27 23:30:49 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009.05.27 23:30:49 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009.05.27 23:30:49 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009.05.13 18:27:45 | 000,054,932 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.05.13 18:27:40 | 000,054,932 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.05.12 21:58:48 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.01.21 20:45:31 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.01.19 19:20:29 | 000,306,688 | ---- | C] () -- C:\Windows\System32\Lffpx7.dll
[2009.01.19 19:20:29 | 000,095,232 | ---- | C] () -- C:\Windows\System32\Lfkodak.dll
[2009.01.19 19:19:03 | 000,015,047 | ---- | C] () -- C:\Windows\HPSETUP.INI
[2008.12.28 00:47:39 | 000,247,808 | ---- | C] () -- C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.23 23:03:36 | 000,022,328 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\PnkBstrK.sys
[2008.12.22 13:07:33 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2008.12.22 11:42:59 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008.06.24 02:04:30 | 000,000,946 | ---- | C] () -- C:\Windows\lgcenter.ini
[2008.06.24 01:33:11 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.06.24 01:23:59 | 000,000,212 | ---- | C] () -- C:\Windows\lgps.ini
[2007.10.02 22:58:12 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2001.11.14 22:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
========== LOP Check ==========
[2008.12.21 00:15:37 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BITS
[2010.03.29 00:23:16 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BoneTown
[2008.12.22 11:56:29 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools
[2009.01.11 17:57:25 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools Lite
[2009.06.08 22:34:21 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools Pro
[2009.01.11 14:12:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Engelmann Media
[2009.03.23 17:13:46 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\fretsonfire
[2010.08.12 12:37:52 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\gtk-2.0
[2010.09.17 17:12:03 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ICQ
[2009.04.10 11:30:10 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\IrfanView
[2010.07.17 14:48:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Listing Factory 2009
[2010.09.12 21:41:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\LucasArts
[2009.11.16 23:22:41 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\MAGIX
[2009.05.06 18:02:23 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
[2009.05.01 12:14:35 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2010.09.26 19:57:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Moqaud
[2010.08.31 21:18:35 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Red Alert 3
[2010.02.06 23:18:27 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Sony
[2010.02.06 23:10:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Sony Setup
[2010.08.28 00:57:32 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SpieleEntwicklungsKombinat
[2010.07.30 11:58:02 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SPORE
[2008.12.21 02:10:12 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SporeCreatureCreator
[2010.08.26 16:42:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Stardock
[2010.05.25 00:41:58 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\TeamViewer
[2009.06.09 14:39:15 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Teeworlds
[2010.03.01 16:42:49 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Touchstone
[2010.08.01 13:44:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Ubisoft
[2010.09.05 11:16:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\uTorrent
[2010.09.27 22:45:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Yrbevy
[2010.03.27 17:29:54 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Zylom
[2010.09.16 04:13:29 | 000,032,636 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.01.02 17:45:34 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Adobe
[2009.05.19 22:18:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Apple Computer
[2009.08.19 21:47:02 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\AVS4YOU
[2008.12.21 00:15:37 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BITS
[2010.03.29 00:23:16 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BoneTown
[2008.12.22 11:56:29 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools
[2009.01.11 17:57:25 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools Lite
[2009.06.08 22:34:21 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools Pro
[2010.02.06 21:18:11 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\dvdcss
[2009.01.11 14:12:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Engelmann Media
[2009.03.23 17:13:46 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\fretsonfire
[2008.12.21 10:04:07 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Google
[2010.08.12 12:37:52 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\gtk-2.0
[2009.05.27 17:30:55 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Hamachi
[2010.09.17 17:12:03 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ICQ
[2010.03.27 17:29:55 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Identities
[2010.03.01 15:46:37 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\InstallShield
[2009.04.10 11:30:10 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\IrfanView
[2010.07.17 14:48:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Listing Factory 2009
[2010.09.12 21:41:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\LucasArts
[2008.12.12 22:19:24 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Macromedia
[2009.11.16 23:22:41 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\MAGIX
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Media Center Programs
[2009.05.06 18:02:23 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
[2009.05.01 12:14:35 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2010.06.04 20:56:24 | 000,000,000 | --SD | M] -- C:\Users\Alex\AppData\Roaming\Microsoft
[2010.09.26 19:57:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Moqaud
[2009.03.19 00:11:14 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla
[2008.12.23 14:05:27 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Nero
[2010.08.31 21:18:35 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Red Alert 3
[2008.12.23 21:00:25 | 000,000,000 | RH-D | M] -- C:\Users\Alex\AppData\Roaming\SecuROM
[2010.06.17 17:37:58 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Skype
[2010.06.17 17:37:55 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\skypePM
[2010.02.06 23:18:27 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Sony
[2010.02.06 23:10:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Sony Setup
[2010.08.28 00:57:32 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SpieleEntwicklungsKombinat
[2010.07.30 11:58:02 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SPORE
[2008.12.21 02:10:12 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SporeCreatureCreator
[2010.08.26 16:42:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Stardock
[2009.03.24 20:36:11 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\teamspeak2
[2010.05.25 00:41:58 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\TeamViewer
[2009.06.09 14:39:15 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Teeworlds
[2009.06.01 22:35:52 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Toribash
[2010.03.01 16:42:49 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Touchstone
[2010.08.01 13:44:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Ubisoft
[2010.09.05 11:16:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\uTorrent
[2009.01.19 23:08:36 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\vlc
[2009.02.27 01:50:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Winamp
[2008.12.22 04:41:34 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\WinRAR
[2010.09.27 22:45:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Yrbevy
[2010.03.27 17:29:54 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Zylom
< %APPDATA%\*.exe /s >
[2010.08.13 13:44:15 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Alex\AppData\Roaming\Microsoft\Installer\{2DE5FFD5-6130-4B89-803E-A49986220D55}\Toolbox_80B2BC9F0AAC4D259B78B2C92907081E.exe
[2010.03.29 00:06:45 | 000,003,774 | R--- | M] () -- C:\Users\Alex\AppData\Roaming\Microsoft\Installer\{5E7C721D-B008-4269-A1C4-2CE7E9757983}\BoneTown.exe
[2010.03.29 00:06:45 | 000,003,774 | R--- | M] () -- C:\Users\Alex\AppData\Roaming\Microsoft\Installer\{5E7C721D-B008-4269-A1C4-2CE7E9757983}\controlPanelIcon.exe
[2010.03.29 00:06:45 | 000,010,134 | R--- | M] () -- C:\Users\Alex\AppData\Roaming\Microsoft\Installer\{5E7C721D-B008-4269-A1C4-2CE7E9757983}\SystemFolder_msiexec.exe
[2009.06.04 19:34:14 | 000,000,766 | R--- | M] () -- C:\Users\Alex\AppData\Roaming\Microsoft\Installer\{6FD260BF-5A16-45DB-9E8F-75D25C1D0607}\ARPPRODUCTICON.exe
[2009.06.04 19:34:14 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Alex\AppData\Roaming\Microsoft\Installer\{6FD260BF-5A16-45DB-9E8F-75D25C1D0607}\NewShortcut1_3.exe
[2009.06.04 19:34:14 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Alex\AppData\Roaming\Microsoft\Installer\{6FD260BF-5A16-45DB-9E8F-75D25C1D0607}\NewShortcut2_1.exe
[2009.06.04 19:34:14 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Alex\AppData\Roaming\Microsoft\Installer\{6FD260BF-5A16-45DB-9E8F-75D25C1D0607}\NewShortcut3_3.exe
[2009.06.04 19:34:14 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Alex\AppData\Roaming\Microsoft\Installer\{6FD260BF-5A16-45DB-9E8F-75D25C1D0607}\NewShortcut4_1.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: IASTOR.SYS >
[2008.04.21 03:29:56 | 000,394,776 | ---- | M] (Intel Corporation) MD5=8BD53925C5675BC9A5EFE12E2A42BE31 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008.04.21 03:29:38 | 000,317,464 | ---- | M] (Intel Corporation) MD5=9F1220113A3A7F4F08042C699324D073 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008.04.21 03:29:38 | 000,317,464 | ---- | M] (Intel Corporation) MD5=9F1220113A3A7F4F08042C699324D073 -- C:\Windows\System32\drivers\iaStor.sys
[2008.04.21 03:29:38 | 000,317,464 | ---- | M] (Intel Corporation) MD5=9F1220113A3A7F4F08042C699324D073 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_18bd4575\iaStor.sys
< MD5 for: IASTORV.SYS >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008.12.22 11:43:00 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008.01.21 04:24:42 | 000,242,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2008.01.21 04:24:38 | 000,225,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< End of report >
Ich hoffe ihr könnt mir helfen! Euer Alex |
|
28.09.2010, 15:31
| #2 |
| | 100 Tan Trojaner Das ist der andere Text:OTL EXTRAS Logfile:
__________________Code:
ATTFilter OTL Extras logfile created on: 27.09.2010 22:35:39 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Alex\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 40,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289,59 Gb Total Space | 62,48 Gb Free Space | 21,57% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 7,80 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 931,28 Gb Total Space | 407,51 Gb Free Space | 43,76% Space Free | Partition Type: FAT32
Computer Name: ALEX-PC
Current User Name: Alex
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 60 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-2702442678-3415068308-4257273461-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2 -- File not found
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate -- File not found
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx -- File not found
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05DEA939-2D94-4A48-8981-13EA79421043}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{13726B3F-810D-42A9-9721-857852754FD5}" = lport=138 | protocol=17 | dir=in | app=system |
"{15CE95FC-86CC-432C-92DC-9370D6E1A1E8}" = lport=445 | protocol=6 | dir=in | app=system |
"{17FC73AF-6E0B-4D10-BE94-437D01A395BB}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3D7BE7C1-36D1-4524-9708-E15E5CF6A1C5}" = rport=137 | protocol=17 | dir=out | app=system |
"{4F62A7B6-3FA6-451A-A9EB-9702A291CAA9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{51436086-6561-4629-9D60-E4C3ADF6B8D0}" = lport=139 | protocol=6 | dir=in | app=system |
"{566C152B-8C28-43C3-8BC8-99F50B262D8D}" = rport=138 | protocol=17 | dir=out | app=system |
"{5B7E5A3B-2402-49F0-A7C7-240299C569B7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5EEDAB70-1BD2-4522-A653-BCBD58EC8192}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6D2AF5F6-6063-4B27-9CDC-B27DEB6DD254}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7E24E28D-3011-49FC-8DCA-C22514C3090A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{847F78E2-19DE-4B69-8814-2687A98BC6DD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9BF6F679-58FD-4904-9218-6BF60F2C1C1A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A25369E8-BE52-4EF5-BF1D-747DED54558E}" = rport=445 | protocol=6 | dir=out | app=system |
"{B125758C-F1C4-4E2C-A46C-1888AC82B0D4}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B164A2FC-392D-491F-AB45-F8D4AB52C807}" = rport=139 | protocol=6 | dir=out | app=system |
"{CF2C616B-5A7B-407F-A2B9-85A805489A01}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DDC0F671-6ABE-454C-848C-47254DDBF99C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E20B6D68-2BE9-4547-8DB0-0B980255ECE4}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp1\wnt500x86\rpcsandrasrv.exe |
"{F70C33FC-7895-4F1A-99DA-70075D77C02C}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00FAA904-7E3C-478B-A993-65B03A478B62}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{014E6DAD-94ED-4C72-8626-16E3BA988B4B}" = protocol=6 | dir=in | app=c:\program files\ubisoft\the settlers - rise of an empire\base\bin\settlers6.exe |
"{04591AC9-01CA-437A-ADFD-7007210121B0}" = protocol=6 | dir=in | app=c:\program files\activision\prototype\prototypef.exe |
"{04929603-B12C-444D-8B0C-977A029FA532}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{04F6BB61-8CA3-427C-BDA6-819378086022}" = protocol=6 | dir=in | app=c:\program files\ubisoft\prince of persia the forgotten sands\gu.exe |
"{05405CCD-B610-4C39-AD95-52CBB3B127E5}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{093549BD-126C-4CD2-B04F-BD8909BFAE07}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{127BC309-DD15-4F7D-BD11-7907FFFC849C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{18817278-859A-4AD8-BBA2-CC232816907B}" = protocol=6 | dir=in | app=c:\program files\ubisoft\prince of persia the forgotten sands\gamesettings.exe |
"{1B284D67-9376-4863-81E1-549A3D33C946}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{1D4241D9-B07C-4746-A0E6-D2315EAE850C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{23C279CE-23A3-494D-8D9E-E39314435091}" = protocol=17 | dir=in | app=c:\program files\ea games\mirror's edge\binaries\mirrorsedge.exe |
"{245D3C34-DDA5-4203-A448-26AF5EBD4D2E}" = protocol=17 | dir=in | app=c:\programme\stardock games\sins of a solar empire\sins of a solar empire entrenchment.exe |
"{24EFFCAE-B529-4D8C-B0FC-34C4F0CA1CAF}" = protocol=6 | dir=in | app=c:\program files\dragon age\daoriginslauncher.exe |
"{2BF02DFA-5CF1-400D-B412-5258B0028C0D}" = protocol=6 | dir=in | app=c:\program files\spark unlimited\legendary\binaries\legendary.exe |
"{2E85D5A4-365A-43AB-817A-DCE3A82254DB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2E86584B-D08E-4234-B7EA-45F1EE70869B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{309AED93-0FFF-4278-A452-AE569B386A26}" = protocol=17 | dir=in | app=c:\program files\ubisoft\the settlers - rise of an empire\base\bin\settlers6.exe |
"{31F71E48-3888-4239-9F6F-876C2759769E}" = protocol=17 | dir=in | app=c:\program files\dragon age\daoriginslauncher.exe |
"{349D4A5D-11C6-44AD-8F0F-54552E78F644}" = protocol=6 | dir=in | app=g:\games\games\battlefield 2\bf2.exe |
"{3548F3B0-F422-412A-8F6A-A229F23E2F89}" = protocol=17 | dir=in | app=c:\program files\unreal tournament 3 (lg)\binaries\ut3.exe |
"{35FF2AA7-5734-4A3D-8577-6CA83946DD8E}" = protocol=17 | dir=in | app=c:\program files\dragon age\bin_ship\daorigins.exe |
"{3AA89606-0B18-43C0-96F5-ECFFF5C15687}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{47B77D8D-12A9-44AA-B9F6-7B171A7BD509}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{4803A2CD-1B0F-4874-8DFE-118AAFB7DC0C}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battleforge\battleforge.exe |
"{4CBB4BE3-E114-4632-ADC1-EB97A430FC80}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{5217A9A6-8FF4-45EB-92D1-6BB2028ACDD5}" = protocol=17 | dir=in | app=c:\program files\ubisoft\prince of persia the forgotten sands\gamesettings.exe |
"{52181002-9594-4FBD-8B8A-C8560A893A13}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{55C6AF0A-FB40-44B6-8305-5A0D38DF34FA}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{57E538C8-B295-4C4F-A703-0083431D13F1}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{586ED842-321F-4BA9-AD5B-80717A1E4BF9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5E608EC1-70D3-4849-9DE9-F338938BFF01}" = protocol=6 | dir=in | app=c:\program files\ubisoft\james cameron's avatar - das spiel\bin\avatar.exe |
"{64897DE0-1ABA-48AD-8963-3C2E16806853}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{67B29CC0-926F-4C0D-9BCF-4AB84C3272A6}" = protocol=17 | dir=in | app=g:\games\games\battlefield 2\bf2.exe |
"{685F0A34-A86D-4D25-A0DA-8481612B90BF}" = protocol=17 | dir=in | app=c:\programme\stardock games\sins of a solar empire\sins of a solar empire diplomacy.exe |
"{6BF7B892-1495-4D36-A452-B0D21D682BE2}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battleforge\battleforge.exe |
"{795E3560-C284-4CEA-B610-9D6345B88E0F}" = protocol=17 | dir=in | app=c:\program files\ubisoft\prince of persia the forgotten sands\uplaybrowser.exe |
"{7A39727E-67A5-4AEC-902C-98D754F0B9B1}" = protocol=6 | dir=in | app=f:\programme\i-tunes\itunes.exe |
"{7BA899FD-00BD-465A-8D28-90C5E61D8015}" = protocol=6 | dir=in | app=c:\program files\ubisoft\prince of persia the forgotten sands\prince of persia.exe |
"{7C6C0E0B-144A-49D1-A2C2-4DF3618DF1AA}" = protocol=17 | dir=in | app=c:\program files\activision\prototype\prototypef.exe |
"{7F2837B0-B325-46BD-AEE5-33555511B1CA}" = protocol=6 | dir=in | app=c:\program files\ea games\mirror's edge\binaries\mirrorsedge.exe |
"{8E46A141-DFCA-4D2D-9F3B-F7C4A0598A88}" = protocol=17 | dir=in | app=c:\program files\spark unlimited\legendary\binaries\legendary.exe |
"{935AC838-1775-4C10-B95E-2CF6EAB104B4}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{93C428D0-1371-4889-8834-81722B4C710F}" = protocol=6 | dir=in | app=c:\programme\stardock games\sins of a solar empire\sins of a solar empire.exe |
"{953D166A-5A73-47CF-A036-FECED1D208CD}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{955185CB-C523-4D06-A420-426AA8781401}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{9DDC824F-B194-49B2-97F4-926C5C5678AE}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{A31D78B4-613C-4600-A248-EB135250126A}" = protocol=17 | dir=in | app=c:\program files\dragon age\bin_ship\daupdatersvc.service.exe |
"{A3550789-53C2-4234-B946-011F1E6E1204}" = protocol=17 | dir=in | app=c:\program files\ubisoft\prince of persia the forgotten sands\gu.exe |
"{A53B65D3-F0BB-46B0-BC39-9B2E210D381D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A554C296-88E3-4992-BB79-9F0E3035991F}" = protocol=6 | dir=in | app=c:\program files\dragon age\bin_ship\daorigins.exe |
"{AB6560C8-A21D-4BC8-8F2D-4E8CF911420E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AD1A62F0-419E-481F-AEC2-D12818C9B7B1}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{BBE8D562-FC3D-4716-A5CB-E67C688E278D}" = protocol=17 | dir=in | app=f:\games\games\stronghold 2\stronghold2.exe |
"{BDCC3475-9E66-46BF-82FC-552E950B1BB1}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{C1B4B707-A792-4AE7-93FB-54B0312709C9}" = protocol=6 | dir=in | app=c:\program files\ubisoft\prince of persia the forgotten sands\uplaybrowser.exe |
"{C43979EA-77F5-4C15-B74C-7B0DC7C0370D}" = protocol=17 | dir=in | app=f:\programme\i-tunes\itunes.exe |
"{C4CF2A18-0313-425C-AB02-84F3371286F5}" = protocol=17 | dir=in | app=c:\programme\stardock games\sins of a solar empire\sins of a solar empire.exe |
"{CE68F311-2465-482C-AA83-5737E7E06577}" = protocol=6 | dir=in | app=c:\program files\unreal tournament 3 (lg)\binaries\ut3.exe |
"{D55BD6F8-542E-405D-B3CC-CAC3D71316B9}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{D8930B3F-4424-414B-8FA4-C4C46C22662D}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{DE648890-9163-4BFA-BE2E-89FE21010835}" = protocol=17 | dir=in | app=c:\program files\ubisoft\james cameron's avatar - das spiel\bin\avatarlauncher.exe |
"{E0F90AB2-B508-4130-993A-056E8E73ADC1}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{E89AD5A8-46B5-4705-8C9B-CCF79D481040}" = protocol=6 | dir=in | app=c:\programme\stardock games\sins of a solar empire\sins of a solar empire diplomacy.exe |
"{EF0681D0-AA30-462F-9751-6AC505AA78A0}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{EFAEDB52-F29B-41BD-AAB3-FA80641337AB}" = protocol=17 | dir=in | app=c:\program files\ubisoft\prince of persia the forgotten sands\prince of persia.exe |
"{F1AE7726-AF10-4DB0-B9F4-62D2D1279A03}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battleforge\bootstrapper.exe |
"{F2504334-F030-4C16-9374-16C5C08D3A39}" = protocol=6 | dir=in | app=c:\programme\stardock games\sins of a solar empire\sins of a solar empire entrenchment.exe |
"{F2F94443-D241-4242-AD72-E6FC5AECCEE9}" = protocol=6 | dir=in | app=c:\program files\dragon age\bin_ship\daupdatersvc.service.exe |
"{F2FA262E-B119-4C2B-A9F3-77D71992E724}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{F3BB14E8-5863-474F-8547-E89FFC909F8C}" = protocol=6 | dir=in | app=c:\program files\ubisoft\james cameron's avatar - das spiel\bin\avatarlauncher.exe |
"{F52617C0-0915-45A1-8348-C2B70E4F1F8D}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{F55571A6-7876-4915-91F6-3389A8873E74}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battleforge\bootstrapper.exe |
"{F5A15C7C-5FC0-4AA5-9E2B-81DCFE0B6165}" = protocol=6 | dir=in | app=f:\games\games\stronghold 2\stronghold2.exe |
"{F7D6368C-BA22-4526-BD20-2B1BFACB5B19}" = protocol=17 | dir=in | app=c:\program files\ubisoft\james cameron's avatar - das spiel\bin\avatar.exe |
"{FA853CC4-82AE-4500-9111-30FA29380853}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"TCP Query User{069BC0AA-E359-4C3E-914F-0720A1C3BCA7}C:\users\alex\desktop\far cry 2\bin\farcry2.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\far cry 2\bin\farcry2.exe |
"TCP Query User{0895C5E2-98A3-481C-B818-E70A04166F6A}C:\program files\capcom\lost_planet_trial_dx9\lostplanetdx9.exe" = protocol=6 | dir=in | app=c:\program files\capcom\lost_planet_trial_dx9\lostplanetdx9.exe |
"TCP Query User{0C541019-0E06-413D-A71B-6EEA46D81959}C:\users\alex\desktop\counter-strike 1.6\cstrike.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\counter-strike 1.6\cstrike.exe |
"TCP Query User{0C714477-9514-4AE9-A06F-5337858F387D}F:\games\games\demigod\bin\demigod.exe" = protocol=6 | dir=in | app=f:\games\games\demigod\bin\demigod.exe |
"TCP Query User{18D5F9D7-5633-40EE-A1D9-7B1BC945C01A}C:\program files\capcom\lost planet extreme condition\lostplanetdx10.exe" = protocol=6 | dir=in | app=c:\program files\capcom\lost planet extreme condition\lostplanetdx10.exe |
"TCP Query User{1D534177-418A-4E88-B64D-93DB3E1BC5C6}C:\users\alex\desktop\games\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\games\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{1F247D7D-8F9F-499A-882A-ABB9BFA9F444}C:\users\alex\desktop\demigod\bin\demigod.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\demigod\bin\demigod.exe |
"TCP Query User{220FE586-5F73-473C-8AD6-638B8B564575}C:\users\alex\desktop\diablo ii m1\d2loader-1.12.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\diablo ii m1\d2loader-1.12.exe |
"TCP Query User{311DA917-D505-4196-9379-BC94E1E7B33E}G:\games\games\worms 3d oda so\worms 4 mayhem.exe" = protocol=6 | dir=in | app=g:\games\games\worms 3d oda so\worms 4 mayhem.exe |
"TCP Query User{35C3308A-6356-43BA-830A-30B057AF234D}F:\games\games\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=f:\games\games\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{3BAC3E13-7EFA-4CBE-AB65-666A663088F7}C:\program files\warhammer 40000 dawn of war ii - chaos rising\dow2.exe" = protocol=6 | dir=in | app=c:\program files\warhammer 40000 dawn of war ii - chaos rising\dow2.exe |
"TCP Query User{3C65DB79-5418-40CB-8011-7FC720D700A4}C:\program files\codemasters\rise of the argonauts\binaries\riseoftheargonauts.exe" = protocol=6 | dir=in | app=c:\program files\codemasters\rise of the argonauts\binaries\riseoftheargonauts.exe |
"TCP Query User{400052A1-BA61-474D-9889-0862BD1CA3CF}C:\users\alex\desktop\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\counter-strike 1.6\hl.exe |
"TCP Query User{40FB5D0B-EDEB-4415-A9EA-6182947541FA}C:\users\alex\desktop\cs\valve\hl.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\cs\valve\hl.exe |
"TCP Query User{440BCC73-C947-42F2-88D0-86DC142A44E1}F:\games\games\lost planet extreme condition\lostplanetdx10.exe" = protocol=6 | dir=in | app=f:\games\games\lost planet extreme condition\lostplanetdx10.exe |
"TCP Query User{44D45088-DDE1-4B3E-A2FC-473BE011B3DB}C:\users\alex\desktop\programme\cs\valve\hl.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\programme\cs\valve\hl.exe |
"TCP Query User{4739F7F6-0D9F-4C02-ABB1-C6A90C75D90B}C:\program files\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\team fortress 2\hl2.exe |
"TCP Query User{4E748D87-4E50-40EC-9739-CD1496FAA1D6}C:\users\alex\desktop\games\call of duty 5 - world at war\codwaw.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\games\call of duty 5 - world at war\codwaw.exe |
"TCP Query User{52D73970-6BE2-4B66-ABCB-2DCFC0CDD05A}C:\program files\flashget network\flashget universal\flashget.exe" = protocol=6 | dir=in | app=c:\program files\flashget network\flashget universal\flashget.exe |
"TCP Query User{538EE0CC-4950-4CB5-A86B-E8529CC78343}C:\users\alex\desktop\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\warcraft iii\war3.exe |
"TCP Query User{54B83744-76A0-4DA7-9105-ECB9879BDD8E}C:\users\alex\desktop\rockstar games\gta2\gta2.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\rockstar games\gta2\gta2.exe |
"TCP Query User{5FF58B7B-C6F9-4700-9266-4C3A3245D3E9}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{6016C413-EAC9-41DF-9BB8-9EAF66B0DA33}G:\games\games\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=g:\games\games\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{609841F5-40DF-409C-B0AC-777EF41A6906}C:\users\alex\desktop\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{63E68962-71ED-4F95-940E-A8252A91AD8C}C:\users\alex\desktop\battlefield vietnam\bfvietnam.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\battlefield vietnam\bfvietnam.exe |
"TCP Query User{6C2788DB-F65A-4840-8F89-C5AD61B00DE5}C:\users\alex\desktop\diablo ii m1\game.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\diablo ii m1\game.exe |
"TCP Query User{70A5EBD3-15DE-495F-BEC2-FC4980F54E42}C:\program files\serious sam 2 demo\bin\sam2.exe" = protocol=6 | dir=in | app=c:\program files\serious sam 2 demo\bin\sam2.exe |
"TCP Query User{757193A8-53AA-4317-B926-4D8C806ACF09}G:\games\games\demigod\bin\demigod.exe" = protocol=6 | dir=in | app=g:\games\games\demigod\bin\demigod.exe |
"TCP Query User{7A1886D7-9686-410C-81DF-0FA1174FEDAC}I:\spiele\gta 2\gta2\gta2.exe" = protocol=6 | dir=in | app=i:\spiele\gta 2\gta2\gta2.exe |
"TCP Query User{7E6086A3-2476-4C3B-AEEA-BEA7AF20D38D}C:\users\alex\desktop\programme\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\programme\warcraft iii\war3.exe |
"TCP Query User{80915A7B-1E57-4208-A624-A0F03EAEB74B}F:\games\games\lost planet extreme condition\lostplanetdx9.exe" = protocol=6 | dir=in | app=f:\games\games\lost planet extreme condition\lostplanetdx9.exe |
"TCP Query User{8328DF78-95FB-4877-8505-78F93F001EEE}C:\program files\ea games\command & conquer the first decade\command & conquer renegade(tm)\renegade\game.exe" = protocol=6 | dir=in | app=c:\program files\ea games\command & conquer the first decade\command & conquer renegade(tm)\renegade\game.exe |
"TCP Query User{898F2A63-AC14-43FC-A1B8-FC260CEFC281}C:\users\alex\desktop\ut3\binaries\ut3.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\ut3\binaries\ut3.exe |
"TCP Query User{8AB8AA0F-2F1C-4200-B62D-C5BB5E692637}C:\program files\hp\hp officejet pro k550 series\toolbox\hpwutbx.exe" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet pro k550 series\toolbox\hpwutbx.exe |
"TCP Query User{8CEC23A9-D2A7-4C2E-8FB1-1263DA887AC8}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{8EA4C452-4BBE-458B-A3A6-71B12575D817}C:\program files\serious sam 2\bin\sam2.exe" = protocol=6 | dir=in | app=c:\program files\serious sam 2\bin\sam2.exe |
"TCP Query User{8F9E586B-C4E3-4B8C-B846-626E91E2E8D5}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{8FA67AC1-C3FD-4CAF-824C-545CCF822712}C:\users\alex\desktop\counter-strike 1.6\hltv.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\counter-strike 1.6\hltv.exe |
"TCP Query User{90DC2499-A328-4A0A-A614-18125887F963}F:\games\games\far cry 2\bin\farcry2.exe" = protocol=6 | dir=in | app=f:\games\games\far cry 2\bin\farcry2.exe |
"TCP Query User{91F68E62-FB78-4905-905C-8A124DECF138}C:\users\alex\desktop\call of duty 5 - world at war\codwawmp.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\call of duty 5 - world at war\codwawmp.exe |
"TCP Query User{942E7853-7FDE-4457-8275-A528E1DB52CB}C:\users\alex\desktop\neuer ordner (2)\binaries\ut3.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\neuer ordner (2)\binaries\ut3.exe |
"TCP Query User{9AC8D003-4EFB-42A7-B6DF-C55C9A75A1FB}C:\program files\activision\rome - total war\rometw-alx.exe" = protocol=6 | dir=in | app=c:\program files\activision\rome - total war\rometw-alx.exe |
"TCP Query User{A35A29C0-B18E-40A0-9A59-3BBEDD1C8D22}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{A3C9F670-8350-4113-9BB6-D65879611B9F}C:\program files\fox\aliens vs. predator 2\lithtech.exe" = protocol=6 | dir=in | app=c:\program files\fox\aliens vs. predator 2\lithtech.exe |
"TCP Query User{ADDF9ED7-919B-4CBF-B52D-8AC4F5CD128F}C:\team17\worms2\frontend.exe" = protocol=6 | dir=in | app=c:\team17\worms2\frontend.exe |
"TCP Query User{BAA958AD-7EBE-4A96-B44F-C83F28E624C9}C:\users\alex\desktop\flatout2\flatout2.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\flatout2\flatout2.exe |
"TCP Query User{BE1F8EAB-DE6C-467D-895A-920A8B0F53ED}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{BEE9C6D8-8366-42AC-B31A-50EF68A9D074}C:\program files\ubisoft\assassin's creed ii\server.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\server.exe |
"TCP Query User{C225B86E-11F0-4880-A7F2-DAE4CF8F3AB7}C:\program files\electronic arts\dead space\dead space.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\dead space\dead space.exe |
"TCP Query User{C49BDA92-86A5-4FE5-8778-AD73217E4A4C}C:\users\alex\desktop\age of empires iii\age3.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\age of empires iii\age3.exe |
"TCP Query User{C4E3B509-6AAD-4303-815C-D097ED09D8F8}C:\users\alex\desktop\games\call of duty 5 - world at war\codwawmp.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\games\call of duty 5 - world at war\codwawmp.exe |
"TCP Query User{D2613253-B76A-4768-942D-2DAE4B6EBFF0}C:\team17\worms world party\wwp.exe" = protocol=6 | dir=in | app=c:\team17\worms world party\wwp.exe |
"TCP Query User{D36C5BFD-083A-46A1-A086-297F16D81C35}C:\program files\steamless left4dead2 pack\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files\steamless left4dead2 pack\left4dead2.exe |
"TCP Query User{D677BABA-242D-402E-B431-0CDA7BC4AD7C}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{E0D4FCF7-2BC7-4473-A635-C831ACA266EF}C:\users\alex\desktop\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\left 4 dead\left4dead.exe |
"TCP Query User{E52CE778-59EA-482D-B3F8-4ED75BF68F6F}C:\users\alex\desktop\neuer ordner (2)\ut3\binaries\ut3.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\neuer ordner (2)\ut3\binaries\ut3.exe |
"TCP Query User{E93BB292-7D70-45CD-A172-0ED9289D5CF0}C:\users\alex\desktop\call of duty 5 - world at war\codwaw.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\call of duty 5 - world at war\codwaw.exe |
"TCP Query User{F9A7C04D-5FDB-4D75-A13D-061581FFD98D}G:\games\games\timeshift\bin\timeshift.exe" = protocol=6 | dir=in | app=g:\games\games\timeshift\bin\timeshift.exe |
"TCP Query User{FA6C2536-B908-4A89-907B-E3B288E70F87}C:\program files\touchstone\turok\binaries\turokgame.exe" = protocol=6 | dir=in | app=c:\program files\touchstone\turok\binaries\turokgame.exe |
"UDP Query User{01AAB45A-6B6F-478F-B263-8E7CA88A754E}C:\users\alex\desktop\counter-strike 1.6\hltv.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\counter-strike 1.6\hltv.exe |
"UDP Query User{0D62D8C0-4EAE-446E-A12A-3C2560366EE7}G:\games\games\worms 3d oda so\worms 4 mayhem.exe" = protocol=17 | dir=in | app=g:\games\games\worms 3d oda so\worms 4 mayhem.exe |
"UDP Query User{155F71FE-5518-41AE-A0D1-4A204CD4FE22}C:\program files\touchstone\turok\binaries\turokgame.exe" = protocol=17 | dir=in | app=c:\program files\touchstone\turok\binaries\turokgame.exe |
"UDP Query User{18C5DEC3-7D25-4A70-A1F3-272B5CBB7538}C:\users\alex\desktop\call of duty 5 - world at war\codwaw.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\call of duty 5 - world at war\codwaw.exe |
"UDP Query User{1B22FE96-23FB-4A3A-AF6F-87530B61C560}C:\users\alex\desktop\counter-strike 1.6\cstrike.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\counter-strike 1.6\cstrike.exe |
"UDP Query User{1D44EA8B-6F72-45B3-B56B-62F831410364}C:\team17\worms2\frontend.exe" = protocol=17 | dir=in | app=c:\team17\worms2\frontend.exe |
"UDP Query User{23F7B58D-4894-4B6A-B03A-0F76D82794C0}C:\program files\warhammer 40000 dawn of war ii - chaos rising\dow2.exe" = protocol=17 | dir=in | app=c:\program files\warhammer 40000 dawn of war ii - chaos rising\dow2.exe |
"UDP Query User{2C019F9F-B65A-476E-AA8E-C3864F794B45}C:\users\alex\desktop\games\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\games\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{34BE4F23-D85F-4DAB-AE54-EFB1270E5FCE}C:\users\alex\desktop\age of empires iii\age3.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\age of empires iii\age3.exe |
"UDP Query User{353684D7-C5C1-43C8-AA01-6B89EB343222}C:\users\alex\desktop\battlefield vietnam\bfvietnam.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\battlefield vietnam\bfvietnam.exe |
"UDP Query User{3897A06A-8874-42A4-99FB-03C99140E1FD}C:\users\alex\desktop\games\call of duty 5 - world at war\codwaw.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\games\call of duty 5 - world at war\codwaw.exe |
"UDP Query User{503AF0F3-FAF5-4928-A464-829873BE643E}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{51D0F300-4E9A-4C75-B712-0E013090089F}F:\games\games\lost planet extreme condition\lostplanetdx10.exe" = protocol=17 | dir=in | app=f:\games\games\lost planet extreme condition\lostplanetdx10.exe |
"UDP Query User{5311A929-2D48-444B-A150-E54836DE8D30}C:\users\alex\desktop\call of duty 5 - world at war\codwawmp.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\call of duty 5 - world at war\codwawmp.exe |
"UDP Query User{572A37D5-9C1D-4AA5-A2DD-843DF5D32BD5}C:\program files\flashget network\flashget universal\flashget.exe" = protocol=17 | dir=in | app=c:\program files\flashget network\flashget universal\flashget.exe |
"UDP Query User{5E2F454F-D4D8-428E-898C-F1026DA0B781}C:\program files\ea games\command & conquer the first decade\command & conquer renegade(tm)\renegade\game.exe" = protocol=17 | dir=in | app=c:\program files\ea games\command & conquer the first decade\command & conquer renegade(tm)\renegade\game.exe |
"UDP Query User{655DDAF0-17D0-4A5C-A0D8-C3235350EE23}C:\program files\electronic arts\dead space\dead space.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\dead space\dead space.exe |
"UDP Query User{65E6FA17-7DA7-4B15-9157-8A1A5A4FDEA5}G:\games\games\timeshift\bin\timeshift.exe" = protocol=17 | dir=in | app=g:\games\games\timeshift\bin\timeshift.exe |
"UDP Query User{6D3EF75A-D1C7-4B6A-9BDF-08DA2F8E0B6D}F:\games\games\far cry 2\bin\farcry2.exe" = protocol=17 | dir=in | app=f:\games\games\far cry 2\bin\farcry2.exe |
"UDP Query User{6F685413-856D-44EE-A5AC-4D291750F7DE}C:\users\alex\desktop\rockstar games\gta2\gta2.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\rockstar games\gta2\gta2.exe |
"UDP Query User{72506D49-E15E-40B1-AD94-505D7FCE250A}F:\games\games\lost planet extreme condition\lostplanetdx9.exe" = protocol=17 | dir=in | app=f:\games\games\lost planet extreme condition\lostplanetdx9.exe |
"UDP Query User{730DB9E3-801D-4250-8BF3-91B578BD121E}C:\program files\serious sam 2\bin\sam2.exe" = protocol=17 | dir=in | app=c:\program files\serious sam 2\bin\sam2.exe |
"UDP Query User{8816AE3C-51E5-4E67-90E8-12E178890C05}C:\users\alex\desktop\flatout2\flatout2.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\flatout2\flatout2.exe |
"UDP Query User{88A30890-6CBD-4518-97B4-9EC4A8C5C382}C:\users\alex\desktop\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\left 4 dead\left4dead.exe |
"UDP Query User{8ACEFE6E-CE3C-4B38-B178-649380320DDD}C:\program files\activision\rome - total war\rometw-alx.exe" = protocol=17 | dir=in | app=c:\program files\activision\rome - total war\rometw-alx.exe |
"UDP Query User{9415EE2A-00C0-4436-A9CA-FE1E03D275FE}C:\users\alex\desktop\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\warcraft iii\war3.exe |
"UDP Query User{971D6578-04D4-4B06-84FF-C465C6020D93}C:\users\alex\desktop\ut3\binaries\ut3.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\ut3\binaries\ut3.exe |
"UDP Query User{A3922BBC-3430-442D-8945-4C98EB1C9BAF}C:\users\alex\desktop\neuer ordner (2)\binaries\ut3.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\neuer ordner (2)\binaries\ut3.exe |
"UDP Query User{A43F52CC-DDD5-4710-87CD-77907944ED7F}C:\program files\steamless left4dead2 pack\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files\steamless left4dead2 pack\left4dead2.exe |
"UDP Query User{A5C9C2A1-61E9-4743-88D6-58D7C1CD83FC}C:\program files\fox\aliens vs. predator 2\lithtech.exe" = protocol=17 | dir=in | app=c:\program files\fox\aliens vs. predator 2\lithtech.exe |
"UDP Query User{A6DC65C5-3B18-459A-B588-00F6418E38B8}C:\users\alex\desktop\cs\valve\hl.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\cs\valve\hl.exe |
"UDP Query User{A938ACB1-908D-4E2A-9491-84AC1064E867}C:\users\alex\desktop\programme\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\programme\warcraft iii\war3.exe |
"UDP Query User{A991FA4D-C9DB-4309-AE8F-FFBE887E5088}C:\program files\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\team fortress 2\hl2.exe |
"UDP Query User{AAB4ABD3-A756-493A-AB88-4C16A7C00A55}G:\games\games\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=g:\games\games\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{AD264586-98F7-49E6-9022-B327C9A2EA3E}I:\spiele\gta 2\gta2\gta2.exe" = protocol=17 | dir=in | app=i:\spiele\gta 2\gta2\gta2.exe |
"UDP Query User{ADF12AE5-DDED-483B-AB1F-5C458DEFD649}C:\users\alex\desktop\diablo ii m1\game.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\diablo ii m1\game.exe |
"UDP Query User{B7354F6B-F75A-49DF-9C22-3BEADFE9B7FF}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{B9478EF0-D4F2-4D19-B78D-957F4A27E335}C:\program files\hp\hp officejet pro k550 series\toolbox\hpwutbx.exe" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet pro k550 series\toolbox\hpwutbx.exe |
"UDP Query User{BA469EAC-12E7-4B9D-A032-55933D81AD36}F:\games\games\demigod\bin\demigod.exe" = protocol=17 | dir=in | app=f:\games\games\demigod\bin\demigod.exe |
"UDP Query User{BB70EA51-8556-4493-8AFD-2F1424C10D5E}C:\users\alex\desktop\programme\cs\valve\hl.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\programme\cs\valve\hl.exe |
"UDP Query User{BC74B07C-0F1C-4727-A7B0-A2368BAF9030}C:\team17\worms world party\wwp.exe" = protocol=17 | dir=in | app=c:\team17\worms world party\wwp.exe |
"UDP Query User{BE2788A7-C764-455E-88F9-46558DEF04F5}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{C470D634-5CD9-440E-9990-939E895E061B}C:\program files\ubisoft\assassin's creed ii\server.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\server.exe |
"UDP Query User{C724D162-7E02-4D41-9862-00C2931CEBA8}F:\games\games\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=f:\games\games\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{C78DEC53-56DA-4BA4-B5BC-10A2670C4317}C:\program files\capcom\lost planet extreme condition\lostplanetdx10.exe" = protocol=17 | dir=in | app=c:\program files\capcom\lost planet extreme condition\lostplanetdx10.exe |
"UDP Query User{CED08A92-F8F1-4E87-BD06-4C633FD94316}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{D08A6033-D416-4039-B310-6394E9268A58}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{D543D82C-28EA-4CA0-8303-450D235653BC}C:\users\alex\desktop\diablo ii m1\d2loader-1.12.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\diablo ii m1\d2loader-1.12.exe |
"UDP Query User{DAEA54EB-B621-4429-8A98-4F6A93D0C9C3}C:\users\alex\desktop\neuer ordner (2)\ut3\binaries\ut3.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\neuer ordner (2)\ut3\binaries\ut3.exe |
"UDP Query User{DD26183C-364D-43D5-A6F9-6676D6CC4187}C:\users\alex\desktop\far cry 2\bin\farcry2.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\far cry 2\bin\farcry2.exe |
"UDP Query User{DE239762-75BD-4F0F-858E-6C72B0F5A646}C:\users\alex\desktop\games\call of duty 5 - world at war\codwawmp.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\games\call of duty 5 - world at war\codwawmp.exe |
"UDP Query User{DFA4D754-A71E-4E58-B885-1058678FBD8D}C:\program files\capcom\lost_planet_trial_dx9\lostplanetdx9.exe" = protocol=17 | dir=in | app=c:\program files\capcom\lost_planet_trial_dx9\lostplanetdx9.exe |
"UDP Query User{DFC6BE37-CD58-41C4-A679-0DA7F47A9B05}C:\program files\codemasters\rise of the argonauts\binaries\riseoftheargonauts.exe" = protocol=17 | dir=in | app=c:\program files\codemasters\rise of the argonauts\binaries\riseoftheargonauts.exe |
"UDP Query User{E33D08F7-15DA-48A9-920A-F0EF276A09E0}C:\users\alex\desktop\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\counter-strike 1.6\hl.exe |
"UDP Query User{E371018D-AE65-4626-A439-3D89C24D8A67}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{E75B01D0-8266-4E3B-A5BD-D709DBA1EBD7}C:\program files\serious sam 2 demo\bin\sam2.exe" = protocol=17 | dir=in | app=c:\program files\serious sam 2 demo\bin\sam2.exe |
"UDP Query User{F20739A8-95A0-493F-B60F-5F1B03AEDDAC}G:\games\games\demigod\bin\demigod.exe" = protocol=17 | dir=in | app=g:\games\games\demigod\bin\demigod.exe |
"UDP Query User{F772BCED-31E8-4196-8726-42F362439AA0}C:\users\alex\desktop\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{FAB0D425-0244-402F-B1B6-6DD9E075DCFB}C:\users\alex\desktop\demigod\bin\demigod.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\demigod\bin\demigod.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06F478B0-053F-45C7-B7F4-B81520345720}" = Ninja Blade
"{20165891-91F8-45F9-A90A-307C7179C515}" = Sins of a Solar Empire - Trinity
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Alarmstufe Rot 3
"{2DE5FFD5-6130-4B89-803E-A49986220D55}" = HP Officejet Pro K550 Series Toolbox
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{5C3C9D49-6596-4F68-87DD-E56CC003FCA3}_is1" = Listing Factory 2009 v3.5
"{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}" = Saboteur™
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{7299052B-02A4-4627-81F2-1818DA5D550D}" = Microsoft Visual C++ 2005 Redistributable
"{837B34E3-7C30-493C-8F6A-2B0F04E2912C}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}" = Black & White® 2
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse
"{EAA01BA0-6991-4296-A404-4FFF2DAC2225}" = ParaWorld
"{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}" = Prince of Persia The Forgotten Sands™
"{EC7EBCD9-0CB4-472B-BC64-364CDC3CAC4C}" = Rise of the Argonauts
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"Google Chrome" = Google Chrome
"Impulse" = Impulse
"InstallShield_{EC7EBCD9-0CB4-472B-BC64-364CDC3CAC4C}" = Rise of the Argonauts
"Just Cause 2_is1" = Just Cause 2
"King Arthur_is1" = King Arthur
"Mafia II_is1" = Mafia II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Monkey Island 2 LeChucks Revenge Special Edition_is1" = Monkey Island 2 LeChucks Revenge Special Edition
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"Sins of a Solar Empire - Trinity" = Sins of a Solar Empire - Trinity
"Sniper Ghost Warrior Update 2_is1" = Sniper Ghost Warrior Update 2
"Sniper Ghost Warrior Update 3_is1" = Sniper Ghost Warrior Update 3
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Techno eJay 4" = Techno eJay 4 - Deinstallation
"uTorrent" = µTorrent
"WinGimp-2.0_is1" = GIMP 2.6.9
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2702442678-3415068308-4257273461-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Insaniquarium Deluxe" = Insaniquarium Deluxe
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
|
|
28.09.2010, 15:37
| #3 |
  | 100 Tan Trojaner Hallo Alex und
__________________ Du hast ja schon einige Vorarbeit geleistet. Dennoch, damit wir dir kompetent zur Seite stehen können, lies dir bitte F o l g e n d e s durch und befolge die Anweisungen. Poste im Anschluß alle angeforderten Logs hier ( wird auch im Thema beschrieben wie... )
__________________ |
|
29.09.2010, 11:52
| #4 |
| | 100 Tan Trojaner Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4705 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 28.09.2010 19:44:16 mbam-log-2010-09-28 (19-44-16).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|I:\|) Durchsuchte Objekte: 572618 Laufzeit: 19 Stunde(n), 3 Minute(n), 36 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 1 Infizierte Registrierungswerte: 1 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 1 Infizierte Dateien: 1 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\{NSINAME} (Trojan.Agent) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{5922f140-477b-367c-3581-9e8a4e0e9892} (Trojan.ZbotR.Gen) -> Delete on reboot. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: C:\Program Files\WinZix (Trojan.Swizzor) -> Quarantined and deleted successfully. Infizierte Dateien: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\videosoft\Uninstall.lnk (Trojan.DNSChanger) -> Quarantined and deleted successfully. |
|
29.09.2010, 11:54
| #5 |
| | 100 Tan Trojaner Brauchst du noch was? Ich weiß nicht genau was ich jetzt machen muss... |
|
01.10.2010, 09:58
| #6 |
| | 100 Tan Trojaner Zuerst solltest du dies zur Kenntnis nehmen: Dein System ist kompromitiert, es kann sein, dass sich u.a. auch noch ein rootkit in deinem System versteckt: Was zum lesen vorab Erklärung Rootkit: Der Begriff beschreibt ein kleines Tool, das sich in ein Betriebssystem eingräbt und dort als Deckmantel für weitere Programme dient. In einem Rootkit können sich Viren ebenso verstecken wie ausgefeilte Spionagetools. Das Perfide: Während diese Programme sonst von jedem Virenscanner früher oder später erkannt würden, fallen sie dem System dank der Tarnung durch das Rootkit nicht mehr auf. Erst wenn diese Tarnung fällt, ist der Virus verwundbar... DRINGENDER HINWEIS VORWEG: KEIN ONLINEBANKING, EBAY etc. MEHR Absolutes MUSS, ohne wenn und aber.....Informiere Deine Bank Hinweis: kompromitierte Systeme sollten neu aufgesetzt und abgesichert werden Anleitung: Neuaufsetzen des Systems + Absicherung Um den Virus zu entfernen, um sicher Backups zu machen oder obigen Hinweis aus diversen Gründen zu ignorieren, befolge folgende Schritte: Natürlich alles unter dem Hinweis das die ganze Sache auch schiefgehen kann und du um ein Neuaufsetzen nicht herumkommen wirst. Lade dir folgende Software herunter und installiere diese, bitte unternehme nichts auf eigene Faust sondern folge den folgenden Anweisungen. VORWEG: Die Reihenfolge sollte unbedingt eingehalten werden..... Code:
ATTFilter Download von CCleaner Anleitung: CCleaner <----dl Link in der Erklärung...LESEN!!! Download von Gmer Downlad von HiJackThis Lies dir die Anweisungen zu Malwarebytes und CCleaner aufmerksam durch und befolge die Schritte genau, ggf. drucke sie dir aus. Punkt 1. Bitte deaktiviere deine Systemwiederherstellung: Vista, so gehts Punkt 2. Mache alle Dateien deines System so sichtbar. versteckte und Systemdateien anzeigen ) Punkt 3. Dann wirst du CCleaner aktivieren, wie beschrieben vorgehen und zwar so lange bis das keine Fehler mehr angezeigt werden. Punkt 4. Hiernach einen Malwarebytes Scan ( Full Scan ) und das Logfile hier posten....( wenns nicht läuft benenne die MBAM.exe um in Hups.exe und versuchs dann. Einige Viren verhindern die Ausführung von AV Programmen. Lasse zum Abschluß alle Funde löschen Punkt 5. Ich brauche danach einen HijackThis Log, poste ihn bitte hier... Punkt 6. Hiernach öffnest du GMER und lässt bei diesem Programm ebenfalls einen Scan durchführen, poste das Logfile hier. Bevor du es auf deinen Desktop ( Muss auf den Desktop ) speicherst nennst du das file in Huppala.exe um. Wenn es funktioniert, dann bitte ausführen und die Logfile posten bzw. bei - Ihr kostenloser File Hoster! uploaden und Link posten. Danach schauen wir mal weiter.... Gutes Gelingen
__________________ --> 100 Tan Trojaner Geändert von Redwulf (01.10.2010 um 10:41 Uhr) Grund: Links hinzu gefügt |
|
01.10.2010, 23:30
| #7 |
| | 100 Tan Trojaner Danke schonmal für deine Hilfe. Hier sind Daten von Malware bytes: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4728 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 02.10.2010 00:25:31 mbam-log-2010-10-02 (00-25-31).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|I:\|) Durchsuchte Objekte: 557191 Laufzeit: 2 Stunde(n), 40 Minute(n), 41 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
02.10.2010, 14:49
| #8 |
| | 100 Tan Trojaner Lechs, bitte schau nochmal in meinen Post. Du musst die Reihenfolge einhalten... Hast du entsprechend der Anweisungen vorher CCleaner laufen lassen? Hast du die Systemwiederherstellung deaktiviert und alle Dateien deines Systems sichtbar gemacht.? Ich vermisse die Logs, ich kann dir sonst nicht weiter helfen. Ich muss sehen was in deinem System los ist, ansonsten kann ich dir nur raten dein System neu aufzusetzen. Ich bin auf Info angewiesen.....
__________________ Quidquid agis prudenter agas et respice finem Was auch immer du tust, tu es klug und bedenke die Folgen --------------------------------------------------------------------------------- Wenn ich nach 24 Stunden nicht antworte, bitte kurze PM |
|
02.10.2010, 15:08
| #9 |
| | 100 Tan Trojaner Hap die schritte 1-4 befolgt und die Daten gepostet. jetzt hänge ich bei schritt 5 mit dem HiJack This. Das programm gibt mir eine Fehlermeldung sobald ich auf: Do a system scan and save logfile klicke. Was muss ich nun machen? |
|
02.10.2010, 15:32
| #10 |
| | 100 Tan TrojanerCode:
ATTFilter Hap die schritte 1-4 befolgt und die Daten gepostet.
Wie lautet die Fehlermeldung von HiJack This?
__________________ Quidquid agis prudenter agas et respice finem Was auch immer du tust, tu es klug und bedenke die Folgen --------------------------------------------------------------------------------- Wenn ich nach 24 Stunden nicht antworte, bitte kurze PM |
|
02.10.2010, 16:26
| #11 |
| | 100 Tan Trojaner Das hier ist die Meldung: hxxp://imagefrog.net/show.php/120639_Unbenannt.jpg Und das sind die Daten: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4728 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 02.10.2010 00:25:31 mbam-log-2010-10-02 (00-25-31).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|I:\|) Durchsuchte Objekte: 557191 Laufzeit: 2 Stunde(n), 40 Minute(n), 41 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
04.10.2010, 18:05
| #12 |
| | 100 Tan Trojaner kann mir bitte bitte einer weiterhelfen. Ich brauche meinen Rechner umbedingt voll funktionstüchtig mfg Lechs |
|
05.10.2010, 17:25
| #13 |
| | 100 Tan Trojaner Lechs ich hatte dich gebeten, alle Dinge als Administrator auszuführen. Ich denke das ist das Problem bei HiJack This. Falls nicht, sehe nochmals in der Fehlermeldung nach. Hier wird dir der vollstände Pfad angegeben, in dem du ggf. die Host Datei bis auf die Local Host editieren, sprich löschen musst. Desweiteren fehlen mir immer noch sämtliche Logs. Das Malwarebytes Log genügt da nicht alleine. Also bitte frisch ans Werk Code:
ATTFilter Download von CCleaner Anleitung: CCleaner <----dl Link in der Erklärung...LESEN!!! Download von Gmer Downlad von HiJackThis DANN das Log von Hijack This und GMER hier POSTEN
__________________ Quidquid agis prudenter agas et respice finem Was auch immer du tust, tu es klug und bedenke die Folgen --------------------------------------------------------------------------------- Wenn ich nach 24 Stunden nicht antworte, bitte kurze PM |
|
06.10.2010, 17:20
| #14 |
| | 100 Tan Trojaner Nun ist die Fehlermeldung weg aber nach dem Scan gibt mir Hijack nur eine leere textdatei. Hab das Programm neu instaliert hat aber nichts gebracht. Wodran kann das liegen? |
|
07.10.2010, 07:47
| #15 |
| | 100 Tan Trojaner Lass bitte mal GMER laufen.... und nicht vergessen posten
__________________ Quidquid agis prudenter agas et respice finem Was auch immer du tust, tu es klug und bedenke die Folgen --------------------------------------------------------------------------------- Wenn ich nach 24 Stunden nicht antworte, bitte kurze PM |
|
Linear-Darstellung
