| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner: TR/SPY.KeyLogger.ilw in C:\Windows\SysWOW64\msnuncer-.dllWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.02.2011, 16:03
| #1 |
| |  Trojaner: TR/SPY.KeyLogger.ilw in C:\Windows\SysWOW64\msnuncer-.dll Hallo. Meinen Virenprogramm Avira Antivir Premium hat einen Trojaner (siehe Titel) entdeckt, löschbar ist er aber nicht. Mittlerweile geht nur teilweise mein Browser und alles hängt oder geht gar nicht. Außerdem werden in jedem Verzeichnis auch transparente Ordner angezeigt, die es vorher nicht gab. Ich kenne mich nicht allzu gut mit Fachbegriffen aus, also bitte erklärt mir genau was ich zu machen habe. Ich hoffe mir kann jemand helfen Hier der OTL Systemscan: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 27.02.2011 15:43:36 - Run 1
OTL by OldTimer - Version 3.2.22.1 Folder = C:\Users\Benutzer\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 47,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,48 Gb Total Space | 89,95 Gb Free Space | 61,41% Space Free | Partition Type: NTFS
Drive D: | 151,60 Gb Total Space | 151,47 Gb Free Space | 99,91% Space Free | Partition Type: NTFS
Drive E: | 40,52 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 1397,26 Gb Total Space | 1173,63 Gb Free Space | 84,00% Space Free | Partition Type: NTFS
Computer Name: BENUTZER-PC | User Name: Benutzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l File not found
InternetShortcut [print] -- rundll32.exe C:\Windows\System32\mshtml.dll,PrintHTML "%1" ()
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [scan_with_SPYWAREfighter] -- C:\Program Files (x86)\Fighters\SPYWAREfighter\SWPROTray.exe /scan "%1" (SPAMfighter)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [scan_with_SPYWAREfighter] -- C:\Program Files (x86)\Fighters\SPYWAREfighter\SWPROTray.exe /scan "%1" (SPAMfighter)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09817EF7-0D6E-48EC-BDE6-79C9A84C3934}" = rport=139 | protocol=6 | dir=out | app=system |
"{0BA58DDE-9DF5-42AB-9DA0-06AE5ED31732}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0E0EB0E6-BC6E-43BA-A1A6-346466B6D90A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1218F423-1D7E-43DE-8BB3-8C4E6CCD2BE6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{211D7311-E75E-4730-812F-34F53ED4C51E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{29F63622-B367-4E6A-8CED-B67800DD2A13}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{2A12DE21-C177-43F7-8B98-6C24002A29A9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{34400FBE-BD0F-4043-8BCF-DF1FF648FEF6}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3465EFFF-E940-42C1-9161-6814D1CDBF31}" = lport=139 | protocol=6 | dir=in | app=system |
"{37306204-4B85-47A3-A1A7-726DD61461BA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{411A84BA-3267-4EED-8864-8C3077EE91B2}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{44FBFDCC-B704-4C3F-B103-EAA6D4AA2688}" = rport=445 | protocol=6 | dir=out | app=system |
"{4E27531C-F855-441B-AE40-04662F2E6BCE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{502526BE-CCDA-4304-A129-6ED5A16053B1}" = lport=138 | protocol=17 | dir=in | app=system |
"{562B02A4-A11D-4A66-A868-8ABD8E206632}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5A1693F2-B011-4747-AFE8-81BA9F03A551}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5FB2093F-2367-45B6-A8FE-0C7EF4C5E69C}" = lport=1900 | protocol=17 | dir=in | name=microsoft upnp-port (udp) |
"{62EA500B-81A4-4434-9623-874B4D3FB320}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6612A3F4-DAE8-4A54-AC19-0B21E0FA8EA1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{73F14671-D894-4814-A1E1-44727B3E1A82}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{74337684-B585-4A87-A9D0-D30A2BFCC3F8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{75128587-C93A-4ADB-A896-588CD3608F77}" = lport=445 | protocol=6 | dir=in | app=system |
"{76A983F8-C5D2-47A8-A2F8-622136AC668C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{79A4F8D6-6A24-4619-AB75-BF7962B033A2}" = lport=2869 | protocol=6 | dir=in | name=microsoft upnp-port (tcp) |
"{7C22A4B6-F135-4C90-84DA-736CD5355485}" = lport=137 | protocol=17 | dir=in | app=system |
"{8FBECC07-D23A-43A5-A390-D8C3AC97CAE9}" = lport=0 | protocol=6 | dir=in | name=magix upnp media server |
"{9D398671-D029-41C9-BFBC-55E73CA75341}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C61D8336-7A62-4C56-9C53-AA347DB832D1}" = rport=138 | protocol=17 | dir=out | app=system |
"{CEC95A5C-4654-4E6F-B189-9EC86DDE7AD7}" = rport=137 | protocol=17 | dir=out | app=system |
"{FFFF6DFF-8F5B-4942-8273-D9EB2304FA48}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0163DAF9-7701-4F83-BB62-187DC25C1D45}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{04043FD1-29B5-404E-8A10-8BAC8FA4A803}" = protocol=17 | dir=in | app=f:\neuer ordner\steam.exe |
"{081B70BC-FC2C-4D5B-9022-8541039ACE6C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{10EECB66-52D7-4EBC-89BA-687319AC3261}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{1241E280-FB09-4109-A0D6-855680164AA0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{12A3013E-BE2B-4555-B8F1-0D1F60B32B97}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"{14AB3ED6-C7BD-4E55-8CA2-5D7D3F646AA9}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{1A31DB63-00CC-4017-96EB-E79E1A814DA4}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{1BAE7A6D-4118-4524-A609-91812FE8FE56}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\fuel\fuel.exe |
"{1FFCC2D6-2FF6-4AF4-9B78-39DA0369A3B6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{21E06553-A2C1-4DD3-8020-ED25D3B674B6}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{27BFB9D1-D5DF-4D33-B1FD-2F9893A93257}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\rm.exe |
"{2EAB12FB-7A85-41B9-A57E-B124B0A3F24E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3150B6A7-7D16-4980-8211-DBAD69794DAE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{341B2A56-ECFF-4E06-A466-A0282F94F39D}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{352E9E15-5D89-420F-ADF5-66DA6AA11CA8}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{36FEF3AD-9188-4909-A441-B27C8759F11B}" = protocol=6 | dir=out | app=system |
"{3D33DC34-4059-4127-9846-5FA1AADF33C9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{41611A5F-8E0E-40E7-8D7B-6DA738D41363}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{424716FE-DA9F-4C87-9D0E-9E46CBE0659F}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{43466330-645C-4828-804B-1DA24847C393}" = protocol=6 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{467FD43D-B0DC-4175-A8B9-D558225BB3DF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{49A171EB-1376-4D90-838A-F1DD14C7D36B}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{49D783D4-2352-4428-8767-194A63C0CA93}" = protocol=17 | dir=in | app=c:\program files (x86)\thehunter\launcher\launcher.exe |
"{4BB77A1B-5889-4968-8B2A-24F65364E77F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4C023332-C308-4844-B001-9157AFEFFF59}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{4C6CE3EC-C005-461D-A0D9-28CB0DFB0129}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
"{4CD1FB35-36D6-4A30-8BB5-0087B4DBEB55}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"{4EFDEFAC-6AD1-4B09-B609-2CC9B2BB4809}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4EFEFAD3-D981-4D35-9B9A-28F0877BE347}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{4F95D39B-306F-4469-BD01-94D170103F32}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{57C69EF5-A4D4-471D-8092-052B04523760}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"{5A18A786-AE33-4585-AE1D-3ED8B5817907}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{5D6D341A-46F3-4F02-8F9D-1A6B950A9979}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\magix shared\upnpservice\upnpservice.exe |
"{60380831-4AC6-462E-9B35-593A3EF7FFC0}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{62745B29-2145-4F5F-BBE5-9D39757A3871}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{642643DF-3A50-49D0-9749-0E249FE9A178}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{6E0F8E1D-43D9-4818-B4CC-B5BF879E3464}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6EB32C88-5231-428E-B490-814F7E0CAA30}" = protocol=6 | dir=in | app=c:\program files (x86)\thehunter\game\thehunter.exe |
"{7635FDE6-324B-409F-954C-2BCBE20FD45A}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{79670B12-3CE1-4F4E-BFC3-9A2FBCD5229F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7E2ED504-9FC4-4F7F-807A-8403307B1D92}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7F05C9FB-793B-4C9B-B8F5-451623386FA3}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{7FAB3C62-A716-4D32-BFB1-B7BA0EDF82A4}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"{829B80BA-F3AE-45F8-A4C7-2E0573205718}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{844C864F-7463-4FAC-9825-E7E905571295}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"{858D81A0-A45C-474C-983F-4D087C57DAB5}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\rm.exe |
"{8A937CEE-0B36-406D-9023-8B76F85F1B12}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9516543E-C95D-43FD-8A5B-11E14D9CAAE1}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{A4B4F9E6-CCFA-4A37-92BC-45932CD7C93F}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{A6634B2A-6B24-4E9B-A947-F1CFABB00E24}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{A740A160-E073-4D08-AA40-F6BD4E16A88E}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{ACF890CF-ACA2-4592-9891-742569AB6B69}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\umi.exe |
"{AF1866E4-3DC7-48B8-8853-9D6F20AE6B5B}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\fuel\fuel.exe |
"{B12E8040-FFCE-4003-9AC4-7EF6622675DA}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\magix shared\upnpservice\upnpservice.exe |
"{B21DFD37-AEBB-4BAE-9A5E-4580FD29303B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{B961C6A4-9BDB-4C26-BCDA-ED0902F66EE7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BE74FE3B-4C38-4619-A413-2F7769018000}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{BFED424A-07EE-4ED8-9E43-6DA4B1698040}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C0C14042-DC62-4976-B9F3-AA51D1502B11}" = protocol=17 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{C1C4B0AD-4785-46C5-9F7C-ECC5C2EE47E7}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{C30B4BA4-AF0F-4FE9-84D5-B0AFEB8BF1E9}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C339A40B-83A0-4589-9413-1E108CF6AA08}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C6727543-FDC4-460A-BE7C-7EFF8F6B1422}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C9383138-D4F8-491F-BCB0-F8B874740409}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CBD73201-D8F1-4A6E-99A6-D4BB8B6900B4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D1654377-319A-46CF-89D6-AD16DEB25E35}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D7A9F894-3EDB-4F0E-A135-DFEA70EFFA2B}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
"{DB6CA7D3-7C4B-42DC-9F6C-236D6C50B4B1}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{DBDA0705-D2BF-4E68-97AA-37D6A5DCA5D0}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\umi.exe |
"{DC698DCE-6499-425F-B7EF-BD17ECC9747B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{DDACD7A3-1FE5-450A-887A-51DDF2FAE707}" = protocol=6 | dir=in | app=c:\program files (x86)\thehunter\launcher\launcher.exe |
"{DFA1F5AC-8919-4B64-A0E7-634AF856BB78}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E45A54A6-3B58-4CE8-94B6-74D6DE38401C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{E6BD455B-9D77-40FB-B2A4-8F427A309088}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E7ACD368-C049-4023-81CD-FCBE6F61E818}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E876EF04-2B0D-41ED-953F-FBD187B3E274}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"{ECB8DC03-97E4-4CBD-B719-218ECC68B20B}" = protocol=6 | dir=in | app=f:\neuer ordner\steam.exe |
"{ECC3043F-EDAB-4910-B9A9-1FF56E772BDC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{ED978BC5-6016-48E8-A9E6-5B8770CB65C0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F9CB5554-AA08-4EC2-85BC-9A5BCAB77535}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FC75CDFB-5CC1-4A47-ABEF-12571169EEE3}" = protocol=17 | dir=in | app=c:\program files (x86)\thehunter\game\thehunter.exe |
"TCP Query User{041FD7E3-DF66-4F6C-B961-595F5C77E42E}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{05ABFE7B-371C-46DA-8184-934A2F8B9339}C:\program files (x86)\logitech\logitech vid\vid.exe" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"TCP Query User{0F58B655-1892-4C8E-95C6-5FF1CCB17A28}D:\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=d:\counter-strike source\hl2.exe |
"TCP Query User{1272D1A2-66D5-4F02-B66A-D73EAC593799}C:\users\benutzer\appdata\local\temp\rarsfx6\hl.exe" = protocol=6 | dir=in | app=c:\users\benutzer\appdata\local\temp\rarsfx6\hl.exe |
"TCP Query User{1336A850-46CA-4860-8EBF-A8BBECAB9B43}F:\test.exe" = protocol=6 | dir=in | app=f:\test.exe |
"TCP Query User{1D24C807-5689-47BE-A2B1-7661428FB5B9}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{1F7CAA90-3F5B-4369-BFA9-721984CBC45B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{22C3C650-4ABD-480A-AB98-6522E9BF530B}C:\program files (x86)\corel\graphics10\register\navbrowser.exe" = protocol=6 | dir=in | app=c:\program files (x86)\corel\graphics10\register\navbrowser.exe |
"TCP Query User{2498A8B9-6F90-4213-8F31-52F611F48186}C:\users\benutzer\appdata\local\temp\rarsfx2\hl.exe" = protocol=6 | dir=in | app=c:\users\benutzer\appdata\local\temp\rarsfx2\hl.exe |
"TCP Query User{28292937-5C2F-4E2A-965D-587B90E90B5E}D:\teeworlds\train1.1_srv.exe" = protocol=6 | dir=in | app=d:\teeworlds\train1.1_srv.exe |
"TCP Query User{34D1B258-D9EB-4077-AC9B-53FE9440F113}D:\teeworlds\teeworlds_srv.exe" = protocol=6 | dir=in | app=d:\teeworlds\teeworlds_srv.exe |
"TCP Query User{3F7EBF1F-3651-4FD1-9B8D-80DB7B5A48CA}D:\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=d:\counter-strike source\hl2.exe |
"TCP Query User{4252D51A-FFAA-4418-B9F2-7FC118FDB01E}C:\users\benutzer\desktop\neuer ordner\tee-strike-0.1.0-win32\tee-strike_srv.exe" = protocol=6 | dir=in | app=c:\users\benutzer\desktop\neuer ordner\tee-strike-0.1.0-win32\tee-strike_srv.exe |
"TCP Query User{43156536-4FBA-46BE-B058-50C4C6DB86C5}C:\program files (x86)\warsow 0.5\warsow_x64.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warsow 0.5\warsow_x64.exe |
"TCP Query User{4CAC4678-BC9B-4B9B-BA92-494BD87BB7CB}C:\program files (x86)\call of duty modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\call of duty modern warfare 2\iw4mp.exe |
"TCP Query User{5348DA90-E09C-4A62-94DF-EC98458605B4}F:\programme\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=f:\programme\counter-strike source\hl2.exe |
"TCP Query User{5531C407-1215-438B-8A65-DEE81D8752E1}H:\niklas\downloadspiele für pc\wow-dede-installer-downloader.exe" = protocol=6 | dir=in | app=h:\niklas\downloadspiele für pc\wow-dede-installer-downloader.exe |
"TCP Query User{59F18E3C-D043-4E01-B085-860B42767E2B}C:\users\benutzer\appdata\local\temp\rarsfx0\hl.exe" = protocol=6 | dir=in | app=c:\users\benutzer\appdata\local\temp\rarsfx0\hl.exe |
"TCP Query User{5D969D3C-A747-4DBE-89C6-B6F2E266B3F8}D:\teeworlds\teeworlds_srv_instagib.exe" = protocol=6 | dir=in | app=d:\teeworlds\teeworlds_srv_instagib.exe |
"TCP Query User{6B0CEC5E-1C71-48C5-A8F7-DD1C3D8D5883}C:\users\benutzer\desktop\neuer ordner\spiele\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\users\benutzer\desktop\neuer ordner\spiele\counter-strike source\hl2.exe |
"TCP Query User{6B900DD2-7F13-45F7-9910-608FE977510A}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{6F5CFDEC-1A95-472D-8F2A-477D9667CF4D}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{71266125-C5D3-4E84-AA58-3746A901CD04}C:\program files (x86)\activision value\world series of poker toc\wsoptoc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision value\world series of poker toc\wsoptoc.exe |
"TCP Query User{73D08CEB-E11E-4EC9-A69C-78C3815916CD}F:\programme\teeworlds\teeworlds_srv.exe" = protocol=6 | dir=in | app=f:\programme\teeworlds\teeworlds_srv.exe |
"TCP Query User{75444AA7-9D27-4192-8EEC-B6A1EB3E6056}C:\users\benutzer\appdata\local\temp\rarsfx3\hl.exe" = protocol=6 | dir=in | app=c:\users\benutzer\appdata\local\temp\rarsfx3\hl.exe |
"TCP Query User{7C3C41B5-3404-4B6F-98C7-14B79D507BBA}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"TCP Query User{7D0BF9EF-17BD-4EBF-828B-53442DC0247E}C:\users\benutzer\desktop\neuer ordner\spiele\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\users\benutzer\desktop\neuer ordner\spiele\counter-strike source\hl2.exe |
"TCP Query User{839FCBE3-E754-43EC-B166-1E7E5782A568}F:\programme\teeworlds\teeworlds_srv_instagib.exe" = protocol=6 | dir=in | app=f:\programme\teeworlds\teeworlds_srv_instagib.exe |
"TCP Query User{846FA16E-6001-4D6F-BCF4-6BE823F1091F}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{8A77E830-6191-4602-BD81-71715FBC500E}C:\users\benutzer\desktop\neuer ordner\teeworlds-0.5.1-win32\teeworlds_srv.exe" = protocol=6 | dir=in | app=c:\users\benutzer\desktop\neuer ordner\teeworlds-0.5.1-win32\teeworlds_srv.exe |
"TCP Query User{8F21FAD0-1A97-4886-96E0-97DBF4778E2C}D:\teeworlds\teeworlds_srv_instagib.exe" = protocol=6 | dir=in | app=d:\teeworlds\teeworlds_srv_instagib.exe |
"TCP Query User{A3CA5ADA-7BAE-4C41-8EE0-1938EC3463E6}F:\programme\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=f:\programme\counter-strike source\hl2.exe |
"TCP Query User{AB1D4C76-BB53-4596-BF27-D33BD7835CC2}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{AF393E5B-334C-48EF-8099-51E23D93B5CE}D:\teeworlds\teeworlds_srv_race.exe" = protocol=6 | dir=in | app=d:\teeworlds\teeworlds_srv_race.exe |
"TCP Query User{BC342D00-AB98-46BD-840B-8B24FCF0026D}F:\[ego] counter strike source\hl2.exe" = protocol=6 | dir=in | app=f:\[ego] counter strike source\hl2.exe |
"TCP Query User{BC916C1B-7541-43A0-9971-05ED74E2B367}C:\users\benutzer\desktop\neuer ordner\teeworlds\teeworlds_srv_instagib.exe" = protocol=6 | dir=in | app=c:\users\benutzer\desktop\neuer ordner\teeworlds\teeworlds_srv_instagib.exe |
"TCP Query User{BD6ABB4D-4874-422A-B4B7-14B1190FD5A4}C:\users\benutzer\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\benutzer\program files (x86)\dna\btdna.exe |
"TCP Query User{BF98FB48-AA57-486E-8E74-02916C3BF4A9}C:\program files (x86)\icq7.0\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"TCP Query User{C258F9AB-F8B0-42C2-AF08-B9025FAB3474}C:\users\benutzer\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\benutzer\program files (x86)\dna\btdna.exe |
"TCP Query User{C4E0A3D9-0FFF-4A7F-B2C9-0DD5D317CC90}C:\users\benutzer\appdata\local\temp\rarsfx4\hl.exe" = protocol=6 | dir=in | app=c:\users\benutzer\appdata\local\temp\rarsfx4\hl.exe |
"TCP Query User{C5ECFCB8-DA13-404B-A8FF-82B6F1856945}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{CD9ADCB3-D1DD-4330-B742-0DFAEBFD7B4D}D:\teeworlds\teeworlds_srv.exe" = protocol=6 | dir=in | app=d:\teeworlds\teeworlds_srv.exe |
"TCP Query User{D0D3FFE5-7710-494B-8B54-5462FD56729B}C:\users\benutzer\appdata\local\temp\rarsfx5\hl.exe" = protocol=6 | dir=in | app=c:\users\benutzer\appdata\local\temp\rarsfx5\hl.exe |
"TCP Query User{D0D9A69E-E236-4A4E-BDE5-15CF170FF600}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{EC0C30BE-F920-472F-8BA3-92714E43EEBD}C:\users\benutzer\appdata\local\temp\rarsfx1\hl.exe" = protocol=6 | dir=in | app=c:\users\benutzer\appdata\local\temp\rarsfx1\hl.exe |
"TCP Query User{EE90D081-5276-4DF6-81F0-8D375C1BA239}D:\teeworlds\teeworlds_srv_race.exe" = protocol=6 | dir=in | app=d:\teeworlds\teeworlds_srv_race.exe |
"TCP Query User{FD1EA2C0-4257-436D-B1AD-4054BC0C2B9E}C:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"UDP Query User{00AF95E5-27BC-4DD2-A112-3CD8EAFCEB3D}F:\programme\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=f:\programme\counter-strike source\hl2.exe |
"UDP Query User{0B8B2CFC-B1E5-4897-8599-C47C5698C5B5}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{0C639ECA-E09C-48DA-BA44-41255F41D277}C:\users\benutzer\desktop\neuer ordner\spiele\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\users\benutzer\desktop\neuer ordner\spiele\counter-strike source\hl2.exe |
"UDP Query User{1058370B-A31F-47CC-9B4F-34C53E9DAF65}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{1A4908C8-301B-4944-9DF5-4D95BA3B862C}C:\program files (x86)\call of duty modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\call of duty modern warfare 2\iw4mp.exe |
"UDP Query User{1E64FCE3-A9DB-477A-B1CF-518A9A600C0A}C:\users\benutzer\desktop\neuer ordner\spiele\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\users\benutzer\desktop\neuer ordner\spiele\counter-strike source\hl2.exe |
"UDP Query User{2165152E-A26F-4683-9C1B-E0CC021201E4}C:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"UDP Query User{241F8F9D-B972-4948-A0F2-2F5A4C8F30CF}C:\program files (x86)\warsow 0.5\warsow_x64.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warsow 0.5\warsow_x64.exe |
"UDP Query User{2AF1F24D-9740-4F29-8CB8-AFC7B1B34309}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{2C9EE115-9744-48EA-B758-91BC490A9440}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{2CB5D3DA-00C5-4CD7-9B3F-2DEE5CB40A1E}C:\users\benutzer\appdata\local\temp\rarsfx5\hl.exe" = protocol=17 | dir=in | app=c:\users\benutzer\appdata\local\temp\rarsfx5\hl.exe |
"UDP Query User{2F39AB4F-1452-412B-8931-B97690D912C8}C:\program files (x86)\logitech\logitech vid\vid.exe" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"UDP Query User{2F7D0C7E-42CA-4DD2-A94A-F712A3B22F88}C:\users\benutzer\appdata\local\temp\rarsfx1\hl.exe" = protocol=17 | dir=in | app=c:\users\benutzer\appdata\local\temp\rarsfx1\hl.exe |
"UDP Query User{39384550-ED57-4480-ABBD-4B33275BE045}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{3965558B-44BB-42CC-8440-3E5077DB6FD1}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{39D3208C-0CC6-496A-AC8A-8C48F1BCB56F}F:\[ego] counter strike source\hl2.exe" = protocol=17 | dir=in | app=f:\[ego] counter strike source\hl2.exe |
"UDP Query User{4144B005-6C53-4036-8A10-E27790B5E7EB}C:\users\benutzer\appdata\local\temp\rarsfx4\hl.exe" = protocol=17 | dir=in | app=c:\users\benutzer\appdata\local\temp\rarsfx4\hl.exe |
"UDP Query User{4520DDDE-706B-4B3B-A27C-7E0AA399E0C5}C:\program files (x86)\corel\graphics10\register\navbrowser.exe" = protocol=17 | dir=in | app=c:\program files (x86)\corel\graphics10\register\navbrowser.exe |
"UDP Query User{464BFC0F-902F-47DA-9D9C-CD012D92A60A}C:\program files (x86)\activision value\world series of poker toc\wsoptoc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision value\world series of poker toc\wsoptoc.exe |
"UDP Query User{488A15AE-092E-4E57-8D90-70DDB20B11A3}C:\users\benutzer\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\benutzer\program files (x86)\dna\btdna.exe |
"UDP Query User{4C013C87-5E91-4F60-AEB6-C309B1B93C0D}C:\users\benutzer\appdata\local\temp\rarsfx0\hl.exe" = protocol=17 | dir=in | app=c:\users\benutzer\appdata\local\temp\rarsfx0\hl.exe |
"UDP Query User{4F7E57BC-5AF7-4022-AC56-71184CF23046}D:\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=d:\counter-strike source\hl2.exe |
"UDP Query User{547BCD72-1ACB-4B2A-856E-B8EC4E625B6E}C:\users\benutzer\appdata\local\temp\rarsfx2\hl.exe" = protocol=17 | dir=in | app=c:\users\benutzer\appdata\local\temp\rarsfx2\hl.exe |
"UDP Query User{67ADA67B-472A-4C33-9748-AB492C122DFB}C:\users\benutzer\desktop\neuer ordner\teeworlds-0.5.1-win32\teeworlds_srv.exe" = protocol=17 | dir=in | app=c:\users\benutzer\desktop\neuer ordner\teeworlds-0.5.1-win32\teeworlds_srv.exe |
"UDP Query User{7060A277-172C-41CE-A2B5-BF781D25902C}C:\users\benutzer\appdata\local\temp\rarsfx6\hl.exe" = protocol=17 | dir=in | app=c:\users\benutzer\appdata\local\temp\rarsfx6\hl.exe |
"UDP Query User{7161CB82-38F8-4B4B-A665-D4160124B79E}D:\teeworlds\teeworlds_srv.exe" = protocol=17 | dir=in | app=d:\teeworlds\teeworlds_srv.exe |
"UDP Query User{7B1ABFFD-6116-402C-9281-EF8371D499D4}F:\programme\teeworlds\teeworlds_srv_instagib.exe" = protocol=17 | dir=in | app=f:\programme\teeworlds\teeworlds_srv_instagib.exe |
"UDP Query User{84D4391A-0AC3-4B3F-AB45-31981E66CAF9}C:\users\benutzer\appdata\local\temp\rarsfx3\hl.exe" = protocol=17 | dir=in | app=c:\users\benutzer\appdata\local\temp\rarsfx3\hl.exe |
"UDP Query User{8B49F068-5A3B-481A-8ECA-5CAD2D8E4957}C:\users\benutzer\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\benutzer\program files (x86)\dna\btdna.exe |
"UDP Query User{933044F2-5476-40B7-A44F-E13C7124D51F}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{97E26CC8-561B-48E6-BCF3-FFFC3744E350}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"UDP Query User{A2B0BA38-4650-40D4-9CD5-44D10B79ACC3}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{A618D8A1-B38F-40C3-BBA4-3A354B7827C3}D:\teeworlds\teeworlds_srv_instagib.exe" = protocol=17 | dir=in | app=d:\teeworlds\teeworlds_srv_instagib.exe |
"UDP Query User{AB0C5320-DC8F-4964-838B-B2BE354F0A06}F:\test.exe" = protocol=17 | dir=in | app=f:\test.exe |
"UDP Query User{AF5A9AD2-2AEF-44D4-B165-959D4471437A}D:\teeworlds\teeworlds_srv.exe" = protocol=17 | dir=in | app=d:\teeworlds\teeworlds_srv.exe |
"UDP Query User{B037EF6A-A8D8-46BC-8564-35CEB65A8D70}C:\program files (x86)\icq7.0\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"UDP Query User{CE452605-34F4-452E-BA07-78C29A2F792C}D:\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=d:\counter-strike source\hl2.exe |
"UDP Query User{D38251C2-FCD2-4004-A372-EDD57FFC49DF}F:\programme\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=f:\programme\counter-strike source\hl2.exe |
"UDP Query User{D3F86285-E186-4C12-8496-F3A8140891ED}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{E0349AEB-F144-4B08-88A3-7775E920A351}D:\teeworlds\teeworlds_srv_race.exe" = protocol=17 | dir=in | app=d:\teeworlds\teeworlds_srv_race.exe |
"UDP Query User{E380FA19-B8B3-42E2-B087-45565B860038}H:\niklas\downloadspiele für pc\wow-dede-installer-downloader.exe" = protocol=17 | dir=in | app=h:\niklas\downloadspiele für pc\wow-dede-installer-downloader.exe |
"UDP Query User{EAF7A102-F16E-4E34-A2E6-B5E4B50237F7}D:\teeworlds\teeworlds_srv_instagib.exe" = protocol=17 | dir=in | app=d:\teeworlds\teeworlds_srv_instagib.exe |
"UDP Query User{ECBDD837-A6AA-4174-B287-9BF47282A74D}F:\programme\teeworlds\teeworlds_srv.exe" = protocol=17 | dir=in | app=f:\programme\teeworlds\teeworlds_srv.exe |
"UDP Query User{EEF735D6-C95C-48B9-8D41-228FDF20D227}C:\users\benutzer\desktop\neuer ordner\teeworlds\teeworlds_srv_instagib.exe" = protocol=17 | dir=in | app=c:\users\benutzer\desktop\neuer ordner\teeworlds\teeworlds_srv_instagib.exe |
"UDP Query User{F1A7EE6E-77EB-45BB-A1A9-EEE74BEF77E4}C:\users\benutzer\desktop\neuer ordner\tee-strike-0.1.0-win32\tee-strike_srv.exe" = protocol=17 | dir=in | app=c:\users\benutzer\desktop\neuer ordner\tee-strike-0.1.0-win32\tee-strike_srv.exe |
"UDP Query User{F1E90FDB-714D-4CF7-8CD6-8872BA3E6860}D:\teeworlds\teeworlds_srv_race.exe" = protocol=17 | dir=in | app=d:\teeworlds\teeworlds_srv_race.exe |
"UDP Query User{FF2AC194-F017-477A-8EFB-6C76838A9787}D:\teeworlds\train1.1_srv.exe" = protocol=17 | dir=in | app=d:\teeworlds\train1.1_srv.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{5BFB956C-3AB9-492A-9E91-5D8C87DCC599}" = Paint.NET v3.5.1
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4DF3FD3-4467-47EF-8D4A-AF1E691E34F5}" = Logitech Webcam Software
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"lvdrivers_12.0" = Logitech Webcam Software-Treiberpaket
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03534DA5-2F88-4B8E-A978-849B979E1B8F}" = TuxGuitar
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{24508D50-EB8F-4FE6-B69D-B4935D8745EF}_is1" = Warsow 0.5
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{5A7D2B13-9522-48A9-A06F-A9C4AA33D8AD}" = SPYWAREfighter
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C0DA51-DB32-4F66-970B-7298F3CAF37F}" = Nokia Software Updater
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F7C09A4-EBAE-11D3-A9AF-005004D2ECE4}" = Attune 2.3.2
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{DA18FD01-4830-45D6-8408-8F20A9D89D95}" = PC Connectivity Solution
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}" = Pinnacle VideoSpin
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ask Toolbar_is1" = Ask Toolbar
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Premium
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"Babylon" = Babylon
"BabylonToolbar" = Babylon toolbar
"BejE9zsrv_is1" = All In One
"Blue Byte Game Channel" = Blue Byte Game Channel
"conduitEngine" = Conduit Engine
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DoremiSoft AVI to MP4 Converter" = DoremiSoft AVI to MP4 Converter 1.0
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Finale NotePad 2004" = Finale NotePad 2004
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"FontCreator6_is1" = High-Logic FontCreator 6.1
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.1
"Free YouTube Download_is1" = Free YouTube Download version 2.10.30
"Free_Lunch_Design Toolbar" = Free_Lunch_Design Toolbar
"ICQToolbar" = ICQ Toolbar
"Inkscape" = Inkscape 0.47
"Just Cause 2_is1" = Just Cause 2
"LastFM_is1" = Last.fm 1.5.4.27091
"MAGIX Foto Manager 2007 D" = MAGIX Foto Manager 2007 4.1.1.29 (D)
"MAGIX Music Cleaning Lab 2007 deluxe D" = MAGIX Music Cleaning Lab 2007 deluxe 8.0.1.0 (D)
"MAGIX Music Manager 2007 D" = MAGIX Music Manager 2007 8.1.1.29 (D)
"MAGIX Speed burnR UK" = MAGIX Speed burnR
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Manhunt 2" = Manhunt 2
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Notepad++" = Notepad++
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"PunkBusterSvc" = PunkBuster Services
"S4Uninst" = Die Siedler IV
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"SPYWAREfighter" = SPYWAREfighter
"ST6UNST #1" = BEWERBUNGS-MASTER
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 5" = TeamViewer 5
"TheLastRipper" = TheLastRipper 1.4
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 0.9.8a
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinGTK-2_is1" = GTK+ 2.4.3 runtime environment
"WinRAR archiver" = WinRAR
"www.Freeware-download.com Toolbar" = www.Freeware-download.com Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CreepSmash.com" = CreepSmash.com
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 27.02.2011 08:54:42 | Computer Name = Benutzer-PC | Source = Application Hang | ID = 1002
Description = Programm avwebloader.exe, Version 1.1.8.3 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über
das Problem zu suchen. Prozess-ID: 9b4 Anfangszeit: 01cbd6759619eb64 Zeitpunkt der
Beendigung: 17
Error - 27.02.2011 08:59:19 | Computer Name = Benutzer-PC | Source = Application Hang | ID = 1002
Description = Programm Load.exe, Version 3.3.6.1 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: fec Anfangszeit: 01cbd67d933c0631 Zeitpunkt der Beendigung:
11
Error - 27.02.2011 09:49:03 | Computer Name = Benutzer-PC | Source = Application Hang | ID = 1002
Description = Programm Skype.exe, Version 5.0.0.156 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 1390 Anfangszeit: 01cbd6845de43132 Zeitpunkt der Beendigung:
63
Error - 27.02.2011 10:19:08 | Computer Name = Benutzer-PC | Source = Application Hang | ID = 1002
Description = Programm avcenter.exe, Version 9.0.0.20 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 488 Anfangszeit: 01cbd689077f840e Zeitpunkt der Beendigung:
11
Error - 27.02.2011 10:25:02 | Computer Name = Benutzer-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Benutzer\Downloads\SoftonicDownloader_fuer_a-squared.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die
widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest.
Error - 27.02.2011 10:30:29 | Computer Name = Benutzer-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 27.02.2011 10:30:29 | Computer Name = Benutzer-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 27.02.2011 10:34:39 | Computer Name = Benutzer-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 27.02.2011 10:34:41 | Computer Name = Benutzer-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 27.02.2011 10:35:03 | Computer Name = Benutzer-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ System Events ]
Error - 27.02.2011 10:28:54 | Computer Name = Benutzer-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =
Error - 27.02.2011 10:29:39 | Computer Name = Benutzer-PC | Source = HTTP | ID = 15016
Description =
Error - 27.02.2011 10:31:10 | Computer Name = Benutzer-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27.02.2011 10:31:10 | Computer Name = Benutzer-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 27.02.2011 10:32:59 | Computer Name = Benutzer-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =
Error - 27.02.2011 10:33:22 | Computer Name = Benutzer-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 27.02.2011 um 15:32:11 unerwartet heruntergefahren.
Error - 27.02.2011 10:33:25 | Computer Name = Benutzer-PC | Source = HTTP | ID = 15016
Description =
Error - 27.02.2011 10:34:55 | Computer Name = Benutzer-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27.02.2011 10:34:55 | Computer Name = Benutzer-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 27.02.2011 10:36:00 | Computer Name = Benutzer-PC | Source = DCOM | ID = 10010
Description =
< End of report >
OTL Logfile: Code:
ATTFilter OTL logfile created on: 27.02.2011 15:43:36 - Run 1 OTL by OldTimer - Version 3.2.22.1 Folder = C:\Users\Benutzer\Desktop 64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 47,00% Memory free 8,00 Gb Paging File | 5,00 Gb Available in Paging File | 71,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 146,48 Gb Total Space | 89,95 Gb Free Space | 61,41% Space Free | Partition Type: NTFS Drive D: | 151,60 Gb Total Space | 151,47 Gb Free Space | 99,91% Space Free | Partition Type: NTFS Drive E: | 40,52 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive F: | 1397,26 Gb Total Space | 1173,63 Gb Free Space | 84,00% Space Free | Partition Type: NTFS Computer Name: BENUTZER-PC | User Name: Benutzer | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Benutzer\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\SysWOW64\PnkBstrB.exe () PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Babylon\Babylon-Pro\TC\BabylonTC.exe (Ginger Software) PRC - C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe (Babylon Ltd.) PRC - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.) PRC - C:\Program Files (x86)\Fighters\FighterSuiteService.exe (SPAMfighter ApS) PRC - C:\Program Files (x86)\Fighters\SPYWAREfighter\swproTray.exe (SPAMfighter) PRC - C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe (Preventon Technologies Limited) PRC - C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe (Preventon Technologies Limited) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () PRC - c:\Windows\SysWOW64\meofvttnlvr.exe (Helper) PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH) PRC - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe () PRC - C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe () PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.) PRC - C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe (Logitech Inc.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - c:\Program Files (x86)\Uevljjdblztlvmca\meofvttnlv.exe (Limited) ========== Modules (SafeList) ========== MOD - C:\Users\Benutzer\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (LVPrcS64) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe () SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (Suite Service) -- C:\Program Files (x86)\Fighters\FighterSuiteService.exe (SPAMfighter ApS) SRV - (AV Engine Scanning Service) -- C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe () SRV - (AV Watch Service) -- C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe () SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () SRV - (tuajxvjaxcahyu) -- c:\Windows\SysWOW64\meofvttnlvr.exe (Helper) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH) SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (UPnPService) -- C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG) ========== Driver Services (SafeList) ========== DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys () DRV:64bit: - (AVFSFilter) -- C:\Windows\SysNative\DRIVERS\avfsfilter.sys () DRV:64bit: - (acedrv10) -- C:\Windows\SysNative\drivers\acedrv10.sys () DRV:64bit: - (acehlp10) -- C:\Windows\SysNative\drivers\acehlp10.sys () DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys () DRV:64bit: - (LVUVC64) Logitech Webcam 500(UVC) -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys () DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\DRIVERS\lvrs64.sys () DRV:64bit: - (LVPr2Mon) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys () DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys () DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys () DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys () DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {26647ca4-a2a7-4eac-8a72-761aa9141de7} - C:\Program Files (x86)\www.Freeware-download.com\tbwww..dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files (x86)\Free_Lunch_Design\tbFree.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/home?AF=16508 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {26647ca4-a2a7-4eac-8a72-761aa9141de7} - C:\Program Files (x86)\www.Freeware-download.com\tbwww..dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files (x86)\Free_Lunch_Design\tbFree.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.defaultthis.engineName: "www.Freeware-download.com Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=16508" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-sunm" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-sunm" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/home?AF=16508" FF - prefs.js..extensions.enabledItems: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {d95e614b-c28e-43af-a326-ca590e18abd6}:1.5 FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14 FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0 FF - prefs.js..extensions.enabledItems: gb@toolbar:1.0.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.2.0 FF - prefs.js..extensions.enabledItems: {26647ca4-a2a7-4eac-8a72-761aa9141de7}:3.2.2.0 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: adapter@babylontc.com:1.0.0.1 FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3 FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=toolbar2&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.12.17 17:27:10 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.12.17 17:27:10 | 000,000,000 | ---D | M] [2010.03.14 11:28:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer\AppData\Roaming\mozilla\Extensions [2009.05.14 18:04:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer\AppData\Roaming\mozilla\Firefox\extensions [2009.05.14 18:04:03 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Benutzer\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} [2011.02.27 10:27:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer\AppData\Roaming\mozilla\Firefox\Profiles\h45jdrwj.default\extensions [2010.05.26 17:23:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Benutzer\AppData\Roaming\mozilla\Firefox\Profiles\h45jdrwj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.01.22 15:52:27 | 000,000,000 | ---D | M] (www.Freeware-download.com Community Toolbar) -- C:\Users\Benutzer\AppData\Roaming\mozilla\Firefox\Profiles\h45jdrwj.default\extensions\{26647ca4-a2a7-4eac-8a72-761aa9141de7} [2010.11.25 19:11:19 | 000,000,000 | ---D | M] (Free Lunch Design Toolbar) -- C:\Users\Benutzer\AppData\Roaming\mozilla\Firefox\Profiles\h45jdrwj.default\extensions\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} [2010.11.25 19:11:21 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Benutzer\AppData\Roaming\mozilla\Firefox\Profiles\h45jdrwj.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2011.01.24 21:18:16 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Benutzer\AppData\Roaming\mozilla\Firefox\Profiles\h45jdrwj.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2011.01.25 21:46:21 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Benutzer\AppData\Roaming\mozilla\Firefox\Profiles\h45jdrwj.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.11.25 19:11:20 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Users\Benutzer\AppData\Roaming\mozilla\Firefox\Profiles\h45jdrwj.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} [2010.05.24 15:36:55 | 000,000,000 | ---D | M] (APNG Edit) -- C:\Users\Benutzer\AppData\Roaming\mozilla\Firefox\Profiles\h45jdrwj.default\extensions\{d95e614b-c28e-43af-a326-ca590e18abd6} [2010.06.10 18:47:30 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Benutzer\AppData\Roaming\mozilla\Firefox\Profiles\h45jdrwj.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} [2010.09.25 15:40:25 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Benutzer\AppData\Roaming\mozilla\Firefox\Profiles\h45jdrwj.default\extensions\battlefieldheroespatcher@ea.com [2011.01.22 15:52:26 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Benutzer\AppData\Roaming\mozilla\Firefox\Profiles\h45jdrwj.default\extensions\engine@conduit.com [2011.02.26 16:39:29 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Benutzer\AppData\Roaming\mozilla\Firefox\Profiles\h45jdrwj.default\extensions\ffxtlbr@babylon.com [2010.09.30 15:54:47 | 000,000,000 | ---D | M] (GameBox) -- C:\Users\Benutzer\AppData\Roaming\mozilla\Firefox\Profiles\h45jdrwj.default\extensions\gb@toolbar [2010.10.24 21:56:34 | 000,000,953 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\h45jdrwj.default\searchplugins\conduit.xml [2010.09.30 15:55:05 | 000,001,571 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\h45jdrwj.default\searchplugins\web-search.xml [2011.02.26 16:40:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010.06.20 16:12:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.10.18 19:16:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.02.26 16:40:18 | 000,000,000 | ---D | M] ("Babylon Spelling and Proofreading") -- C:\Program Files (x86)\Mozilla Firefox\extensions\adapter@babylontc.com [2010.09.15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010.09.17 13:52:01 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2011.02.26 16:39:23 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml [2010.09.17 13:52:01 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml [2010.09.17 13:52:01 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.09.17 13:52:01 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.09.17 13:52:01 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (www.Freeware-download.com Toolbar) - {26647ca4-a2a7-4eac-8a72-761aa9141de7} - File not found O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.5\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files (x86)\Free_Lunch_Design\tbFree.dll (Conduit Ltd.) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.) O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.) O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKLM\..\Toolbar: (www.Freeware-download.com Toolbar) - {26647ca4-a2a7-4eac-8a72-761aa9141de7} - File not found O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files (x86)\Free_Lunch_Design\tbFree.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.5\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (www.Freeware-download.com Toolbar) - {26647CA4-A2A7-4EAC-8A72-761AA9141DE7} - C:\Program Files (x86)\www.Freeware-download.com\tbwww..dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Free Lunch Design Toolbar) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - C:\Program Files (x86)\Free_Lunch_Design\tbFree.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll () O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll () O4:64bit: - HKLM..\Run: [NvSvc] C:\Windows\SysNative\nvsvc64.dll () O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [AttuneClientEngine] C:\Program Files (x86)\Aveo\Attune\bin\attune_ce.exe (Aveo Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe (Babylon Ltd.) O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.5\BabylonToolbarsrv.exe (Babylon Ltd.) O4 - HKLM..\Run: [BrMfcWnd] File not found O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () O4 - HKLM..\Run: [SWPROguard] C:\Program Files (x86)\Fighters\SPYWAREfighter\swproTray.exe (SPAMfighter) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [EA Core] File not found O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe (Logitech Inc.) O4 - HKCU..\Run: [msnmsgr] File not found O4 - HKCU..\Run: [Steam] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Benutzer\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Translate this web page with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.) O8:64bit: - Extra context menu item: Translate with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.) O8 - Extra context menu item: Free YouTube Download - C:\Users\Benutzer\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Translate this web page with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.) O8 - Extra context menu item: Translate with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.) O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.) O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://www.schueler.cc/uploader/ImageUploader5.cab (Image Uploader Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Benutzer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Benutzer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.10.06 13:52:34 | 000,000,043 | R--- | M] () - E:\Autorun.inf -- [ CDFS ] O33 - MountPoints2\{16892e29-40a6-11de-a52c-001966b1e7f7}\Shell\1\Command - "" = .\RECYCLER\Lcass.exe O33 - MountPoints2\{16892e29-40a6-11de-a52c-001966b1e7f7}\Shell\2\Command - "" = .\RECYCLER\Lcass.exe O33 - MountPoints2\{16892e29-40a6-11de-a52c-001966b1e7f7}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\RECYCLER\Lcass.exe O33 - MountPoints2\{238ee943-2d99-11df-b617-001966b1e7f7}\Shell\Autoplay\command - "" = G:\usb_auto.exe O33 - MountPoints2\{238ee943-2d99-11df-b617-001966b1e7f7}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\usb_auto.exe O33 - MountPoints2\{238ee943-2d99-11df-b617-001966b1e7f7}\Shell\explore\Command - "" = G:\usb_auto.exe O33 - MountPoints2\{238ee943-2d99-11df-b617-001966b1e7f7}\Shell\Open\Command - "" = G:\usb_auto.exe O33 - MountPoints2\{57e1b559-d922-11de-b253-001966b1e7f7}\Shell - "" = AutoRun O33 - MountPoints2\{57e1b559-d922-11de-b253-001966b1e7f7}\Shell\AutoRun\command - "" = K:\setup.exe O33 - MountPoints2\{5d427165-0d44-11e0-893c-001966b1e7f7}\Shell\AutoRun\command - "" = G:\setup.exe O33 - MountPoints2\{5f7f6a6d-4dc1-11de-9de2-001966b1e7f7}\Shell\1\Command - "" = .\RECYCLER\Lcass.exe O33 - MountPoints2\{5f7f6a6d-4dc1-11de-9de2-001966b1e7f7}\Shell\2\Command - "" = .\RECYCLER\Lcass.exe O33 - MountPoints2\{5f7f6a6d-4dc1-11de-9de2-001966b1e7f7}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\RECYCLER\Lcass.exe O33 - MountPoints2\{75382a7a-0796-11e0-850c-001966b1e7f7}\Shell\1\Command - "" = .\RECYCLER\Lcass.exe O33 - MountPoints2\{75382a7a-0796-11e0-850c-001966b1e7f7}\Shell\2\Command - "" = .\RECYCLER\Lcass.exe O33 - MountPoints2\{75382a7a-0796-11e0-850c-001966b1e7f7}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\RECYCLER\Lcass.exe O33 - MountPoints2\{f1be567a-3eca-11de-b89c-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{f1be567a-3eca-11de-b89c-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Start.exe -- [2009.10.07 16:59:08 | 004,061,014 | R--- | M] (MatchWare A/S) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.02.27 15:20:16 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Benutzer\Desktop\OTL.exe [2011.02.27 14:19:34 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\Malwarebytes [2011.02.27 14:17:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.02.27 14:17:11 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.02.27 14:14:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.02.27 14:14:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.02.27 13:55:39 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\MFTools [2011.02.27 10:26:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011.02.27 10:26:36 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\SysWow64\drivers\ssmdrv.sys [2011.02.27 10:26:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2011.02.27 10:26:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2011.02.26 16:40:34 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\Babylon [2011.02.26 16:40:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon [2011.02.26 16:40:11 | 000,000,000 | ---D | C] -- C:\Programme\Babylon [2011.02.26 16:40:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\a-squared Free [2011.02.26 16:39:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BabylonToolbar [2011.02.26 16:39:20 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\Babylon [2011.02.26 16:39:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2011.02.26 16:33:50 | 067,563,112 | ---- | C] (Emsi Software GmbH ) -- C:\Users\Benutzer\Desktop\a2FreeSetup22.exe [2011.02.25 20:22:59 | 000,000,000 | ---D | C] -- C:\ProgramData\clp [2011.02.25 20:22:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters [2011.02.25 20:22:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fighters [2011.02.25 20:22:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Toolkit Suite [2011.02.25 20:22:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Common Toolkit Suite [2011.02.25 20:22:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Fighters [2011.02.25 20:12:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\{D81057B4-29EC-41EB-A123-4E4E49873404} [2011.02.25 20:05:06 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\Fighters [2011.02.25 20:03:02 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\PackageAware [2011.02.24 10:26:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell [2011.02.24 10:26:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell [2011.02.24 10:24:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrsmgr.dll [2011.02.24 10:24:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmplpxy.dll [2011.02.24 10:24:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrssrv.dll [2011.02.24 10:24:07 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pwrshplugin.dll [2011.02.24 10:23:58 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtfwd.dll [2011.02.24 10:23:58 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecutil.exe [2011.02.24 10:23:58 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecapi.dll [2011.02.24 10:23:58 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmRes.dll [2011.02.24 10:23:58 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrs.exe [2011.02.24 10:23:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrshost.exe [2011.02.24 10:23:58 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmprovhost.exe [2011.02.24 10:23:49 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAuto.dll [2011.02.24 10:23:48 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManMigrationPlugin.dll [2011.02.24 10:23:48 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManHTTPConfig.exe [2011.02.24 10:23:48 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrscmd.dll [2011.02.24 10:23:48 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll [2011.02.10 20:47:21 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011.02.10 20:47:21 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011.02.10 20:47:06 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2011.02.10 20:47:03 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2011.02.10 20:47:02 | 000,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011.02.10 20:47:02 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011.02.10 20:47:02 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011.02.10 20:47:02 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011.02.10 20:47:02 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2011.02.10 20:47:02 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll [2011.02.04 23:13:56 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\.minecraft [2011.02.04 17:07:29 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Documents\Square Enix [2011.02.01 19:18:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX - Eidos Interactive [2011.02.01 17:06:01 | 000,000,000 | R--D | C] -- C:\Users\Benutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011.01.31 16:25:53 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2011.01.31 16:19:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.02.27 15:36:33 | 000,000,444 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{7E0D54C3-7787-4E8C-9A44-382EEE25EE3A}.job [2011.02.27 15:33:29 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.02.27 15:33:29 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.02.27 15:33:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.02.27 15:33:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs [2011.02.27 15:20:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Benutzer\Desktop\OTL.exe [2011.02.27 14:17:24 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.02.27 11:33:30 | 000,004,289 | ---- | M] () -- C:\Users\Benutzer\.recently-used.xbel [2011.02.27 10:41:06 | 000,074,880 | ---- | M] () -- C:\Windows\SysNative\drivers\avgntflt.sys [2011.02.27 10:26:57 | 000,001,861 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.02.26 16:40:18 | 000,000,940 | ---- | M] () -- C:\Users\Public\Desktop\Babylon.lnk [2011.02.26 16:38:24 | 067,563,112 | ---- | M] (Emsi Software GmbH ) -- C:\Users\Benutzer\Desktop\a2FreeSetup22.exe [2011.02.25 23:38:08 | 000,181,248 | ---- | M] () -- C:\Users\Benutzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.02.25 20:22:25 | 000,001,761 | ---- | M] () -- C:\Users\Public\Desktop\SPYWAREfighter.lnk [2011.02.24 10:18:31 | 000,000,034 | ---- | M] () -- C:\Windows\SysWow64\BD7030.DAT [2011.02.15 22:51:09 | 000,002,440 | ---- | M] () -- C:\Users\Benutzer\Desktop\OpenDocument Text (neu).odt [2011.02.15 00:26:39 | 001,445,310 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.02.15 00:26:39 | 000,628,504 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.02.15 00:26:39 | 000,595,798 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.02.15 00:26:39 | 000,126,248 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.02.15 00:26:39 | 000,103,872 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.02.12 13:23:01 | 003,093,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.01.31 16:25:53 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2011.01.31 16:23:42 | 000,107,832 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.01.31 16:23:34 | 002,250,024 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe [2011.01.31 16:23:34 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.01.29 20:25:44 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.02.27 14:17:24 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.02.27 14:14:37 | 000,024,152 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys [2011.02.27 11:33:30 | 000,004,289 | ---- | C] () -- C:\Users\Benutzer\.recently-used.xbel [2011.02.27 10:26:57 | 000,001,861 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.02.27 10:26:37 | 000,074,880 | ---- | C] () -- C:\Windows\SysNative\drivers\avgntflt.sys [2011.02.26 16:39:21 | 000,000,940 | ---- | C] () -- C:\Users\Public\Desktop\Babylon.lnk [2011.02.25 20:22:25 | 000,001,761 | ---- | C] () -- C:\Users\Public\Desktop\SPYWAREfighter.lnk [2011.02.24 10:24:24 | 000,002,048 | ---- | C] () -- C:\Windows\SysNative\winrsmgr.dll [2011.02.24 10:24:21 | 000,013,312 | ---- | C] () -- C:\Windows\SysNative\wsmplpxy.dll [2011.02.24 10:24:21 | 000,013,312 | ---- | C] () -- C:\Windows\SysNative\winrssrv.dll [2011.02.24 10:24:07 | 000,053,760 | ---- | C] () -- C:\Windows\SysNative\pwrshplugin.dll [2011.02.24 10:24:05 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\winrs.exe [2011.02.24 10:24:05 | 000,024,064 | ---- | C] () -- C:\Windows\SysNative\winrshost.exe [2011.02.24 10:24:05 | 000,013,824 | ---- | C] () -- C:\Windows\SysNative\wsmprovhost.exe [2011.02.24 10:23:58 | 000,232,960 | ---- | C] () -- C:\Windows\SysNative\wecsvc.dll [2011.02.24 10:23:58 | 000,113,152 | ---- | C] () -- C:\Windows\SysNative\wevtfwd.dll [2011.02.24 10:23:58 | 000,113,152 | ---- | C] () -- C:\Windows\SysNative\wecutil.exe [2011.02.24 10:23:58 | 000,084,992 | ---- | C] () -- C:\Windows\SysNative\wecapi.dll [2011.02.24 10:23:58 | 000,054,272 | ---- | C] () -- C:\Windows\SysNative\WsmRes.dll [2011.02.24 10:23:52 | 000,201,184 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs [2011.02.24 10:23:52 | 000,201,184 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs [2011.02.24 10:23:52 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml [2011.02.24 10:23:52 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml [2011.02.24 10:23:52 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl [2011.02.24 10:23:52 | 000,002,426 | ---- | C] () -- C:\Windows\SysNative\WsmTxt.xsl [2011.02.24 10:23:49 | 000,180,736 | ---- | C] () -- C:\Windows\SysNative\WsmAuto.dll [2011.02.24 10:23:48 | 002,050,048 | ---- | C] () -- C:\Windows\SysNative\WsmSvc.dll [2011.02.24 10:23:48 | 000,370,688 | ---- | C] () -- C:\Windows\SysNative\winrscmd.dll [2011.02.24 10:23:48 | 000,352,768 | ---- | C] () -- C:\Windows\SysNative\WSManMigrationPlugin.dll [2011.02.24 10:23:48 | 000,348,672 | ---- | C] () -- C:\Windows\SysNative\WSManHTTPConfig.exe [2011.02.24 10:23:48 | 000,310,272 | ---- | C] () -- C:\Windows\SysNative\WsmWmiPl.dll [2011.02.15 22:51:09 | 000,002,440 | ---- | C] () -- C:\Users\Benutzer\Desktop\OpenDocument Text (neu).odt [2011.02.11 14:39:19 | 000,301,568 | ---- | C] () -- C:\Windows\SysNative\shsvcs.dll [2011.02.10 20:47:25 | 002,755,584 | ---- | C] () -- C:\Windows\SysNative\win32k.sys [2011.02.10 20:47:21 | 000,367,104 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll [2011.02.10 20:47:21 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll [2011.02.10 20:47:15 | 012,898,304 | ---- | C] () -- C:\Windows\SysNative\shell32.dll [2011.02.10 20:47:14 | 000,454,144 | ---- | C] () -- C:\Windows\SysNative\shlwapi.dll [2011.02.10 20:47:09 | 005,696,512 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll [2011.02.10 20:47:04 | 007,015,424 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll [2011.02.10 20:47:04 | 001,426,944 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll [2011.02.10 20:47:03 | 001,129,984 | ---- | C] () -- C:\Windows\SysNative\mstime.dll [2011.02.10 20:47:03 | 001,032,704 | ---- | C] () -- C:\Windows\SysNative\wininet.dll [2011.02.10 20:47:03 | 000,758,784 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll [2011.02.10 20:47:03 | 000,590,848 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll [2011.02.10 20:47:03 | 000,485,376 | ---- | C] () -- C:\Windows\SysNative\html.iec [2011.02.10 20:47:03 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll [2011.02.10 20:47:03 | 000,249,856 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll [2011.02.10 20:47:02 | 000,480,256 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll [2011.02.10 20:47:02 | 000,375,296 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll [2011.02.10 20:47:02 | 000,208,896 | ---- | C] () -- C:\Windows\SysNative\occache.dll [2011.02.10 20:47:02 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\ieencode.dll [2011.02.10 20:47:02 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll [2011.02.10 20:47:01 | 001,383,424 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb [2011.02.10 20:47:01 | 000,422,400 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll [2011.02.10 20:46:55 | 004,692,368 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe [2011.02.10 20:46:54 | 001,560,960 | ---- | C] () -- C:\Windows\SysNative\ntdll.dll [2011.01.31 16:23:34 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2010.11.28 12:38:47 | 000,000,040 | ---- | C] () -- C:\Windows\RSoftInfo.dat [2010.11.15 18:01:59 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010.10.05 09:22:26 | 000,000,016 | -H-- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2 [2010.09.25 16:32:09 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.09.25 16:32:07 | 002,427,248 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_heroes.exe [2010.09.25 16:32:07 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.09.22 21:22:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.08.10 18:51:11 | 000,000,016 | -H-- | C] () -- C:\Users\Benutzer\AppData\Local\mxfilerelatedcache.mxc2 [2010.08.10 18:51:10 | 000,000,016 | -H-- | C] () -- C:\Users\Benutzer\AppData\Roaming\mxfilerelatedcache.mxc2 [2010.08.08 10:15:50 | 000,000,000 | ---- | C] () -- C:\Windows\CleaningLab.INI [2010.08.08 10:12:16 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\cpuinf32.dll [2010.08.07 12:47:34 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll [2010.07.28 22:13:08 | 000,002,114 | ---- | C] () -- C:\Windows\tabled32.ini [2010.05.25 14:14:00 | 000,000,028 | ---- | C] () -- C:\Windows\mscpt.dat [2010.05.20 13:16:07 | 000,000,089 | ---- | C] () -- C:\Windows\ULead32.ini [2010.04.23 19:03:21 | 000,502,784 | ---- | C] () -- C:\Windows\x2.64.exe [2010.04.23 19:03:21 | 000,240,128 | ---- | C] () -- C:\Windows\SysWow64\x.264.exe [2010.04.23 19:03:21 | 000,217,073 | ---- | C] () -- C:\Windows\meta4.exe [2010.04.23 19:03:21 | 000,066,560 | ---- | C] () -- C:\Windows\MOTA113.exe [2010.04.23 19:03:21 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2010.03.11 15:28:04 | 000,009,857 | ---- | C] () -- C:\Windows\SysWow64\mswunzore.dll [2009.12.30 19:21:30 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2009.12.30 19:21:30 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD7030.DAT [2009.12.30 19:17:37 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI [2009.12.30 19:16:29 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll [2009.11.06 16:26:28 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2009.11.03 19:21:11 | 000,031,664 | ---- | C] () -- C:\Windows\maxlink.ini [2009.10.06 15:36:22 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2009.10.06 15:36:22 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin [2009.07.11 02:23:46 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\msnuncer-.dll [2009.06.07 12:47:24 | 000,000,472 | ---- | C] () -- C:\Windows\eReg.dat [2009.05.25 18:18:42 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini [2009.05.21 18:15:11 | 000,181,248 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.05.14 16:51:21 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\msnuczord.dll [2009.05.12 09:12:49 | 000,005,131 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2009.05.12 09:07:40 | 000,000,732 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\d3d9caps64.dat [2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2008.01.21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2008.01.21 03:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2007.01.26 01:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\SysWow64\mase32.dll [2007.01.26 01:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\ma32.dll [2006.11.02 16:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2006.11.02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2006.11.02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2006.11.02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.10.11 04:33:58 | 000,010,288 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI ========== LOP Check ========== [2011.02.04 23:13:56 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\.minecraft [2011.02.26 19:46:08 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Babylon [2009.11.24 18:56:06 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\DAEMON Tools Lite [2011.01.25 21:46:21 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\DVDVideoSoftIEHelpers [2011.02.25 20:07:12 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Fighters [2011.01.02 15:35:04 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\FontCreator [2011.01.22 23:44:47 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\GetRightToGo [2010.02.10 12:34:10 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\GHISLER [2010.08.13 16:32:31 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\gtk-2.0 [2010.10.08 17:44:52 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Guitar Pro 6 [2011.02.27 12:29:58 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\ICQ [2009.06.12 14:24:44 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Inkscape [2009.12.26 21:51:57 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Leadertech [2010.08.07 12:48:17 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\MAGIX [2010.05.27 19:47:56 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Notepad++ [2009.05.13 11:54:14 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\OpenOffice.org [2009.05.12 09:53:24 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\PersBackup [2009.11.01 12:37:01 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\SmartDraw [2010.04.16 17:06:08 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\TeamViewer [2010.04.12 19:01:38 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Teeworlds [2010.03.18 19:06:10 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\TheLastRipper [2010.03.02 19:36:40 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Thinstall [2010.08.23 18:13:09 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\TS3Client [2009.12.22 14:52:06 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\TuneUp Software [2010.09.07 16:48:39 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Ubisoft [2009.12.03 18:55:29 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\uTorrent [2011.01.03 19:30:50 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\VBA-M [2010.11.28 12:47:41 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Warsow 0.5 [2011.02.27 15:28:10 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011.02.27 15:51:04 | 000,000,444 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{7E0D54C3-7787-4E8C-9A44-382EEE25EE3A}.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 215 bytes -> C:\ProgramData\TEMP:8927A071 @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8 < End of report > MfG Hym Geändert von Hym (27.02.2011 um 16:10 Uhr) |
|
27.02.2011, 16:11
| #2 |
| /// Malware-holic   | Trojaner: TR/SPY.KeyLogger.ilw in C:\Windows\SysWOW64\msnuncer-.dll hiho,
__________________was ist mit otl.txt?
__________________ |
|
27.02.2011, 16:19
| #3 |
| | Trojaner: TR/SPY.KeyLogger.ilw in C:\Windows\SysWOW64\msnuncer-.dll ich hab nochmal editiert.
__________________das zweite Zitat müsste den Inhalt der otl.txt Datei beinhalten. |
|
27.02.2011, 16:25
| #4 |
| /// Malware-holic | Trojaner: TR/SPY.KeyLogger.ilw in C:\Windows\SysWOW64\msnuncer-.dll poste alle Malwarebytes logs. zu finden unter malwarebytes, logdateien
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
27.02.2011, 16:30
| #5 |
| | Trojaner: TR/SPY.KeyLogger.ilw in C:\Windows\SysWOW64\msnuncer-.dll meinst du das? |
|
27.02.2011, 16:33
| #6 |
| /// Malware-holic | Trojaner: TR/SPY.KeyLogger.ilw in C:\Windows\SysWOW64\msnuncer-.dll was meine ich? ich möchte die logs von malwarebytes, bzw deren inhalt als text.
__________________ --> Trojaner: TR/SPY.KeyLogger.ilw in C:\Windows\SysWOW64\msnuncer-.dll |
|
27.02.2011, 16:57
| #7 |
| | Trojaner: TR/SPY.KeyLogger.ilw in C:\Windows\SysWOW64\msnuncer-.dll Sobald ich in Malwarebytes in Logdateien, doppelt auf diese Logdatei klicke, wird sie so geöffnet, und da kann ihc den Text leider nicht kopieren:  Aber der Inhalt in meinem letzten Post entspricht der Malwarebytes Logdatei, der beim öffnen angezeigt wird. Nur kann ich dir nicht die Informationen als Text sondern nur als Grafik wegen dem oben genannten Grund geben. Vielleicht bin ich auch einfach nur zu dumm. |
|
27.02.2011, 17:04
| #8 |
| /// Malware-holic | Trojaner: TR/SPY.KeyLogger.ilw in C:\Windows\SysWOW64\msnuncer-.dll öffne Malwarebytes logdateien dann wähle das erste klicke öffnen. rechtsklick im nun aufgehenden editor, markieren dann kopieren dann hier auf antwort, rechtsklick einfügen,
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
27.02.2011, 17:11
| #9 |
| | Trojaner: TR/SPY.KeyLogger.ilw in C:\Windows\SysWOW64\msnuncer-.dll Ich bin bereits auf Logdateien gegangen, auch mit Doppelklick auf die erste. Es öffnet sich aber wie gesagt nicht der Editor sondern dieser Textimport von Open Office (siehe Bild im vorigen Beitrag) Und dort gibt es keine Kopierfunktion. |
|
27.02.2011, 18:11
| #10 |
| /// Malware-holic | Trojaner: TR/SPY.KeyLogger.ilw in C:\Windows\SysWOW64\msnuncer-.dll bitte erstelle und poste ein combofix log. Ein Leitfaden und Tutorium zur Nutzung von ComboFix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Trojaner: TR/SPY.KeyLogger.ilw in C:\Windows\SysWOW64\msnuncer-.dll |
| 0x00000001, alternate, antivir, askbar, audacity, avgntflt.sys, avira, avira antivir premium, babylon, babylontoolbar, browser, c:\windows\system32\rundll32.exe, call of duty, converter, counter-strike source, error, firefox, flash player, freese, google, google earth, helper, home, home premium, hängt, ieframe.dll, iexplore.exe, install.exe, location, logfile, lws.exe, mozilla, mp3, oldtimer, otl.exe, plug-in, programdata, programm, rarsfx0, registry, richtlinie, saver, sched.exe, search the web, searchplugins, security, server, service pack 1, shell32.dll, shortcut, siehe titel, skype.exe, software, sptd.sys, start menu, suite/avengine/avscanningservice.exe, suite/avengine/avwatchservice.exe, svchost.exe, syswow64, teamspeak, trojaner, videospin, vista, windows |
Linear-Darstellung
