| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: virus-seite? google suche wird zu einem werbe paradies...Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.04.2011, 11:21
| #16 |
 |  virus-seite? google suche wird zu einem werbe paradies... Der Edit kam leider zu spät ^^ das Problem war ich hatte einfach vergessen das eine Log anzuzeigen von Super. Deshalb hab ich nur die eine Log von Eset Online-> Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6427
# api_version=3.0.2
# EOSSerial=edf151d36c3b024ab42b9364e40d3ba8
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-04-26 11:11:09
# local_time=2011-04-26 01:11:09 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=768 16777215 100 0 38660829 38660829 0 0
# compatibility_mode=5893 16776574 100 94 902393 56177648 0 0
# compatibility_mode=8192 67108863 100 0 109 109 0 0
# scanned=249254
# found=6
# cleaned=6
# scan_time=40693
C:\Program Files (x86)\Cheat Engine\Cheat Engine.exe Variante von Win32/HackTool.CheatEngine.AA Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert) 00000000000000000000000000000000 C
C:\Program Files (x86)\Cheat Engine\dbk32.dll Variante von Win32/HackTool.CheatEngine.AA Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert) 00000000000000000000000000000000 C
C:\Program Files (x86)\Cheat Engine\Systemcallretriever.exe Variante von Win32/HackTool.SystemCall.AA Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert) 00000000000000000000000000000000 C
C:\Program Files (x86)\Cheat Engine\systemcallsignal.exe Variante von Win32/HackTool.SystemCall.AA Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert) 00000000000000000000000000000000 C
C:\Program Files (x86)\GamersFirst\War Rock\system\WarRock.exe möglicherweise Variante von Win32/Packed.Themida Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert) 00000000000000000000000000000000 C
C:\Program Files (x86)\Ubisoft\Far Cry 2 Trainer (Hack oder Cheat^^)\Far Cry 2 v1.3 + 14 Trainer.exe Variante von Win32/HackTool.CheatEngine.AB Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert) 00000000000000000000000000000000 C
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6427
# api_version=3.0.2
# EOSSerial=edf151d36c3b024ab42b9364e40d3ba8
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-04-26 12:46:00
# local_time=2011-04-26 02:46:00 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=768 16777215 100 0 38707212 38707212 0 0
# compatibility_mode=5893 16776574 100 94 945176 56224031 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=108
# found=0
# cleaned=0
# scan_time=11
|
|
02.05.2011, 07:44
| #17 |
| /// Helfer-Team    | virus-seite? google suche wird zu einem werbe paradies... 1.
__________________erneut einen Scan mit OTL:
2. was ist jetzt mit CCleaner? geht oder nicht?
__________________ |
|
05.05.2011, 21:59
| #18 |
| | virus-seite? google suche wird zu einem werbe paradies... Eine Gute und eine schlechte Nachricht... erstmal die Logs und die Gute, sprich meine CCleaner Lösung
__________________ 1. OTL Scan Code:
ATTFilter OTL logfile created on: 05.05.2011 22:39:50 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\FIETE\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 53,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 232,88 Gb Total Space | 82,63 Gb Free Space | 35,48% Space Free | Partition Type: NTFS Drive D: | 232,49 Gb Total Space | 171,30 Gb Free Space | 73,68% Space Free | Partition Type: NTFS Computer Name: FIETE-TOSH | User Name: FIETE | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Users\FIETE\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software) PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.) PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe (TOSHIBA CORPORATION) PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION) ========== Modules (SafeList) ========== MOD - C:\Users\FIETE\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Programme\Alwil Software\Avast5\snxhk.dll (AVAST Software) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com) SRV:64bit: - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe (TOSHIBA Corporation) SRV:64bit: - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation) SRV:64bit: - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation) SRV:64bit: - (TOSHIBA HDD SSD Alert Service) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation) SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (Browser Defender Update Service) -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.) SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () SRV - (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (TMachInfo) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation) SRV - (cfWiMAXService) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION) SRV - (ConfigFree Gadget Service) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe (TOSHIBA CORPORATION) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (ConfigFree Service) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) ========== Driver Services (SafeList) ========== DRV:64bit: - (acedrv10) -- C:\Windows\SysNative\drivers\acedrv10.sys (Protect Software GmbH) DRV:64bit: - (acehlp10) -- C:\Windows\SysNative\drivers\acehlp10.sys (Protect Software GmbH) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (MYFAULT) -- C:\Windows\SysNative\drivers\myfault.sys (Sysinternals) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation) DRV:64bit: - (RTL8187B) -- C:\Windows\SysNative\drivers\RTL8187B.sys (Realtek Semiconductor Corporation ) DRV:64bit: - (NCHVSC64) SoundTap Recorder (64 Bit) -- C:\Windows\SysNative\drivers\nchvsc64.sys (NCH Swift Sound) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (RTL2832UUSB) -- C:\Windows\SysNative\drivers\RTL2832UUSB.sys (REALTEK SEMICONDUCTOR Corp.) DRV:64bit: - (RTL2832UBDA) -- C:\Windows\SysNative\drivers\RTL2832UBDA.sys (REALTEK SEMICONDUCTOR Corp.) DRV:64bit: - (hwusbdev) -- C:\Windows\SysNative\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (BthAvrcp) -- C:\Windows\SysNative\drivers\BthAvrcp.sys (CSR, plc) DRV:64bit: - (LPCFilter) -- C:\Windows\SysNative\drivers\LPCFilter.sys (COMPAL ELECTRONIC INC.) DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\drivers\tdcmdpst.sys (TOSHIBA Corporation.) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (tos_sps64) -- C:\Windows\SysNative\drivers\tos_sps64.sys (TOSHIBA Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation) DRV:64bit: - (IntcHdmiAddService) Intel(R) -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel(R) Corporation) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (TVALZFL) -- C:\Windows\SysNative\drivers\TVALZFL.sys (TOSHIBA Corporation) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a) -- C:\Windows\SysNative\drivers\sfdrv01a.sys (Protection Technology (StarForce)) DRV:64bit: - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\SysNative\drivers\sfdrv01.sys (Protection Technology (StarForce)) DRV:64bit: - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\Windows\SysNative\drivers\sfvfs02.sys (Protection Technology (StarForce)) DRV:64bit: - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\Windows\SysNative\drivers\sfsync02.sys (Protection Technology) DRV:64bit: - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\SysNative\drivers\sfhlp02.sys (Protection Technology (StarForce)) DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (ISODrive) -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys (EZB Systems, Inc.) DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2F 9A 26 0D DC 4A CB 01 [binary data] IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaultthis.engineName: "BrotherSoft Extreme Customized Web Search" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "foxsearch" FF - prefs.js..browser.search.order.2: "foxsearch" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323 FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF - prefs.js..network.proxy.backup.ftp: "192.168.137.1" FF - prefs.js..network.proxy.backup.ftp_port: 0 FF - prefs.js..network.proxy.backup.gopher: "192.168.137.1" FF - prefs.js..network.proxy.backup.gopher_port: 0 FF - prefs.js..network.proxy.backup.socks: "192.168.137.1" FF - prefs.js..network.proxy.backup.socks_port: 0 FF - prefs.js..network.proxy.backup.ssl: "192.168.137.1" FF - prefs.js..network.proxy.backup.ssl_port: 0 FF - prefs.js..network.proxy.ftp: "192.168.137.1" FF - prefs.js..network.proxy.gopher: "192.168.137.1" FF - prefs.js..network.proxy.http: "192.168.137.1" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "192.168.137.1" FF - prefs.js..network.proxy.ssl: "192.168.137.1" FF - prefs.js..network.proxy.type: 1 FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "foxsearch" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=3&q={searchTerms}" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "foxsearch" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF - user.js..browser.search.order.1: "foxsearch" FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011.02.27 21:36:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools Security\BDT\Firefox\ [2011.04.18 22:04:27 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.05.04 16:28:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.04 16:28:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.05.04 16:28:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.04 16:28:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.05.04 16:28:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.04 16:28:03 | 000,000,000 | ---D | M] [2009.12.30 12:38:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FIETE\AppData\Roaming\mozilla\Extensions [2011.05.05 22:07:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FIETE\AppData\Roaming\mozilla\Firefox\Profiles\lqm8lza1.default\extensions [2011.03.03 18:02:47 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\FIETE\AppData\Roaming\mozilla\Firefox\Profiles\lqm8lza1.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2011.03.11 18:26:41 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\FIETE\AppData\Roaming\mozilla\Firefox\Profiles\lqm8lza1.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.04.16 22:48:02 | 000,000,000 | ---D | M] (WOT) -- C:\Users\FIETE\AppData\Roaming\mozilla\Firefox\Profiles\lqm8lza1.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011.04.01 22:34:41 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\FIETE\AppData\Roaming\mozilla\Firefox\Profiles\lqm8lza1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011.04.07 22:03:03 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\FIETE\AppData\Roaming\mozilla\Firefox\Profiles\lqm8lza1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.11.17 17:51:03 | 000,000,000 | ---D | M] (COMPUTERBILD-Abzockschutz) -- C:\Users\FIETE\AppData\Roaming\mozilla\Firefox\Profiles\lqm8lza1.default\extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398} [2011.01.27 11:36:12 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\FIETE\AppData\Roaming\mozilla\Firefox\Profiles\lqm8lza1.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011.02.22 21:02:35 | 000,000,000 | ---D | M] (Fasterfox (EladKarako Mod)) -- C:\Users\FIETE\AppData\Roaming\mozilla\Firefox\Profiles\lqm8lza1.default\extensions\{eeeeeeee-aaaa-0000-aaaa-000000000000} [2011.05.05 22:07:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FIETE\AppData\Roaming\mozilla\Firefox\Profiles\lqm8lza1.default\extensions\staged-xpis [2011.01.29 17:57:57 | 000,001,141 | ---- | M] () -- C:\Users\FIETE\AppData\Roaming\Mozilla\Firefox\Profiles\lqm8lza1.default\searchplugins\conduit.xml [2011.03.11 19:22:21 | 000,000,828 | ---- | M] () -- C:\Users\FIETE\AppData\Roaming\Mozilla\Firefox\Profiles\lqm8lza1.default\searchplugins\icqplugin-1.xml [2011.03.11 19:22:21 | 000,000,602 | ---- | M] () -- C:\Users\FIETE\AppData\Roaming\Mozilla\Firefox\Profiles\lqm8lza1.default\searchplugins\icqplugin-2.xml [2011.03.11 19:22:21 | 000,000,828 | ---- | M] () -- C:\Users\FIETE\AppData\Roaming\Mozilla\Firefox\Profiles\lqm8lza1.default\searchplugins\icqplugin-3.xml [2011.03.11 19:22:21 | 000,000,901 | ---- | M] () -- C:\Users\FIETE\AppData\Roaming\Mozilla\Firefox\Profiles\lqm8lza1.default\searchplugins\icqplugin.xml [2011.02.28 18:53:18 | 000,003,915 | ---- | M] () -- C:\Users\FIETE\AppData\Roaming\Mozilla\Firefox\Profiles\lqm8lza1.default\searchplugins\sweetim.xml [2011.05.05 22:01:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010.01.03 16:55:18 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.05.31 18:17:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.23 14:34:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.11.04 18:08:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010.12.24 00:17:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.03.07 17:24:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.02.27 21:36:11 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF [2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010.03.19 09:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll [2011.03.04 08:05:59 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2011.03.04 08:05:59 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml [2011.01.29 17:57:57 | 000,001,605 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrchddr.xml [2010.08.07 16:00:04 | 000,000,143 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\foxsearch.src [2011.03.04 08:05:59 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml [2011.03.04 08:05:59 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml [2011.03.04 08:05:59 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.04.20 03:29:24 | 000,001,025 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 71i.de O1 - Hosts: 127.0.0.1 adicqserver.71i.de O1 - Hosts: 127.0.0.1 adserver.71i.de O1 - Hosts: 127.0.0.1 im.adtech.de O1 - Hosts: 127.0.0.1 adserver.adtech.de O1 - Hosts: 127.0.0.1 adtech.de O1 - Hosts: 127.0.0.1 atwola.com O1 - Hosts: 127.0.0.1 ar.atwola.com O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\Alwil Software\Avast5\aswWebRepIE64.dll () O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found. O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.) O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll () O3:64bit: - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\Alwil Software\Avast5\aswWebRepIE64.dll () O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll () O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [TosSENotify] C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Programme\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.) O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8:64bit: - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - Reg Error: Key error. File not found O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - File not found O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - File not found O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Users\FIETE\AppData\Roaming\UUSoQLdiE9hE.exe) - File not found O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{26ffb629-2014-11e0-94c3-002622f1344e}\Shell - "" = AutoRun O33 - MountPoints2\{26ffb629-2014-11e0-94c3-002622f1344e}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{33a6d159-b4f2-11df-a4cf-001bdc002e32}\Shell - "" = AutoRun O33 - MountPoints2\{33a6d159-b4f2-11df-a4cf-001bdc002e32}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{a68a4bcf-d96f-11de-ac4f-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{a68a4bcf-d96f-11de-ac4f-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe O33 - MountPoints2\{fdaea6c6-fbeb-11df-9112-001bdc002e32}\Shell - "" = AutoRun O33 - MountPoints2\{fdaea6c6-fbeb-11df-9112-001bdc002e32}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{fdaea6d7-fbeb-11df-9112-001bdc002e32}\Shell - "" = AutoRun O33 - MountPoints2\{fdaea6d7-fbeb-11df-9112-001bdc002e32}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{fdaea6f9-fbeb-11df-9112-001bdc002e32}\Shell - "" = AutoRun O33 - MountPoints2\{fdaea6f9-fbeb-11df-9112-001bdc002e32}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\CDStart.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.05.05 14:34:29 | 000,000,000 | ---D | C] -- C:\Users\FIETE\AppData\Local\{D075C440-3D3A-4CF2-A37C-0573664CAA43} [2011.04.29 22:32:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 5.6.1 [2011.04.28 18:43:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2011.04.28 18:43:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2011.04.28 02:43:54 | 000,000,000 | ---D | C] -- C:\Users\FIETE\AppData\Local\{2A23AD42-D4FE-49F6-BD1E-976F7F6DE765} [2011.04.28 01:12:56 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2011.04.28 01:12:56 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2011.04.28 01:12:55 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011.04.28 01:12:55 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011.04.28 01:12:42 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll [2011.04.28 01:12:42 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll [2011.04.28 01:12:42 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2011.04.28 01:12:42 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys [2011.04.28 01:12:42 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys [2011.04.28 01:12:41 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe [2011.04.28 01:12:41 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe [2011.04.28 01:12:35 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe [2011.04.28 01:12:35 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe [2011.04.26 01:51:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2011.04.26 01:48:53 | 000,000,000 | ---D | C] -- C:\Users\FIETE\AppData\Roaming\SUPERAntiSpyware.com [2011.04.26 01:48:53 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2011.04.26 01:48:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2011.04.26 01:48:49 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE [2011.04.26 01:48:47 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware [2011.04.25 23:31:19 | 000,000,000 | ---D | C] -- C:\Users\FIETE\AppData\Local\{D8811B7C-7D6D-4E45-B37C-5F111CD9C4AF} [2011.04.23 00:23:41 | 000,000,000 | ---D | C] -- C:\Users\FIETE\AppData\Local\{FF516F23-8135-43EE-9738-9E60E2DF4BE3} [2011.04.22 23:02:23 | 000,000,000 | ---D | C] -- C:\Users\FIETE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ControlMK [2011.04.22 23:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ControlMK [2011.04.22 23:02:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ControlMK [2011.04.22 15:04:04 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\FIETE\Desktop\OTL.exe [2011.04.20 23:19:35 | 000,000,000 | ---D | C] -- C:\Users\FIETE\Desktop\Kram [2011.04.20 03:14:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5 [2011.04.20 03:14:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.5 [2011.04.19 17:11:52 | 000,000,000 | ---D | C] -- C:\Users\FIETE\AppData\Local\Threat Expert [2011.04.18 22:04:25 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll [2011.04.18 22:04:24 | 001,996,752 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll [2011.04.18 22:04:24 | 001,533,904 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll [2011.04.18 21:48:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security [2011.04.18 21:48:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools [2011.04.18 01:31:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.04.17 13:33:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos [2011.04.16 21:34:09 | 000,000,000 | ---D | C] -- C:\Users\FIETE\AppData\Local\{CEBA4F82-10C3-4A4C-9C54-628B040B8928} [2011.04.16 15:58:00 | 000,000,000 | ---D | C] -- C:\Users\FIETE\AppData\Local\TechSmith [2011.04.16 15:57:19 | 000,000,000 | ---D | C] -- C:\Users\FIETE\Documents\Camtasia Studio [2011.04.16 15:56:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime [2011.04.16 15:56:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7 [2011.04.16 15:56:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared [2011.04.16 15:56:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith [2011.04.16 15:56:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith [2011.04.15 18:17:26 | 000,000,000 | ---D | C] -- C:\Users\FIETE\AppData\Local\{E8859431-9F1C-487C-9EEE-C18973BD4D5A} [2011.04.15 16:57:22 | 000,000,000 | ---D | C] -- C:\Users\FIETE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life 2 [2011.04.15 16:47:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Half-Life 2 [2011.04.15 15:52:50 | 000,000,000 | ---D | C] -- C:\Half-Life 2 [2011.04.14 22:12:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gmod9 [2011.04.14 18:24:40 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011.04.14 18:24:40 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011.04.14 18:24:35 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011.04.14 18:24:34 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011.04.14 18:24:34 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011.04.14 18:24:29 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2011.04.14 18:24:29 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2011.04.14 18:24:28 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2011.04.14 18:24:28 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2011.04.14 18:24:25 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2011.04.14 18:24:25 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011.04.14 18:24:25 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2011.04.14 18:24:25 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011.04.14 18:24:13 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011.04.14 18:24:13 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011.04.14 18:24:12 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011.04.14 18:24:12 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011.04.14 18:24:12 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011.04.14 18:24:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011.04.14 18:24:12 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011.04.14 18:24:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011.04.14 18:24:11 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011.04.14 18:24:11 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011.04.14 18:24:11 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011.04.14 18:24:11 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011.04.14 18:24:11 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011.04.14 18:24:11 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011.04.14 18:23:18 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2011.04.14 18:23:17 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2011.04.14 18:23:17 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2011.04.14 18:23:12 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2011.04.14 18:23:12 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2011.04.14 18:23:11 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2011.04.14 18:23:11 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2011.04.14 18:23:11 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2011.04.14 18:23:11 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2011.04.14 18:23:11 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2011.04.14 18:23:08 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2011.04.12 18:57:18 | 000,000,000 | ---D | C] -- C:\Users\FIETE\AppData\Roaming\ProtectDisc [2011.04.12 18:53:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProtectDisc Driver Installer [2011.04.12 18:53:10 | 000,277,904 | ---- | C] (Protect Software GmbH) -- C:\Windows\SysNative\drivers\acedrv10.sys [2011.04.12 18:53:10 | 000,228,000 | ---- | C] (Protect Software GmbH) -- C:\Windows\SysNative\drivers\acehlp10.sys [2011.04.12 18:52:29 | 000,000,000 | ---D | C] -- C:\Users\FIETE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Buchner [2011.04.12 18:52:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Buchner [2011.04.12 18:46:48 | 000,000,000 | RH-D | C] -- C:\Users\FIETE\AppData\Roaming\SecuROM [2011.04.12 18:46:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\phase-6 [2011.04.12 18:46:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Phase6 [2011.04.12 18:46:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\phase-6 [2011.04.12 18:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\auxilium Demoversion [2011.04.12 18:42:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\auxilium 3.1 light [2011.04.12 18:42:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\auxilium 3.1 light [2011.04.09 19:06:54 | 000,000,000 | ---D | C] -- C:\Users\FIETE\AppData\Local\{1D736F05-F961-47B9-9F78-EED358AF101B} [2011.04.09 01:21:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011.04.08 14:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperTux [2011.04.08 14:58:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SuperTux [2011.04.07 20:50:54 | 000,000,000 | ---D | C] -- C:\Users\FIETE\AppData\Local\{CBB90EA1-2675-4680-8661-A824F28A9D01} [2011.04.07 19:40:47 | 000,000,000 | ---D | C] -- C:\ProgramData\x60xg1XV8 [2011.04.07 19:39:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickLatin 1.3.2c [2011.04.07 19:39:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickLatin [2011.04.07 19:39:30 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\Setup1.exe [2011.04.07 19:39:29 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\FIETE\*.tmp files -> C:\Users\FIETE\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.05.05 22:36:22 | 000,006,664 | ---- | M] () -- C:\Users\Public\Documents\cc_20110505_223619.reg [2011.05.05 22:35:58 | 000,056,712 | ---- | M] () -- C:\Users\Public\Documents\cc_20110505_223554.reg [2011.05.05 22:35:32 | 000,586,244 | ---- | M] () -- C:\Users\Public\Documents\cc_20110505_223457.reg [2011.05.05 22:14:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.05.05 22:10:05 | 000,537,121 | ---- | M] () -- C:\Users\FIETE\Desktop\T-Shirt-Launcher.pdf [2011.05.05 22:05:44 | 000,030,208 | ---- | M] () -- C:\Users\FIETE\Desktop\download.php [2011.05.05 16:13:59 | 005,138,560 | ---- | M] () -- C:\Users\FIETE\Desktop\bengtrock_-_Partytiger.mp3 [2011.05.05 14:40:51 | 000,020,320 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.05.05 14:40:51 | 000,020,320 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.05.05 14:33:32 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.05.05 14:33:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.05.05 14:32:11 | 3092,938,752 | -HS- | M] () -- C:\hiberfil.sys [2011.05.04 22:28:09 | 000,436,736 | ---- | M] () -- C:\Users\FIETE\Desktop\Spammer.exe [2011.05.04 19:26:28 | 000,012,447 | ---- | M] () -- C:\Users\FIETE\Desktop\Physikentschuldigung.odt [2011.05.02 17:44:43 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\00000736.LCS [2011.05.01 04:08:55 | 060,983,802 | ---- | M] () -- C:\Users\FIETE\Desktop\Techno Songs!.rar [2011.05.01 03:55:25 | 004,343,003 | ---- | M] () -- C:\Users\FIETE\Desktop\Scarf_ - Hithouse 1 (Tune up_ Remix).mp3 [2011.05.01 03:12:02 | 005,672,531 | ---- | M] () -- C:\Users\FIETE\Desktop\Disco Pogo [TechnoBase.FM].mp3 [2011.05.01 03:09:31 | 003,813,865 | ---- | M] () -- C:\Users\FIETE\Desktop\Die Gute-Laune Pizza [Technobase.FM].mp3 [2011.05.01 03:08:16 | 004,318,342 | ---- | M] () -- C:\Users\FIETE\Desktop\Pitbull - I know you want me [Technobase.FM].mp3 [2011.05.01 03:05:49 | 002,866,352 | ---- | M] () -- C:\Users\FIETE\Desktop\Tetris Remix [Technobase.FM].mp3 [2011.05.01 03:05:10 | 002,839,184 | ---- | M] () -- C:\Users\FIETE\Desktop\Italobrothers - Stamp on the ground [Technobase.FM].mp3 [2011.05.01 02:49:07 | 000,027,787 | ---- | M] () -- C:\Users\FIETE\Desktop\iconviewforum.png [2011.05.01 01:11:00 | 000,001,868 | ---- | M] () -- C:\Users\FIETE\Desktop\ControlMK.lnk [2011.04.30 21:15:08 | 007,794,091 | ---- | M] () -- C:\Users\FIETE\Desktop\Technobase.FM - Alors on Danse.mp3 [2011.04.30 21:06:57 | 007,470,173 | ---- | M] () -- C:\Users\FIETE\Desktop\...WWW.Technobase.FM...Yolana Be Cool feat David Guetta We N.mp3 [2011.04.30 21:00:31 | 004,252,304 | ---- | M] () -- C:\Users\FIETE\Desktop\Das Lagerfeuerlied [ Technobase.FM ].mp3 [2011.04.30 20:58:33 | 004,862,108 | ---- | M] () -- C:\Users\FIETE\Desktop\Technobase.FM - We No Speak Americano.mp3 [2011.04.30 20:53:30 | 005,841,804 | ---- | M] () -- C:\Users\FIETE\Desktop\_Milk Sugar vs_ Vaya Con Dios 2011 remix( hey Nah Neh Nah)re.mp3 [2011.04.29 13:45:33 | 008,176,661 | ---- | M] () -- C:\Users\FIETE\Desktop\Dirty _ Electro House Mix 2011 SoundKicked.mp3 [2011.04.28 17:02:03 | 001,611,396 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.04.28 17:02:03 | 000,696,604 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.04.28 17:02:03 | 000,651,882 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.04.28 17:02:03 | 000,147,868 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.04.28 17:02:03 | 000,120,814 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.04.22 15:04:12 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\FIETE\Desktop\OTL.exe [2011.04.20 03:27:52 | 000,000,237 | ---- | M] () -- C:\Windows\SysNative\ibr.ini [2011.04.20 03:14:52 | 000,001,791 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.5.lnk [2011.04.18 22:46:30 | 000,000,065 | ---- | M] () -- C:\Users\FIETE\Desktop\listen.pls [2011.04.18 21:49:15 | 001,358,944 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB [2011.04.18 01:07:17 | 000,089,088 | ---- | M] () -- C:\Windows\SysNative\mbr.exe [2011.04.18 00:14:12 | 000,367,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.04.17 10:18:57 | 000,001,033 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011.04.16 15:56:54 | 000,001,135 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk [2011.04.12 18:53:10 | 000,277,904 | ---- | M] (Protect Software GmbH) -- C:\Windows\SysNative\drivers\acedrv10.sys [2011.04.12 18:53:10 | 000,228,000 | ---- | M] (Protect Software GmbH) -- C:\Windows\SysNative\drivers\acehlp10.sys [2011.04.08 22:25:52 | 005,972,626 | ---- | M] () -- C:\Users\FIETE\Desktop\Kalmah - Moon Of My Nights.mp3 [2011.04.07 19:39:30 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Setup1.exe [2011.04.07 19:39:29 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\FIETE\*.tmp files -> C:\Users\FIETE\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.05.05 22:36:20 | 000,006,664 | ---- | C] () -- C:\Users\Public\Documents\cc_20110505_223619.reg [2011.05.05 22:35:55 | 000,056,712 | ---- | C] () -- C:\Users\Public\Documents\cc_20110505_223554.reg [2011.05.05 22:35:01 | 000,586,244 | ---- | C] () -- C:\Users\Public\Documents\cc_20110505_223457.reg [2011.05.05 22:09:19 | 000,537,121 | ---- | C] () -- C:\Users\FIETE\Desktop\T-Shirt-Launcher.pdf [2011.05.05 22:05:39 | 000,030,208 | ---- | C] () -- C:\Users\FIETE\Desktop\download.php [2011.05.05 16:12:28 | 005,138,560 | ---- | C] () -- C:\Users\FIETE\Desktop\bengtrock_-_Partytiger.mp3 [2011.05.04 21:22:05 | 000,436,736 | ---- | C] () -- C:\Users\FIETE\Desktop\Spammer.exe [2011.05.04 19:26:27 | 000,012,447 | ---- | C] () -- C:\Users\FIETE\Desktop\Physikentschuldigung.odt [2011.05.01 04:08:22 | 060,983,802 | ---- | C] () -- C:\Users\FIETE\Desktop\Techno Songs!.rar [2011.05.01 03:54:08 | 004,343,003 | ---- | C] () -- C:\Users\FIETE\Desktop\Scarf_ - Hithouse 1 (Tune up_ Remix).mp3 [2011.05.01 03:08:07 | 005,672,531 | ---- | C] () -- C:\Users\FIETE\Desktop\Disco Pogo [TechnoBase.FM].mp3 [2011.05.01 03:06:49 | 003,813,865 | ---- | C] () -- C:\Users\FIETE\Desktop\Die Gute-Laune Pizza [Technobase.FM].mp3 [2011.05.01 03:05:11 | 004,318,342 | ---- | C] () -- C:\Users\FIETE\Desktop\Pitbull - I know you want me [Technobase.FM].mp3 [2011.05.01 03:03:54 | 002,866,352 | ---- | C] () -- C:\Users\FIETE\Desktop\Tetris Remix [Technobase.FM].mp3 [2011.05.01 03:03:17 | 002,839,184 | ---- | C] () -- C:\Users\FIETE\Desktop\Italobrothers - Stamp on the ground [Technobase.FM].mp3 [2011.05.01 02:49:05 | 000,027,787 | ---- | C] () -- C:\Users\FIETE\Desktop\iconviewforum.png [2011.04.30 21:09:04 | 007,794,091 | ---- | C] () -- C:\Users\FIETE\Desktop\Technobase.FM - Alors on Danse.mp3 [2011.04.30 21:01:10 | 007,470,173 | ---- | C] () -- C:\Users\FIETE\Desktop\...WWW.Technobase.FM...Yolana Be Cool feat David Guetta We N.mp3 [2011.04.30 20:57:25 | 004,252,304 | ---- | C] () -- C:\Users\FIETE\Desktop\Das Lagerfeuerlied [ Technobase.FM ].mp3 [2011.04.30 20:54:53 | 004,862,108 | ---- | C] () -- C:\Users\FIETE\Desktop\Technobase.FM - We No Speak Americano.mp3 [2011.04.30 20:48:55 | 005,841,804 | ---- | C] () -- C:\Users\FIETE\Desktop\_Milk Sugar vs_ Vaya Con Dios 2011 remix( hey Nah Neh Nah)re.mp3 [2011.04.29 13:44:05 | 008,176,661 | ---- | C] () -- C:\Users\FIETE\Desktop\Dirty _ Electro House Mix 2011 SoundKicked.mp3 [2011.04.28 18:43:19 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011.04.22 23:03:14 | 000,001,868 | ---- | C] () -- C:\Users\FIETE\Desktop\ControlMK.lnk [2011.04.20 03:26:47 | 000,000,237 | ---- | C] () -- C:\Windows\SysNative\ibr.ini [2011.04.20 03:14:52 | 000,001,791 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.5.lnk [2011.04.18 22:46:28 | 000,000,065 | ---- | C] () -- C:\Users\FIETE\Desktop\listen.pls [2011.04.18 22:04:25 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll [2011.04.18 22:04:25 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml [2011.04.18 22:04:25 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml [2011.04.18 22:04:25 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip [2011.04.18 22:04:24 | 000,002,052 | ---- | C] () -- C:\Windows\UDB.zip [2011.04.18 21:48:42 | 001,358,944 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB [2011.04.18 01:07:17 | 000,089,088 | ---- | C] () -- C:\Windows\SysNative\mbr.exe [2011.04.16 15:56:54 | 000,001,135 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk [2011.04.12 18:56:59 | 000,004,096 | ---- | C] () -- C:\Users\Public\Documents\00000736.LCS [2011.04.09 01:21:29 | 000,001,033 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011.04.08 22:25:50 | 005,972,626 | ---- | C] () -- C:\Users\FIETE\Desktop\Kalmah - Moon Of My Nights.mp3 [2011.04.03 21:28:21 | 000,069,632 | ---- | C] () -- C:\Users\FIETE\AppData\Roaming\chrtmp [2011.03.26 02:03:47 | 000,032,594 | ---- | C] () -- C:\Users\FIETE\AppData\Local\Tempsplash.jpg [2011.03.26 01:52:10 | 000,081,964 | ---- | C] () -- C:\Users\FIETE\AppData\Local\TempStartup.wav [2011.03.26 01:43:54 | 000,062,233 | ---- | C] () -- C:\Users\FIETE\AppData\Local\Tempsplash.png [2011.03.25 21:40:40 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat [2011.03.03 20:25:00 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2011.02.22 21:13:05 | 000,000,059 | ---- | C] () -- C:\Windows\PTrainer2.ini [2011.02.09 19:07:42 | 000,135,386 | ---- | C] () -- C:\Users\FIETE\AppData\Local\TempCyberLinK BG1.jpg [2011.02.02 22:04:06 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2010.12.31 23:52:13 | 000,007,621 | ---- | C] () -- C:\Users\FIETE\AppData\Roaming\UserTile.png [2010.12.24 00:07:59 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE [2010.12.12 23:02:47 | 000,001,126 | ---- | C] () -- C:\ProgramData\DAP Games Center.lnk [2010.12.12 23:02:47 | 000,000,868 | ---- | C] () -- C:\ProgramData\Download Accelerator Plus.lnk [2010.12.12 17:52:29 | 000,000,307 | ---- | C] () -- C:\Windows\thug2.ini [2010.11.29 15:11:39 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI [2010.11.26 17:45:19 | 000,000,112 | ---- | C] () -- C:\Windows\galaxy.ini [2010.11.12 20:16:28 | 000,000,135 | ---- | C] () -- C:\Users\FIETE\AppData\Roaming\RSBot_Accounts.ini [2010.10.14 02:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010.08.20 16:34:32 | 001,589,182 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.08.20 15:51:01 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010.08.12 22:30:10 | 000,294,974 | R--- | C] () -- C:\Windows\SysWow64\RTL283XACCESS.dll [2010.08.05 13:28:03 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2010.05.27 18:22:16 | 000,000,000 | ---- | C] () -- C:\Windows\whopper.ini [2010.05.14 11:45:47 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll [2010.05.14 11:45:47 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll [2010.02.21 00:57:42 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll [2010.01.21 22:16:30 | 000,009,728 | ---- | C] () -- C:\Users\FIETE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.01.18 15:43:47 | 000,004,940 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe [2009.12.31 17:01:03 | 000,007,603 | ---- | C] () -- C:\Users\FIETE\AppData\Local\Resmon.ResmonCfg [2009.12.29 19:13:19 | 000,000,232 | ---- | C] () -- C:\Windows\SIERRA.INI [2009.10.30 11:06:24 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2009.10.30 11:06:24 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2009.08.27 09:05:12 | 000,982,220 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin [2009.08.27 09:05:12 | 000,439,300 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2009.08.27 09:05:12 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin [2009.08.27 09:05:12 | 000,092,216 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2009.04.28 04:37:00 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\SPCtl.dll [2007.04.27 09:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2000.02.10 00:00:00 | 000,047,104 | ---- | C] () -- C:\Windows\SysWow64\wrkgadm.exe [2000.02.10 00:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\HLINKPRX.DLL ========== Alternate Data Streams ========== @Alternate Data Stream - 212 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:430C6D84 < End of report > Code:
ATTFilter OTL Extras logfile created on: 05.05.2011 22:39:50 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\FIETE\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 53,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 82,63 Gb Free Space | 35,48% Space Free | Partition Type: NTFS
Drive D: | 232,49 Gb Total Space | 171,30 Gb Free Space | 73,68% Space Free | Partition Type: NTFS
Computer Name: FIETE-TOSH | User Name: FIETE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- Reg Error: Key error. File not found
.html [@ = UltraEdit.html] -- Reg Error: Key error. File not found
.ini [@ = UltraEdit.ini] -- Reg Error: Key error. File not found
.js [@ = UltraEdit.js] -- Reg Error: Key error. File not found
.txt [@ = UltraEdit.txt] -- Reg Error: Key error. File not found
.wsf [@ = WSFFile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B0ADC3A-FDD7-44D3-B9DF-A811414B0C75}" = HP Photosmart Plus B210 series - Grundlegende Software für das Gerät
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}" = TOSHIBA Bulletin Board
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{53480140-1E7B-4DB5-BAA6-4D02D0452355}" = O&O MediaRecovery
"{563F041C-DFDB-437B-A1E8-E141E0906076}" = Microsoft IntelliPoint 8.0
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{74E85F31-573F-45BF-8939-4D2BCDCC2083}" = LEGO MINDSTORMS NXT Driver for x64
"{77B8B4A5-EE79-4907-A318-2DA86325B8D7}" = iTunes
"{80488962-EB4D-46B2-9E03-F3A8ACA6AE82}" = Studie zur Verbesserung von HP Photosmart Plus B210 series Produkten
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}" = Paint.NET v3.5.8
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C2DDF845-7107-40E8-8D2A-8719F1799570}" = TOSHIBA ReelTime
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"CCleaner" = CCleaner
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0085029F-9640-4D93-800D-D0F53188758A}" = Arschloch3D
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0823A2E3-69DD-A37A-7CD9-1CBEB037545C}" = Toshiba Photo Service - powered by myphotobook
"{0A35B15C-9CCD-4C0C-BD5B-34ABF8C95813}_is1" = ICQ 7.4 Build #4629 Banner Remover 1.0
"{0AFCF5C4-D09B-4BAA-8C4D-1F61CF67BD65}" = mufin player 2.0
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B39429C-A1AF-4CC7-87BE-C69F5543A054}_is1" = Spammer 1.0.0.0
"{0D994CC5-819F-4657-84DD-397B8FE1EA80}" = Star Wars Jedi Knight Jedi Academy
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = Toshiba Assist
"{1BAE5C85-A6D3-430C-842B-EAA27AC0C2E8}" = ArcSoft TotalMedia 3.5
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F62A62A-CDAD-4C8A-B110-C5541C496290}_is1" = Swf To Gif Converter 3.6
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{26D8DF7E-DBF8-43A6-8D42-F37497CE603D}" = Skype(TM) Launcher
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3A02BF10-88B9-4D61-9439-A67C9DE7D4BC}" = RS2Bot
"{40719211-D09A-11DF-BA30-0013D3D69929}" = MSVCRT Redists
"{45FE5100-6C09-4B34-AC2F-92D8B3864546}" = LiveUpload to Facebook
"{481463D7-E5D9-4331-B154-B75D6D3C15F8}" = Worms 3D Demo
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{54CD52E0-6660-416C-94CC-FC77875FF226}" = Halo 2 Map Editor
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{663140E6-EB60-11D6-AAED-0004769EEFEB}" = Snake Arena SE
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C1D47CC-682C-4673-8CA8-DEE659628599}" = LEGO MINDSTORMS NXT Migration Package
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6FF1763A-35B2-4DF5-AB57-AB5613AFBAE0}" = (T)Raumschiff Surprise - Periode 1 - XXL
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{764A334E-5C9A-4EB9-9BD4-8E8BC422FFD8}" = S4 League_EU
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7BF68B83-5057-4D4B-0093-28285EEB9EE3}" = Harry Potter II
"{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}" = HP Photosmart Plus B210 series Hilfe
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A174402A-2EE6-4B86-A930-7BC85A9933BD}" = Tom Clancy's Splinter Cell
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B4E4ACA0-79C5-4FC0-818F-ECE4521EBF8D}" = COMPUTERBILD-Abzockschutz
"{B56B13EF-5FD0-4750-B935-66A37103A80F}" = Crazy Machines - Neues aus dem Labor
"{BB10B255-CCA5-4522-8F0C-491CD59A086E}" = MemoduxPLUS
"{BCD8FB4A-8205-4C5F-8822-5D3E7B1E54C8}_is1" = SWF to MP3 Converter v2.4 build 189
"{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1" = Sothink SWF Decompiler
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7D50E0C-27DD-4999-BC05-E026B580F93A}" = Electronic Arts Product Registration
"{DA47ABC4-52DF-468D-988D-B9E768A3DF52}" = Pizza Connection 2
"{DA60AB6B-6C9C-4B5F-BC61-3B0D9BCBD50B}" = Conceptronic CTVDIGUSB2 Device Utilities
"{DBB7021A-3437-446F-ACE5-7261644A972C}" = Toshiba TEMPRO
"{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E48C44A4-05F4-4C23-BE1F-F37A9CD6ACA3}" = Marble ix
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E81A7285-8CA6-4430-B6C0-5F719E4D40D9}" = SpongeBob Schwammkopf - Der Film
"{E83BA61A-5D77-4DD5-9C92-A3447F11E27D}" = eBay
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EF1394D4-9FB6-4F1F-9A09-20FF3033AE14}" = Tony Hawk's Underground 2
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F79AAB3A-B8B4-4AC7-94AB-1C4C076C6A89}" = The Simpsons Hit & Run(TM)
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB4F9000-04FC-11E0-85D2-001AA037B01E}" = Google Earth Plug-in
"7-Zip" = 7-Zip 4.65
"Access 97rt PAN EURO G" = Access 97rt PAN EURO G
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Aeon" = Aeon
"ArtMoney SE_is1" = ArtMoney SE v7.33
"Ashampoo Magical UnInstall 2_is1" = Ashampoo Magical UnInstall 2
"Audiosurf_is1" = Audiosurf Beta
"auxilium 3.1 light_is1" = auxilium 3.1 light
"avast" = avast! Free Antivirus
"Browser Defender_is1" = Browser Defender 3.0
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"Cheat Engine 5.6_is1" = Cheat Engine 5.6
"Clean My Registry_is1" = Clean My Registry v5.2
"conduitEngine" = Conduit Engine
"ControlMK" = ControlMK 0.232
"Debut" = Debut Video Capture Software
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"E.M. Magic Swf2Avi_is1" = E.M. Magic Swf2Avi V6.80
"eBay Icon" = eBay Icon
"EpicBot" = EpicBot
"ESET Online Scanner" = ESET Online Scanner v3
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Toshiba Photo Service - powered by myphotobook
"ExpressBurn" = Express Burn CD DVD Blu-Ray Brenner
"ExpressRip" = Express Rip
"FILEminimizer Pictures_is1" = FILEminimizer Pictures
"FormatFactory" = FormatFactory 2.60
"Fraps" = Fraps
"FSX_Screensaver" = FSX_Screensaver
"Game Booster_is1" = Game Booster
"GamersFirst War Rock" = War Rock
"GameSpy Arcade" = GameSpy Arcade
"G-Force" = G-Force
"Google Chrome" = Google Chrome
"Half-Life 2" = Half-Life 2
"Halo CE" = Microsoft Halo Custom Edition
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photo Creations" = HP Photo Creations
"ICQToolbar" = ICQ Toolbar
"ImgBurn" = ImgBurn
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}" = TOSHIBA Bulletin Board
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{54CD52E0-6660-416C-94CC-FC77875FF226}" = Halo 2 Map Editor
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C2DDF845-7107-40E8-8D2A-8719F1799570}" = TOSHIBA ReelTime
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}" = Electronic Arts Product Registration
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{EF1394D4-9FB6-4F1F-9A09-20FF3033AE14}" = Tony Hawk's Underground 2
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"JDownloader" = JDownloader
"MAGIX_MSI_mufin_player_2" = mufin player 2.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MixPad" = MixPad Audio Mixer
"Mobile Partner" = Mobile Partner
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"MPE" = MyPhoneExplorer
"Notepad++" = Notepad++
"oZone3D.Net FurMark_is1" = oZone3D.Net FurMark v1.8.0
"phase-6" = phase-6 2.1.0.5
"phase-6 Feeding Tool" = phase-6 Feeding Tool 1.1
"PhotoStage" = PhotoStage Slideshow Producer
"Pivot 3.2 Beta Deutsch" = Pivot 3.2 Beta Deutsch
"PKR" = PKR
"Prism" = Prism Video Converter
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.0.0
"Samplisizer v1.2 (Demo)" = Samplisizer v1.2 (Demo)
"SCREEN2EXE_is1" = SCREEN2EXE 2.9 (build:2204)
"SimCity 3000 Deutschland" = SimCity 3000 Deutschland
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = QuickLatin 1.3.2c
"SuperTux_is1" = SuperTux 0.1.3
"SurfMusik 3.1a_is1" = SurfMusik 3.1a
"SWF to MP3 Converter_is1" = SWF to MP3 Converter v2.3 build 146
"TeamViewer 5" = TeamViewer 5
"TeamViewer 6" = TeamViewer 6
"TmNationsForever_is1" = TmNationsForever
"TmSunrise_is1" = TrackMania Sunrise Extreme 1.5.0
"TVRTLDrv" = DVB-T USB BDA Driver
"UltraISO_is1" = UltraISO Premium V9.36
"Undelete 360_is1" = Undelete 360
"Uninstall_is1" = Uninstall 1.0.0.1
"VideoPad" = VideoPad Video Editor
"Virtual DJ Home - Atomix Productions" = Virtual DJ Home - Atomix Productions
"VLC media player" = VLC media player 1.1.9
"whopper_is1" = whopper
"WildTangent toshiba Master Uninstall" = WildTangent-Spiele
"WinLiveSuite" = Windows Live Essentials
"Zulu" = Zulu DJ Software
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
2. I did it  Ich hab einfach den Dateipfad der Verknüpfung geöffnet und DANN als Administrator gestartet. Neueste Version gedownloadet und GO! Hier meine Programmliste:Code:
ATTFilter (T)Raumschiff Surprise - Periode 1 - XXL 04.05.2011
7-Zip 4.65 04.05.2011
Access 97rt PAN EURO G 04.05.2011
Adobe AIR Adobe Systems Inc. 04.05.2011 1.5.2.8870
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 04.05.2011 10.0.12.36
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 04.05.2011 6,00MB 10.2.159.1
Adobe Reader X (10.0.1) - Deutsch Adobe Systems Incorporated 27.04.2011 115,9MB 10.0.1
Adobe Shockwave Player 11.5 Adobe Systems, Inc. 04.05.2011 11.5.9.620
Aeon SoundSpectrum 04.05.2011 1.0.2
AnvSoft Flash to Video Converter 1.2.1 AnvSoft Inc. 14.01.2011
ArcSoft TotalMedia 3.5 ArcSoft 04.05.2011
Arschloch3D Jojo 01.10.2010 11,0MB 0.99.7
ArtMoney SE v7.33 System SoftLab 06.05.2010 7.33
Ashampoo Magical UnInstall 2 Ashampoo GmbH & Co. KG 22.12.2010 28,9MB 2.0.0
Audiosurf Beta Dylan Fitterer 31.03.2011
Auslogics Disk Defrag Auslogics Software Pty Ltd 12.09.2010 8,24MB version 3.1
auxilium 3.1 light CommTec-Softwareentwicklung 11.04.2011
auxilium Demoversion (3.1) CommTec-Softwareentwicklung 11.04.2011
avast! Free Antivirus AVAST Software 04.05.2011 6.0.1000.0
Browser Defender 3.0 Threat Expert Ltd. 17.04.2011 16,9MB 3.0.0.213
Camtasia Studio 7 TechSmith Corporation 15.04.2011 219MB 7.0.1
CCleaner Piriform 17.04.2011 3.05
Cheat Engine 5.5 Dark Byte 20.02.2010 11,0MB
Cheat Engine 5.6 Dark Byte 19.02.2010 11,1MB
Cheat Engine 5.6.1 Dark Byte 28.04.2011 12,3MB
Clean My Registry v5.2 Smart PC Solutions 07.09.2010 5.2
Compatibility Pack für 2007 Office System Microsoft Corporation 13.04.2011 147,0MB 12.0.6425.1000
COMPUTERBILD-Abzockschutz J3S 30.06.2010 2,24MB 1.0.29
Conceptronic CTVDIGUSB2 Device Utilities Conceptronic Multimedia 11.08.2010 3.0.0.0
Conduit Engine Conduit Ltd. 04.05.2011
ControlMK 0.232 Redcl0ud 04.05.2011 0.232
Crazy Machines - Neues aus dem Labor FAKT Software GmbH 29.01.2011 1.21
Debut Video Capture Software NCH Software 04.05.2011
DivX Converter DivX, Inc. 04.05.2011 7.1.0
DivX Plus DirectShow Filters DivX, Inc. 04.05.2011
DivX-Setup DivX, Inc. 04.05.2011 1.0.2.23
DVB-T USB BDA Driver 04.05.2011
DVDStyler v1.8.0 11.02.2010 21,1MB
E.M. Magic Swf2Avi V6.80 EffectMatrix, Inc. 28.03.2011 31,9MB
eBay eBay Inc. 07.09.2009 0,16MB 1.0.4
eBay Icon 04.05.2011
Electronic Arts Product Registration Electronic Arts 11.02.2011 1,62MB 1.01.0000
EpicBot 04.05.2011
ESET Online Scanner v3 04.05.2011
Express Burn CD DVD Blu-Ray Brenner NCH Software 04.05.2011
Express Rip NCH Software 04.05.2011
Facebook Plug-In Facebook, Inc. 05.06.2010
Far Cry 2 Ubisoft 13.02.2011 1.03.00
FILEminimizer Pictures balesio AG 28.11.2010
Firebird SQL Server - MAGIX Edition MAGIX AG 01.04.2011 10,1MB 2.1.27.0
FormatFactory 2.60 Free Time 04.05.2011 2.60
Fraps 04.05.2011
FSX_Screensaver 04.05.2011
G-Force SoundSpectrum 04.05.2011 3.7.5
Game Booster IObit 02.03.2011 13,6MB 2.3.0.0
GameSpy Arcade 04.05.2011
Google Chrome Google Inc. 01.02.2010 11.0.696.60
Google Earth Plug-in Google 16.02.2011 39,8MB 6.0.1.2032
GTA San Andreas Rockstar Games 28.01.2011 1.00.00001
Half-Life 2 04.05.2011
Halo 2 Map Editor Microsoft Game Studios 16.03.2011 685MB 1.00.0000
Harry Potter II 04.05.2011
HP Photo Creations HP Photo Creations Powered by RocketLife 04.05.2011 14,6MB 1.0.0.3341
HP Photosmart Plus B210 series - Grundlegende Software für das Gerät Hewlett-Packard Co. 16.01.2011 108,4MB 22.0.334.0
HP Photosmart Plus B210 series Hilfe Hewlett Packard 16.01.2011 14,8MB 140.0.54.54
HP Update Hewlett-Packard 16.01.2011 2,97MB 5.002.005.003
ICQ 7.4 Build #4629 Banner Remover 1.0 murb.com 28.03.2011 2,42MB
ICQ Toolbar ICQ 04.05.2011 3.0.0
ICQ7.5 ICQ 19.04.2011 7.5
ImgBurn LIGHTNING UK! 13.03.2011 2.5.5.0
Intel(R) Graphics Media Accelerator Driver Intel Corporation 28.06.2010 54,3MB 8.15.10.1986
Intel(R) Graphics Media Accelerator Driver Intel Corporation 18.04.2011 8.15.10.1986
Intel® Matrix Storage Manager Intel Corporation 24.11.2009
Internet-TV für Windows Media Center Microsoft Corporation 12.09.2010 13,7MB 4.2.2.0
iTunes Apple Inc. 01.02.2011 145,7MB 10.1.2.17
Java(TM) 6 Update 24 Sun Microsystems, Inc. 30.05.2010 94,5MB 6.0.240
JDownloader AppWork UG (haftungsbeschränkt) 04.05.2011
LEGO MINDSTORMS NXT Driver for x64 LEGO 03.01.2010 1,55MB 1.17.770
LEGO MINDSTORMS NXT Migration Package LEGO 03.01.2010 0,72MB 1.2.8.0
LiveUpload to Facebook William Duff 01.04.2011 1,24MB 3.2.3.0
Malwarebytes' Anti-Malware Malwarebytes Corporation 22.12.2010 10,5MB
Marble ix bhv Software GmbH & Co. KG 12.02.2011 462MB 1.00.0000
MemoduxPLUS C. C. Buchner 11.04.2011 326MB 1.0.0
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 28.06.2010 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 28.06.2010 2,94MB 4.0.30319
Microsoft .NET Framework 4 Extended Microsoft Corporation 19.08.2010 52,0MB 4.0.30319
Microsoft Games for Windows - LIVE Microsoft Corporation 18.03.2011 6,01MB 3.4.54.0
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 18.03.2011 31,3MB 3.4.18.0
Microsoft Halo Custom Edition 04.05.2011
Microsoft IntelliPoint 8.0 Microsoft 03.11.2010 38,0MB 8.0.225.0
Microsoft Office Home and Student 2007 Microsoft Corporation 04.05.2011 12.0.6425.1000
Microsoft Office Live Add-in 1.5 Microsoft Corporation 25.05.2010 0,50MB 2.0.4024.1
Microsoft Office PowerPoint Viewer 2007 (German) Microsoft Corporation 13.04.2011 133,7MB 12.0.6425.1000
Microsoft Office Suite Activation Assistant Microsoft Corporation 07.09.2009 8,37MB 2.9
Microsoft Silverlight Microsoft Corporation 20.04.2011 148,4MB 4.0.60310.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 07.09.2009 1,72MB 3.1.0000
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 27.01.2010 0,25MB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 06.02.2011 2,69MB 8.0.59193
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Corporation 27.01.2010 0,21MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Corporation 29.04.2010 1,71MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Corporation 19.08.2010 0,76MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 07.09.2009 0,77MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 28.11.2010 0,76MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 Microsoft Corporation 01.09.2010 0,23MB 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 19.02.2011 0,23MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 01.02.2010 0,58MB 9.0.30729.4148
Microsoft Works Microsoft Corporation 17.12.2010 878MB 9.7.0621
MixPad Audio Mixer NCH Software 04.05.2011
Mobile Partner Huawei Technologies Co.,Ltd 04.05.2011 16.002.03.01.40
Mozilla Firefox (3.6.17) Mozilla 04.05.2011 3.6.17 (de)
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 03.04.2011 1,28MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 03.04.2011 1,33MB 4.20.9876.0
mufin player 2.0 mufin GmbH 04.05.2011 2.0.3.680
MyPhoneExplorer F.J. Wechselberger 04.05.2011 1.7.6
Notepad++ 04.05.2011 5.8.2
O&O MediaRecovery O&O Software GmbH 28.11.2010 8,33MB 4.1.1322
OpenOffice.org 3.2 OpenOffice.org 01.09.2010 365MB 3.2.9502
oZone3D.Net FurMark v1.8.0 oZone3D.Net 05.05.2010 3,87MB
Paint.NET v3.5.8 dotPDN LLC 27.03.2011 10,4MB 3.58.0
phase-6 2.1.0.5 phase-6 04.05.2011 2.1.0.5
phase-6 Feeding Tool 1.1 phase-6 04.05.2011 1.1
PhotoStage Slideshow Producer NCH Software 04.05.2011
Pivot 3.2 Beta Deutsch Das Deutsche Pivotforum 04.05.2011 3.2 Beta
Pivot Stickfigure Animator Peter Bone 05.01.2010 1,02MB 2.2.5
Pizza Connection 2 04.05.2011
PKR PKR Ltd 04.05.2011
PlayReady PC Runtime amd64 Microsoft Corporation 07.09.2009 2,06MB 1.3.0
Prism Video Converter NCH Software 04.05.2011
ProtectDisc Helper Driver 10 04.05.2011 10.0.0.3
QuickLatin 1.3.2c 04.05.2011
QuickStores-Toolbar 1.0.0 AB-Tools.com 14.09.2010 0,91MB 1.0.0
QuickTime Apple Inc. 28.12.2010 73,7MB 7.69.80.9
Realtek 8136 8168 8169 Ethernet Driver Realtek 07.09.2009 1.00.0005
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 11.06.2010 6.0.1.5964
Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 24.11.2009 6.1.7600.30101
Realtek WLAN Driver Realtek 24.11.2009 1,54MB 2.00.0006
RS2Bot RS2Bot.com 11.11.2010 1,20MB 1.3.0
S4 League_EU 04.05.2011 1.00.0000
Samplisizer v1.2 (Demo) Overgamer&Sun 04.05.2011 1.2
SCREEN2EXE 2.9 (build:2204) Stepok Image Lab. 29.05.2010
SimCity 3000 Deutschland 04.05.2011
Skype(TM) Launcher Skype Technologies S.A. 04.05.2011
Skype™ 5.1 Skype Technologies S.A. 04.03.2011 22,7MB 5.1.112
Snake Arena SE Snake Arena SE 11.12.2010 8,87MB 1.00.0000
Sothink SWF Decompiler SourceTec Software Co., LTD 01.02.2011 6.0
SpeedFan (remove only) 04.05.2011
SpiritMt2 04.05.2011
SpongeBob Schwammkopf - Der Film 04.05.2011 1.0
Star Wars Jedi Knight Jedi Academy 04.05.2011
Studie zur Verbesserung von HP Photosmart Plus B210 series Produkten Hewlett-Packard Co. 16.01.2011 6,90MB 22.0.334.0
SUPERAntiSpyware SUPERAntiSpyware.com 25.04.2011 54,1MB 4.51.1000
SuperTux 0.1.3 SuperTux Development Team 04.05.2011
SurfMusik 3.1a Marcus Schmitt 20.04.2010 3.1a
Swf To Gif Converter 3.6 789soft, Inc. 28.01.2011
SWF to MP3 Converter v2.3 build 146 Hoo Technologies 04.05.2011
SWF to MP3 Converter v2.4 build 189 Hoo Technologies 11.03.2011 2,07MB
Switch Audiodatei-Konverter NCH Software 04.05.2011
Synaptics Pointing Device Driver Synaptics Incorporated 24.11.2009 13.2.6.1
TeamSpeak 3 Client TeamSpeak Systems GmbH 02.03.2011
TeamViewer 5 TeamViewer GmbH 04.05.2011 5.0 8081
TeamViewer 6 TeamViewer GmbH 04.05.2011 6.0.10194
The Simpsons Hit & Run(TM) 04.05.2011 1.00.000
TmNationsForever Nadeo 23.07.2010
Tom Clancy's Splinter Cell 04.05.2011 1.00.000
Tony Hawk's Underground 2 Activision 11.12.2010 2.247MB 1.00.0000
Toshiba Assist TOSHIBA 07.09.2009 3.00.09
TOSHIBA Bulletin Board TOSHIBA Corporation 04.05.2011 1.0.04.64
TOSHIBA ConfigFree TOSHIBA Corporation 11.06.2010 67,6MB 8.0.25
TOSHIBA Disc Creator TOSHIBA Corporation 07.09.2009 10,3MB 2.1.0.1 for x64
TOSHIBA DVD PLAYER TOSHIBA Corporation 24.11.2009 3.01.0.07-A
TOSHIBA eco Utility TOSHIBA Corporation 24.11.2009 6,93MB 1.1.10.64
TOSHIBA Extended Tiles for Windows Mobility Center 04.05.2011
TOSHIBA Face Recognition TOSHIBA Corporation 04.05.2011 3.1.1.64
TOSHIBA Flash Cards Support Utility TOSHIBA CORPORATION 07.09.2009 20,00KB 1.63.0.4C
TOSHIBA Hardware Setup TOSHIBA CORPORATION 07.09.2009 7,90MB 1.63.0.11C
TOSHIBA HDD/SSD Alert TOSHIBA Corporation 07.09.2009 38,0MB 3.1.64.0
Toshiba Manuals TOSHIBA 07.09.2009 10.00
Toshiba Online Product Information TOSHIBA 07.09.2009 2.08.0001
TOSHIBA PC Health Monitor TOSHIBA Corporation 24.11.2009 27,4MB 1.4.1.64
Toshiba Photo Service - powered by myphotobook myphotobook GmbH 04.05.2011 1.0.0-663
TOSHIBA Recovery Media Creator TOSHIBA Corporation 07.09.2009 2,98MB 2.1.0.2 for x64
TOSHIBA Recovery Media Creator Reminder TOSHIBA 07.09.2009 0,45MB 1.00.0019
TOSHIBA ReelTime TOSHIBA Corporation 04.05.2011 1.0.04.64
TOSHIBA SD Memory Utilities TOSHIBA 24.11.2009 9,16MB 1.9.1.12
TOSHIBA Service Station TOSHIBA 24.11.2009 2.1.33
TOSHIBA Supervisorkennwort TOSHIBA CORPORATION 07.09.2009 1,95MB 1.63.0.7C
Toshiba TEMPRO Toshiba Europe GmbH 11.06.2010 10,9MB 3.33
TOSHIBA Value Added Package TOSHIBA Corporation 24.11.2009 87,7MB 1.2.25.64
TrackMania Sunrise Extreme 1.5.0 Nadeo 04.05.2011
TRORMCLauncher 04.05.2011
UltraISO Premium V9.36 22.04.2010
Undelete 360 File Recovery Ltd. 13.01.2011
Uninstall 1.0.0.1 10.03.2011 10,4MB
Ventrilo Client Flagship Industries, Inc. 02.03.2011 5,58MB 3.0.7
VideoPad Video Editor NCH Software 04.05.2011
Virtual DJ Home - Atomix Productions 04.05.2011
VLC media player 1.1.9 VideoLAN 04.05.2011 1.1.9
War Rock GamersFirst 04.05.2011
WavePad Audiobearbeitungs-Software NCH Software 04.05.2011
whopper 26.05.2010
WildTangent-Spiele WildTangent 04.05.2011 1.0.0.71
Windows 7 USB/DVD Download Tool Microsoft Corporation 13.03.2011 2,72MB 1.0.30
Windows Live Essentials Microsoft Corporation 28.12.2010 15.4.3508.1109
Windows Live Sync Microsoft Corporation 21.08.2010 2,79MB 14.0.8117.416
Windows Media Center Add-in for Silverlight Microsoft Corporation 12.09.2010 0,24MB 4.7.3.0
Windows Movie Maker 2.6 Microsoft Corporation 09.03.2010 12,3MB 2.6.4038.0
WinRAR 21.12.2010
Worms 3D Demo 04.05.2011 0.00.001
Zulu DJ Software NCH Software 04.05.2011
 |
|
09.05.2011, 10:51
| #19 |
| /// Helfer-Team | virus-seite? google suche wird zu einem werbe paradies... 1. Code:
ATTFilter Clean My Registry
 Eventuell meldet sich regelmäßig mit einem Fenster mit der Aufforderung zur Problembehandlung, was nur beim Kauf des Programms möglich ist! Mit der Kaufversion tritt das Problem komischerweise nicht mehr auf...Ich rate Dir also dringend davon ab solche Tools einzusetzen, die so tief in die Registry eingreifen,, da eine winzige Änderung in der Registry (z.B "falsch gelöschte" Einträge) kann fatale Folgen haben! Dann wundert man sich, dass Windows irgendwann lahmt oder Abstürze bringt! - Ich kann mir nicht vorstellen, dass irgendein Programm zwischen nützlichen und unnützen unterscheiden kann, bzw was Windows benötigt und was nicht! CCleaner verordnen wir seit Jahren...benutze ich auch selbst lange schon, bis jetzt ohne Probleme auch reinigen..zudem er hat ein Vorteil gegenüber anderen Programmen, dass er eher nur wenig löscht Tipp: System mit Windows-eigenen Mitteln bereinigen 2. Benötigst nicht alle oder...?: Code:
ATTFilter Cheat Engine 5.5
Cheat Engine 5.6
Cheat Engine 5.6.1
3. wird ungefragt (mit)installiert, kannst deinstallieren braucht kein Mensch: Code:
ATTFilter Conduit Engine
Bei Installation die Lizenzbestimmungen immer lesen, und nicht sofort überall den Haken setzen, weil damit stimmt man nämlich zu, dass Adware (Werbe-Pop-ups) durch Partnerprogrammen, Sponsoren etc - mitinstalliert wird, weil sich Freeware damit finanziert. 4. Code:
ATTFilter Firebird SQL-Server
Du hast einen Server mit einer Datenbank (er wird automatisch und ungefragt bei der Installation der Magix-Programme mitinstalliert, aber von den meisten Usern gar nicht benötigt) Jedes Mal wenn Du das Programm Magix startest, ein Script dafür sorgt, das alle vorhandenen Datensätze der Datenbank werden aufgerufen, die wiederum meisten gar nicht benötigen... 5. → besuche die Seite von virustotal und die Datei/en aus Codebox bitte prüfen lassen - inklusive Dateigröße und Name, MD5 und SHA1 auch mitkopieren: → Tipps für die Suche nach Dateien Code:
ATTFilter C:\Users\FIETE\AppData\Roaming\UUSoQLdiE9hE.exe
→ Suche die Datei auf deinem Rechner→ Doppelklick auf die zu prüfende Datei (oder kopiere den Inhalt ab aus der Codebox) → "Senden der Datei" und Warte, bis der Scandurchlauf aller Virenscanner beendet ist → das Ergebnis wie Du es bekommst (NICHT AUSLASSEN!) da reinkoperen (inklusive <geprüfter Dateiname> + Dateigröße und Name, MD5 und SHA1) ** Beispiel - das zu postende Logfile von Virustotal soll so wie hier aussehen Also nicht auslassen, sondern wie Du es bekommst da reinkopieren!: Code:
ATTFilter File name:
<<Dateiname>>
Submission date:
2010-10-22 03:34:01 (UTC)
Current status:
queued queued analysing finished
Result:
.....%
VT Community
goodware/badware
Safety score: 100.0%
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2010.10.22.00 2010.10.21 -
AntiVir 7.10.13.15 2010.10.21 -
Antiy-AVL 2.0.3.7 2010.10.22 -
Authentium 5.2.0.5 2010.10.22 -
Avast 4.8.1351.0 2010.10.21 -
Avast5 5.0.594.0 2010.10.21 -
usw........
6. Fixen mit OTL
Code:
ATTFilter :OTL
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
O2:64bit: - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{26ffb629-2014-11e0-94c3-002622f1344e}\Shell - "" = AutoRun
O33 - MountPoints2\{26ffb629-2014-11e0-94c3-002622f1344e}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{33a6d159-b4f2-11df-a4cf-001bdc002e32}\Shell - "" = AutoRun
O33 - MountPoints2\{33a6d159-b4f2-11df-a4cf-001bdc002e32}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{a68a4bcf-d96f-11de-ac4f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a68a4bcf-d96f-11de-ac4f-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{fdaea6c6-fbeb-11df-9112-001bdc002e32}\Shell - "" = AutoRun
O33 - MountPoints2\{fdaea6c6-fbeb-11df-9112-001bdc002e32}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{fdaea6d7-fbeb-11df-9112-001bdc002e32}\Shell - "" = AutoRun
O33 - MountPoints2\{fdaea6d7-fbeb-11df-9112-001bdc002e32}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{fdaea6f9-fbeb-11df-9112-001bdc002e32}\Shell - "" = AutoRun
O33 - MountPoints2\{fdaea6f9-fbeb-11df-9112-001bdc002e32}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\CDStart.exe
[2011.05.05 14:34:29 | 000,000,000 | ---D | C] -- C:\Users\FIETE\AppData\Local\{D075C440-3D3A-4CF2-A37C-0573664CAA43}
@Alternate Data Stream - 212 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:430C6D84
:Commands
[purity]
[emptytemp]
7. erneut einen Scan mit OTL:
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! Geändert von kira (09.05.2011 um 11:03 Uhr) |
|
24.05.2011, 17:53
| #20 |
| | virus-seite? google suche wird zu einem werbe paradies... Nochmals bitte ich um Verständnis, dass ich längere Zeit nicht am Pc war, dennoch habe ich alles bearbeitet! 1.-4. Behoben! 5. Die Datei existiert nicht, oder ich habe sie versehentlich schon länger gelöscht.  6. Ist gefixxt! 7. Ist im Anhang, weil -> Der Text, den Sie eingegeben haben, besteht aus 103943 Zeichen und ist damit zu lang. Bitte kürzen Sie den Text auf die maximale Länge von 100000 Zeichen. |
|
24.05.2011, 20:47
| #21 |
| /// Helfer-Team | virus-seite? google suche wird zu einem werbe paradies... 1. Fixen mit OTL
Code:
ATTFilter :OTL
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "foxsearch"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=3&q={searchTerms}"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "foxsearch"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
[2011.01.29 17:57:57 | 000,001,141 | ---- | M] () -- C:\Users\FIETE\AppData\Roaming\Mozilla\Firefox\Profiles\lqm8lza1.default\searchplugins\conduit.xml
[2011.02.28 18:53:18 | 000,003,915 | ---- | M] () -- C:\Users\FIETE\AppData\Roaming\Mozilla\Firefox\Profiles\lqm8lza1.default\searchplugins\sweetim.xml
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O20 - HKLM Winlogon: UserInit - (C:\Users\FIETE\AppData\Roaming\UUSoQLdiE9hE.exe) - File not found
@Alternate Data Stream - 212 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:430C6D84
:Reg
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" =-
:Commands
[purity]
[emptytemp]
2. Proxyeinstellungen zu überprüfen: Hast Du absichtlich die IP 192.168.137.1 als Proxy eingestellt?
__________________ --> virus-seite? google suche wird zu einem werbe paradies... |
|
25.05.2011, 17:48
| #22 |
| | virus-seite? google suche wird zu einem werbe paradies... 1. Erledigt. 2. Meintest du etwas in der Richtung?  Eigentlich wollte ich das nie... Ich hatte mal ein Problem, dass kein einziges Programm Zugriff aufs Internet hatten, weil das aktiviert war:  Ich habs künstlich hingemalt weil ich nicht wissen wollte was passiert wenn ichs nochma anklicke  |
|
25.05.2011, 18:49
| #23 |
| /// Helfer-Team | virus-seite? google suche wird zu einem werbe paradies... 1. Proxyeinstellungen zu überprüfen, klick hier: http://www.toolzzz.net/de/checkProxy.htm also wenn du keinen Proxyserver lokal installiert hast, nimm die Proxyeinstellungen aus den Interneteinstellungen raus: im Internet: Extras => Internetoptionen => Verbindungen => Lan-Einstellungen Haken bei Proxyserver für LAN verwenden und Proxyserver für lokale Adressen umgehen entfernen. im Firefox: Extras => Einstellungen => Erweitert => Netzwerk => Einstellungen. Dort unter Verbindungs-Einstellungen => Kein Proxy anhaken. 2. Deine Javaversion ist nicht aktuell! Da aufgrund alter Sicherheitslücken ist Java sehr anfällig, deinstalliere zunächst alle vorhandenen Java-Versionen: → Systemsteuerung → Software → deinstallieren... → Rechner neu aufstarten → Downloade nun die Offline-Version von Java Version 6 Update 24 von Oracle herunter Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)! ► berichte erneut über den Zustand des Computers
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
26.05.2011, 15:53
| #24 |
| | virus-seite? google suche wird zu einem werbe paradies... 1. Hab ich gemacht. 2. Ist auch gemacht. Es hat sich nichts geändert, ich sehe immernoch die Nachricht mit den Internetsicherheitseinstellungen.  Was kann das denn jetz noch sein? Ich meine für einen Rootkit hat der ganz schön was aufm Kerbholz. Möglicherweise gibt es Probleme mit "rundll32.exe". Diese Datei öffnet sich immer, wenn diese Nachricht gezeigt wird, nicht nur weil diese Datei dafür zuständig ist, sondern auch weil sie oft geöffnet ist, ohne dass ich die Meldung sehe. Nur so als Tipp. Einmal hat sie sich sogar selbst angezeigt, dass sie nicht ausgeführt werden kann wegen den Internetsicherheitseinstellungen. Ich bin übergangsweise auf Google Chrome umgestiegen aber ich werde im Firefox nichtmehr auf andere Seiten geleitet. Zum Glück...  |
|
28.05.2011, 08:33
| #25 |
| /// Helfer-Team | virus-seite? google suche wird zu einem werbe paradies... kann sein, von Browser Defender wird blockiert? vlt mal deinstallieren...
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
28.05.2011, 10:42
| #26 |
| | virus-seite? google suche wird zu einem werbe paradies... Ist deinstalliert, aber das hat auch wenig gebracht. Eigentlich nix. |
|
30.05.2011, 06:25
| #27 |
| /// Helfer-Team | virus-seite? google suche wird zu einem werbe paradies... - wann kommt die meldung - Mich hätte die genaue Meldung interessiert - kannst du mir davon mal eben einen Screenshot machen und hier posten? erneut einen Scan mit OTL:
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! Geändert von kira (30.05.2011 um 06:31 Uhr) |
|
31.05.2011, 16:37
| #28 |
| | virus-seite? google suche wird zu einem werbe paradies... Je nachdem wenn man versucht eine .pdf Datei, einen Setup, oder ein bestimmtes Programm über die Verknüpfung zu öffnen. Ich verweise was das Bild der Nachricht betrifft auf Post #3! Aber ich hab die Adresse kopiert um das alles ein wenig übersichtlicher zu machen also nochmal die Meldung hier: Das ist die normale Meldung, so sieht sie grundsätzlich aus.  Die genaue Meldung ist eben, wenn man mehr Details sehen will, sieht man welche Datei blockiert wurde, ansonsten kann man nochmal auf den Support gucken, aber der besagt auch nur, dass man die Einstellungen verändern muss, was ich schon zigtausendmal getestet hab -.-  Den OTL Scan mach ich morgen, ich schreib nämlich ne Arbeit |
|
03.07.2011, 18:06
| #29 |
| | virus-seite? google suche wird zu einem werbe paradies... Letzter Beitrag hier: Ich hab einen Backup gemacht und das System gecleant. Rootkit weg, Internetsicherheitseinstellungen nerven nicht mehr! Gut is^^ |
|
04.07.2011, 07:46
| #30 |
| /// Helfer-Team | virus-seite? google suche wird zu einem werbe paradies... also das System formatiert und neu installiert bzw auf den Auslieferungszustand zurückgesetzt?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
| Themen zu virus-seite? google suche wird zu einem werbe paradies... |
| alarm, appdata, applaus, avast, blockiert, datei, direkt, express, gelöscht, google, klicke, link, malwarebytes, natürlich, nichts, ordner, programm, seite, software, suche, testversion, trojaner, version, windows, wunder, öffnet |
.
Linear-Darstellung
