Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Trojaner, kritischer Fehler und kein Speichplatz

Trojaner, kritischer Fehler und kein Speichplatz


Plagegeister aller Art und deren Bekämpfung: Trojaner, kritischer Fehler und kein Speichplatz

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 22.05.2011, 13:25   #1
Skipp
 
Trojaner, kritischer Fehler und kein Speichplatz - Standard

Trojaner, kritischer Fehler und kein Speichplatz


Hallo,
ich hab mir einen Trojaner eingefangen.
Habe Malewarebytes und SUPERAntiSpyware durchlaufen lassen ( die ergebnisse unten).
Jetzt hab ich noch folgenden Fehler:
"Catalyst Control Center: Host application funktioniert nicht mehr."
hab dazu das OTL durchlaufen lassen. Beide berichte sind unten.

bis jetzt bin ich nach den schon bestehenden Thema:
"Trojaner, kritischer Fehler auf der Festplatte, Windows findet keinen Speicherplatz "
geganen. Aber nun komm ich nicht weiter. Hab noch einen weisen Bildschirm ohne icons.

Wäre super, wenn mir jemand helfen kann.

Vielen Dank schon mal

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6639

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

22.05.2011 13:38:45
mbam-log-2011-05-22 (13-38-44).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 149955
Laufzeit: 9 Minute(n), 1 Sekunde(n)

Infizierte Speicherprozesse: 2
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 3

Infizierte Speicherprozesse:
c:\programdata\wvlmhxgdqr.exe (Trojan.FakeMS.Gen) -> 2184 -> Unloaded process successfully.
c:\programdata\44687096.exe (Rogue.WindowsRecoveryConsole) -> 4508 -> Unloaded process successfully.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wvLmHXgdqR (Trojan.FakeMS.Gen) -> Value: wvLmHXgdqR -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\4E3E0230AEBB4E96 (Trojan.SpyEyes) -> Value: 4E3E0230AEBB4E96 -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\Recycle.Bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\programdata\wvlmhxgdqr.exe (Trojan.FakeMS.Gen) -> Quarantined and deleted successfully.
c:\programdata\44687096.exe (Rogue.WindowsRecoveryConsole) -> Quarantined and deleted successfully.
c:\Recycle.Bin\config.bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.

AntiSpy
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 05/22/2011 at 01:10 PM

Application Version : 4.52.1000

Core Rules Database Version : 7110
Trace Rules Database Version: 4922

Scan type : Complete Scan
Total Scan Time : 01:55:34

Memory items scanned : 728
Memory threats detected : 1
Registry items scanned : 7593
Registry threats detected : 0
File items scanned : 180447
File threats detected : 65

Adware.Vundo/Variant-MSFake
C:\PROGRAMDATA\42983160.EXE
C:\PROGRAMDATA\42983160.EXE
C:\Windows\Prefetch\42983160.EXE-7ABE5ADA.pf

Adware.Tracking Cookie
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@hlstatsx[2].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@bs.serving-sys[1].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@ad.yieldmanager[1].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@webmasterplan[1].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@content.yieldmanager[3].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@mediaplex[2].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@sevenoneintermedia.112.2o7[1].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@tradedoubler[2].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@fastclick[1].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@doubleclick[1].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@tracking.mindshare[1].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@at.atwola[1].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@bluestreak[1].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@ad.adc-serv[1].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@adserver.traffictrack[2].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@adfarm1.adition[2].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@ad.zanox[2].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@ad.adnet[1].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@zanox[2].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@serving-sys[2].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@imrworldwide[2].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@www.zanox-affiliate[2].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@tacoda[1].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@ad2.adfarm1.adition[2].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@ads.creative-serving[2].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@tracking.quisma[2].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@advertising[2].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@zbox.zanox[1].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@unitymedia[2].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@tracking.hannoversche[1].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@apmebf[2].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@atdmt[2].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@atwola[2].txt
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@zanox-affiliate[2].txt
aka-cdn-ns.adtech.de [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
bc.youporn.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
cdn1.image.freeporn.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
cdn1.pics.mofosex.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
cdn1.static1.pornrabbit.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
cdn5.specificclick.net [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
counter.cam-content.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
games.adultswim.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
ia.media-imdb.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
imagesrv.adition.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
imgs.adverticum.net [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
media.mtvnservices.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
media.scanscout.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
media01.gameloft.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
media1.break.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
s0.2mdn.net [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
secure-uk.imrworldwide.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
secure-us.imrworldwide.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
serving-sys.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
static.sunporno.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
www.adserv3.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
www.adservercentral.info [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
www.alphaporno.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
www.naiadsystems.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
www.pornerbros.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
www.pornhub.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
www.pornme.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]
www.secmedia.de [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ]

Trojan.Agent/Gen-FakeAntiSpy
C:\USERS\FELIX\APPDATA\LOCAL\TEMP\ADOBE_FLASH_PLAYER.EXE

Hier noch die OTL berichte:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 22.05.2011 13:55:32 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Felix\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 226,76 Gb Total Space | 131,96 Gb Free Space | 58,20% Space Free | Partition Type: NTFS
Drive D: | 226,00 Gb Total Space | 224,35 Gb Free Space | 99,27% Space Free | Partition Type: NTFS
Drive E: | 1,99 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: FELIX-PC | User Name: Felix | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01ECC3CC-DAD8-4715-A69F-301E51E2140E}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{0C948884-6C4E-4D70-A740-B08EC86422FA}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{1EEBE49B-82BD-47F5-AF0C-3E5DD690FABA}" = lport=138 | protocol=17 | dir=in | app=system | 
"{278C37A3-B383-46E6-B46F-920B274612FD}" = lport=137 | protocol=17 | dir=in | app=system | 
"{48BE4F19-5DBB-42F7-9840-13AE6E011701}" = lport=445 | protocol=6 | dir=in | app=system | 
"{49957279-DB68-4D19-9686-252C0752458C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{5C57BC1C-44C9-4906-9A07-B091DC207E3E}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher | 
"{681698B5-7A1A-4B56-8714-F721FC4A61E6}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{6CB2137F-2AFB-4646-9DE7-9C5CC66DB423}" = rport=138 | protocol=17 | dir=out | app=system | 
"{7E3165F2-F54F-407F-B4FF-4E5320994964}" = lport=6884 | protocol=17 | dir=in | name=league of legends launcher | 
"{8422F98D-3253-4FE7-A8CA-4E32C9D4B7E5}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher | 
"{8E4F7B1D-F46E-43F7-9521-8CA30B418D17}" = lport=6884 | protocol=6 | dir=in | name=league of legends launcher | 
"{A65D2D46-45E6-4AB5-9746-E96694661324}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{AAB0BD41-4208-483B-9BA6-754582D4FB91}" = rport=445 | protocol=6 | dir=out | app=system | 
"{B4D7B22F-EDB2-4E91-BD98-304AC3BBDC41}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{C3256DEA-6299-4007-BA4D-4D04E1B1D022}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher | 
"{CA875650-A696-448E-A305-58C3D7B580B5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{DC1F5D32-553D-487E-846E-0A7185272224}" = lport=139 | protocol=6 | dir=in | app=system | 
"{E375AD22-E6E6-4C96-A4F3-59486F569777}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E38D8D5D-CF3D-40F1-A312-2E53E34D11E5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E87A9828-6F7A-4C15-A8B5-68CD99375094}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher | 
"{F069C67B-5717-4496-BD8F-7A87A6879BF5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F21B14AE-8888-45B6-9216-5BE43EA86D6F}" = rport=137 | protocol=17 | dir=out | app=system | 
"{F5247E09-A578-48CA-AE46-6A6E9DBFAE89}" = rport=139 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A8F0797-8BC6-465A-B01F-826825B31A76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{0C4658C9-EE8C-4E9C-BDBA-6D2C30A9A2B2}" = protocol=6 | dir=in | app=c:\program files\league of legends\air\lolclient.exe | 
"{0FF32670-383F-4D96-AF20-5227B96C3E20}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{14321BE8-B11E-4C26-A3F1-249F665561F6}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{1849697E-5D2D-46A3-A750-EADDDA1B82AF}" = protocol=6 | dir=in | app=c:\program files\league of legends\game\league of legends.exe | 
"{19AF2F96-280E-4AAA-9DA7-69A7C3105DE4}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sk1pp\counter-strike\hl.exe | 
"{281913ED-E8C0-43D0-8E1D-4734C2EE4218}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{2CBABE00-DEC9-4F63-8284-A9CF3E2DC2D2}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{3418AD1E-99B4-4EA3-9831-83972942181E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{34870E45-0DE4-45B3-B1E7-A7F5C073C69A}" = protocol=17 | dir=in | app=c:\program files\league of legends\game\league of legends.exe | 
"{3A7A118C-84CE-4138-A1B5-AC99CAA1A30A}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{3FB18742-9378-4A01-9B4D-1AE0598ACCDD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{4AF369D2-8901-420C-B2FF-EA512F16C64C}" = protocol=17 | dir=in | app=c:\program files\league of legends\game\league of legends.exe | 
"{5977618C-C8E8-40DE-8D66-D6CFB1188E65}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sk1pp\day of defeat\hl.exe | 
"{5B37CD0A-B6D9-4ABB-9853-F846E0578218}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{5CDB2DB7-24F8-4D5A-BAC9-843B7D4BCF6E}" = protocol=6 | dir=in | app=d:\program files\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe | 
"{5DEA3FB2-9709-478F-B391-65081E023774}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{5F148107-E89C-4DFC-8618-2B2D95E258A5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{63E9EEE8-1669-4E38-953D-DA653D20C255}" = protocol=6 | dir=in | app=c:\program files\league of legends\air\lolclient.exe | 
"{75365E49-E805-4DFD-BA23-D68F791FD878}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{75628CF9-E4A1-47EF-B653-DC2C3A500743}" = protocol=17 | dir=in | app=d:\program files\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe | 
"{83BC42C8-5526-4D25-8A67-D5D7A99800F8}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"{8458D086-CA40-4CA3-924D-BD77A842924E}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe | 
"{87DABAAD-0CFA-48DD-AB0D-F34E56CB1A40}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{8B8F8A1C-CFB1-4EB0-A07F-7B66C760F5F0}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"{8F52C181-0F0D-4D3F-B316-4D6F2AB4BC88}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sk1pp\day of defeat\hl.exe | 
"{90E77AC6-26DE-48F9-9D1F-F3AE801FE747}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe | 
"{91026C5B-54B7-4363-B58B-A1B7E770FC9C}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{917F707B-07B5-42C3-9737-E0006E791811}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sk1pp\counter-strike\hl.exe | 
"{93172624-22C6-453A-BA09-D68C19C36820}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{94B88145-A79F-4AA6-938D-259AB1E31D25}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{9B859E58-1350-43CB-82E5-0B740ED70712}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{9C8D570B-C959-4811-BC6C-499F13B912ED}" = protocol=17 | dir=in | app=c:\program files\league of legends\air\lolclient.exe | 
"{9D56EF44-2BF5-43A2-8AAD-EEDB3D73DC61}" = protocol=17 | dir=in | app=c:\program files\league of legends\air\lolclient.exe | 
"{9D6AFDAF-0A58-4DA4-83CF-61A65F068608}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{A0C5A5F8-644A-4A31-B048-700C33828B47}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{A7F7CEBA-347D-4DCA-A4DE-A2B6918AE912}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sk1pp\counter-strike source\hl2.exe | 
"{B60B460C-2794-4F47-A22D-C9F0C87CAF61}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sk1pp\counter-strike source\hl2.exe | 
"{BDE98FFA-A59E-42A1-90AE-A5201F94E741}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{C243C223-C33B-42B3-84BA-77792BEC4362}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{C291508C-F7BD-498B-834D-6F6FCD15C4E2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{C9E537EF-741E-4433-8619-7BEEA87DDC46}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{CA2A9253-05A7-4A06-B9AC-5FFA2D39777E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{D06082C7-2A29-4AFD-BBF5-32236E24C4D7}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{D9B74269-304A-476A-ABA4-C82DDB7C08CB}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe | 
"{E60BB175-8E31-4261-8E78-0F8EF2157FDF}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{E92681A1-AFD1-48B3-95A9-24A0C0312C96}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{F0447D04-44BF-46D1-9F8D-D065AE7DB4D9}" = protocol=6 | dir=in | app=c:\program files\league of legends\game\league of legends.exe | 
"{F0C4A210-A823-4F26-90A2-89B69BC31E01}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{FDCFAA91-290D-4851-95F6-C30A89787106}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"TCP Query User{029E4E02-42E9-4BE5-A32A-BEA8C1CFD8FA}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{0E94D920-F0DD-40B1-8706-A4A23A02D134}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe | 
"TCP Query User{26B8B1DF-7B96-43D3-BB08-78B7D32C50D1}C:\program files\dotalicious gaming client\client.exe" = protocol=6 | dir=in | app=c:\program files\dotalicious gaming client\client.exe | 
"TCP Query User{463EEA66-3832-47CB-AB4B-08388E6DD456}D:\program files\ea games\command and conquer generals\game.dat" = protocol=6 | dir=in | app=d:\program files\ea games\command and conquer generals\game.dat | 
"TCP Query User{5EC773B7-3EBC-4475-BCD9-E55C8518BB41}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe | 
"TCP Query User{7AB47933-9FD7-444D-84A6-07BA041425DF}C:\program files\ccp\eve\bin\exefile.exe" = protocol=6 | dir=in | app=c:\program files\ccp\eve\bin\exefile.exe | 
"TCP Query User{7D42EE8C-0E53-4955-9BE0-5E7A17B797C7}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe | 
"TCP Query User{7D92914D-BECD-4F9A-8E42-3D77C3592026}C:\program files\microsoft games\age of empires\empires.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires\empires.exe | 
"TCP Query User{8B5292B7-5969-4128-90BB-C835ED1ABBDB}C:\users\felix\desktop\wc3\war3.exe" = protocol=6 | dir=in | app=c:\users\felix\desktop\wc3\war3.exe | 
"TCP Query User{8C5928F5-37CF-4C56-9FDD-506EB1453B85}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe | 
"TCP Query User{AB64028D-A969-4228-A1A2-15E6D144B5B1}C:\program files\dotalicious gaming client\client.exe" = protocol=6 | dir=in | app=c:\program files\dotalicious gaming client\client.exe | 
"TCP Query User{B084174D-847E-4847-A86D-A3CAFEBC7560}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{B8ACE9E3-B98B-45EA-91E0-C72F94EBD0C6}C:\microprose\the test of time\civ2.exe" = protocol=6 | dir=in | app=c:\microprose\the test of time\civ2.exe | 
"TCP Query User{BA3A0EA6-6C5A-48AF-876B-B95E7F9A6244}C:\program files\steam\steamapps\sk1pp\day of defeat source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sk1pp\day of defeat source\hl2.exe | 
"TCP Query User{D1A74864-86AB-4AED-B173-F8E1150F04D5}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"TCP Query User{D629BF65-9E95-4E12-9727-7F06E26FE293}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe | 
"TCP Query User{E810F3A4-AA9E-48AC-857C-41F9BF4AAF07}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe | 
"TCP Query User{F15174DA-7F1B-4752-BF19-3BA061B2F081}C:\program files\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe | 
"TCP Query User{F577A9DE-E4F7-498F-817D-D259F5072420}C:\program files\starcraft ii\versions\base17326\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base17326\sc2.exe | 
"TCP Query User{F6C05A35-F1B8-4962-A274-14788ABAC7FA}C:\users\felix\downloads\teamspeak3-server_win32-3.0.0-beta12\teamspeak3-server_win32\ts3server_win32.exe" = protocol=6 | dir=in | app=c:\users\felix\downloads\teamspeak3-server_win32-3.0.0-beta12\teamspeak3-server_win32\ts3server_win32.exe | 
"TCP Query User{FCC0CE24-0669-4F63-A5E3-0D49E130CF16}C:\program files\heroes of newerth\hon.exe" = protocol=6 | dir=in | app=c:\program files\heroes of newerth\hon.exe | 
"UDP Query User{0842C692-75DB-44D0-BB3F-F53AEEDE8F43}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe | 
"UDP Query User{16664676-A56D-4944-ABE2-6221489B6D3C}D:\program files\ea games\command and conquer generals\game.dat" = protocol=17 | dir=in | app=d:\program files\ea games\command and conquer generals\game.dat | 
"UDP Query User{2DF3325F-35CF-4849-88B8-E8860E4068CB}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{3F782A09-265C-4E9C-86B2-407D0792AC12}C:\microprose\the test of time\civ2.exe" = protocol=17 | dir=in | app=c:\microprose\the test of time\civ2.exe | 
"UDP Query User{4969A184-E906-4043-B561-0E8D074EEA1E}C:\program files\steam\steamapps\sk1pp\day of defeat source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sk1pp\day of defeat source\hl2.exe | 
"UDP Query User{4E432948-097A-4579-AED1-F6F3F0CA2F06}C:\program files\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe | 
"UDP Query User{6405D92D-C844-428F-8C91-27E1DA4DE932}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe | 
"UDP Query User{6B73B375-AFA2-45C1-9833-4A2285D8A290}C:\users\felix\downloads\teamspeak3-server_win32-3.0.0-beta12\teamspeak3-server_win32\ts3server_win32.exe" = protocol=17 | dir=in | app=c:\users\felix\downloads\teamspeak3-server_win32-3.0.0-beta12\teamspeak3-server_win32\ts3server_win32.exe | 
"UDP Query User{73C564F1-0F1B-49D4-BA8E-A9A5F88BCEDB}C:\program files\dotalicious gaming client\client.exe" = protocol=17 | dir=in | app=c:\program files\dotalicious gaming client\client.exe | 
"UDP Query User{7E9A1396-E982-40AF-889A-541ACDF22BEF}C:\program files\ccp\eve\bin\exefile.exe" = protocol=17 | dir=in | app=c:\program files\ccp\eve\bin\exefile.exe | 
"UDP Query User{8BB0BADE-D7DE-424B-AA5C-1C851B6007A8}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe | 
"UDP Query User{90F1321D-E80B-47A4-9ACC-1F7A01623077}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe | 
"UDP Query User{9AA21F8C-EA6A-4E38-8A7E-65BDD4EC3DC8}C:\program files\microsoft games\age of empires\empires.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires\empires.exe | 
"UDP Query User{A2525C2D-08D4-4C4A-83A3-5E424F52B0BF}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{C18759B6-B7D3-42FA-B3E5-6C165FEEDF1A}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe | 
"UDP Query User{D195CB37-C224-46CB-BCD4-CA0756776AAC}C:\program files\starcraft ii\versions\base17326\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base17326\sc2.exe | 
"UDP Query User{D26D0058-0B15-435F-82F1-0ADA4CF69947}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe | 
"UDP Query User{D7FE8867-3745-4D70-94F7-3B1ADE2D883D}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"UDP Query User{DA746F47-FA43-4EDB-9297-AE4653C49A4B}C:\program files\dotalicious gaming client\client.exe" = protocol=17 | dir=in | app=c:\program files\dotalicious gaming client\client.exe | 
"UDP Query User{EDD54FF5-C2DE-4B1A-9CA7-9E32DE0CEC5B}C:\users\felix\desktop\wc3\war3.exe" = protocol=17 | dir=in | app=c:\users\felix\desktop\wc3\war3.exe | 
"UDP Query User{FEC58041-9A2C-4B42-82D7-E2A1E0E7DB7B}C:\program files\heroes of newerth\hon.exe" = protocol=17 | dir=in | app=c:\program files\heroes of newerth\hon.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{027CC103-7CBD-3091-BD05-61C3B39C5F41}" = CCC Help French
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05C866EC-C6E6-B63B-5E93-310048EA28F4}" = ccc-utility
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{077A7810-A937-4465-AD08-ACED9807995F}" = ANNO 1602 Königs-Edition
"{13C3016D-EDE0-A37F-1F01-DAFB618DA715}" = CCC Help Greek
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
"{16119AAC-9FE5-8BDC-6DEF-F52576AF1649}" = CCC Help Czech
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{20226F96-074F-CA03-3FDB-48EA38F99A34}" = CCC Help English
"{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}" = Microsoft SQL Server VSS Writer
"{2F0B0B99-2AF4-0A85-4E37-F45C48CC0B21}" = CCC Help Swedish
"{312E49B1-3621-C991-7A6F-E3B30CCA9E6B}" = CCC Help Turkish
"{31B1789F-00B9-D898-1578-CE4CD0EF205B}" = CCC Help Chinese Standard
"{31CF6C0E-51F0-41D2-B088-A6A143C4303C}" = SweetIM Toolbar for Internet Explorer 3.6
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{3B240B92-3596-9F6F-2D1D-2E031D50F5DC}" = CCC Help Danish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{47F081A8-64F6-C280-A694-5637817B8904}" = Catalyst Control Center Graphics Light
"{506CEF40-A02C-D047-3F75-0FB34AFCCEE7}" = CCC Help Hungarian
"{52797A98-AB5F-2715-BAB9-256085988154}" = Catalyst Control Center Graphics Previews Vista
"{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}" = Microsoft SQL Server Native Client
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{581FE9BC-4A4F-85D9-7308-09DCD7817C29}" = ccc-core-static
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65A5CA1A-16CF-0FE2-2452-ED6D625AD58F}" = Skins
"{68CAE442-579C-4D84-AA5F-253852522ED5}" = PCTroubleshooting
"{6A1F72DD-2465-43A2-A137-8A849399B7A8}" = REALTEK Wireless LAN Software
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{70E893FF-56BB-8AF3-64E4-54A49F9F896E}" = Catalyst Control Center Graphics Full Existing
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7B63B2922B174135AFC0E1377DD81EC2}" = 
"{7FE0877D-B669-F5E1-1842-0E9676F03A7A}" = Catalyst Control Center Core Implementation
"{836A12E6-3418-593C-DC70-B7E7048C44F2}" = CCC Help Dutch
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8E106A57-A17E-431D-B48F-175E42EB9F74}" = imagine digital freedom - Samsung
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{94815A13-F1B8-1384-0F0A-A8E4CE6EA62B}" = CCC Help Thai
"{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A230C543-7D98-D7CF-91EF-280081A0DDD2}" = CCC Help Japanese
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}" = Samsung Update Plus
"{A6BEDC5B-ABF7-FADF-8D0F-0FF1FEF34C87}" = CCC Help Chinese Traditional
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A7581D39-EA20-4883-A480-80C21047052B}" = Easy Network Manager
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AA16A9E5-40E9-44F5-801E-6B3D3CFE79E5}" = BatteryLifeExtender
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AFB6EECF-0CA4-9C01-C48A-6F0E5BB0FE74}" = Catalyst Control Center Localization All
"{B00EE7D4-8D4C-CE86-D1DF-5B9D026C13F5}" = CCC Help Russian
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B6D8DC8C-F077-4631-A221-4D5E1D8E87E7}" = Catalyst Control Center - Branding
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BD9F153A-E812-B910-EA23-1BFEF07D3352}" = CCC Help Korean
"{BE12D93E-0C6E-7DDD-0838-667326C287A1}" = CCC Help German
"{C0E2DFB6-3D76-8BAD-62DF-47871AF6A5A4}" = CCC Help Polish
"{C19DBE5E-712E-4F02-8380-ECEDD951B374}" = Fujitsu Siemens
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C343B6AD-A23C-8138-35CE-883DE2DEAFE7}" = CCC Help Finnish
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C73F2967-062E-48F2-A462-D335B8950183}" = Safari
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2777D85-7E63-402F-A5E7-2AF436C1C9D4}" = Intel(R) PROSet/Wireless WiFi Software
"{DDF998C0-099C-5D46-9985-5730306330A9}" = CCC Help Spanish
"{DEB8C753-9CB6-1BD1-34BA-4ED9382755E9}" = ATI Catalyst Install Manager
"{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{ED97F2D3-7BCF-E0B4-E8C6-0F6BA058CA95}" = CCC Help Portuguese
"{EEFB5B34-DEF9-0BF4-89A9-AB62320AA44E}" = Catalyst Control Center Graphics Full New
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5115AA1-78F1-EBBC-4888-A10310FD4A6A}" = CCC Help Italian
"{F59A9E08-A6A4-4ACF-91F2-D0344956C30B}" = iTunes
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FD458F33-C5A9-3E69-425C-129F21B3ADF9}" = CCC Help Norwegian
"{FEC19789-7756-17C3-765B-C532E09322D7}" = Catalyst Control Center InstallProxy
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Empires" = Microsoft Age of Empires
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"C-Media CM106 Like Sound Driver" = Trust 5.1 Surround Headset
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"DotAlicious Gaming Client" = DotAlicious Gaming Client
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"Heroes of Might and Magic II" = Heroes of Might and Magic II
"hon" = Heroes of Newerth
"ICQToolbar" = ICQ Toolbar
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"InstallShield_{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}" = Samsung Update Plus
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"MSC" = McAfee SecurityCenter
"ProInst" = Intel PROSet Wireless
"StarCraft II" = StarCraft II
"Steam App 10" = Counter-Strike
"Steam App 240" = Counter-Strike: Source
"Steam App 30" = Day of Defeat
"Steam App 300" = Day of Defeat: Source
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TmNationsForever_is1" = TmNationsForever Update 2010-03-15
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.9
"Warcraft III" = Warcraft III
"WinRAR archiver" = WinRAR
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Warcraft III" = Warcraft III: All Products
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 14.05.2011 19:28:24 | Computer Name = Felix-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 15.05.2011 01:32:23 | Computer Name = Felix-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.05.2011 05:07:00 | Computer Name = Felix-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung plugin-container.exe, Version 2.0.1.4120, Zeitstempel
 0x4da6a99c, fehlerhaftes Modul Annots.api, Version 9.0.0.332, Zeitstempel 0x4850e57f,
 Ausnahmecode 0xc0000409, Fehleroffset 0x0000ff52,  Prozess-ID 0x17f0, Anwendungsstartzeit
 01cc12df7195210e.
 
Error - 16.05.2011 01:12:53 | Computer Name = Felix-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 16.05.2011 15:33:23 | Computer Name = Felix-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 17.05.2011 00:02:26 | Computer Name = Felix-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 17.05.2011 15:43:48 | Computer Name = Felix-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 17.05.2011 17:30:25 | Computer Name = Felix-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 18.05.2011 00:02:42 | Computer Name = Felix-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 18.05.2011 01:21:26 | Computer Name = Felix-PC | Source = EventSystem | ID = 4621
Description = 
 
[ System Events ]
Error - 22.05.2011 04:47:22 | Computer Name = Felix-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 22.05.2011 04:53:59 | Computer Name = Felix-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 22.05.2011 07:13:22 | Computer Name = Felix-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 22.05.2011 07:15:02 | Computer Name = Felix-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 22.05.2011 07:18:56 | Computer Name = Felix-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 22.05.2011 07:22:47 | Computer Name = Felix-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 22.05.2011 07:40:16 | Computer Name = Felix-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 22.05.2011 07:41:56 | Computer Name = Felix-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 22.05.2011 07:41:56 | Computer Name = Felix-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 22.05.2011 07:43:29 | Computer Name = Felix-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
 
< End of report >
--- --- ---


Nr. 2 OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 22.05.2011 13:55:32 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Felix\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 226,76 Gb Total Space | 131,96 Gb Free Space | 58,20% Space Free | Partition Type: NTFS
Drive D: | 226,00 Gb Total Space | 224,35 Gb Free Space | 99,27% Space Free | Partition Type: NTFS
Drive E: | 1,99 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: FELIX-PC | User Name: Felix | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Felix\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe ()
PRC - C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - C:\Program Files\Fujitsu Siemens\WinManager\WinManager.exe ()
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Windows\System32\Rezip.exe ()
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
PRC - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (McAfee, Inc.)
PRC - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
PRC - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
PRC - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - C:\PROGRA~1\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe (SAMSUNG Electronics co., LTD.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
PRC - C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Felix\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\McAfee\SiteAdvisor\saHook.dll ()
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (ICQ Service) -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Rezip) -- C:\Windows\System32\Rezip.exe ()
SRV - (yksvc) -- C:\Windows\System32\ykx32mpcoinst.dll (Marvell)
SRV - (McODS) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe (McAfee, Inc.)
SRV - (MpfService) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (McShield) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (McAfee, Inc.)
SRV - (McNASvc) -- c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
SRV - (McSysmon) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
SRV - (McProxy) -- c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (USBMULCD) -- C:\Windows\System32\drivers\CM106.sys (C-Media Electronics Inc)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (AVerAF15) -- C:\Windows\System32\drivers\AVerAF15.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (MPFP) -- C:\Windows\System32\drivers\Mpfp.sys (McAfee, Inc.)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (KMDFMEMIO) -- C:\Windows\System32\drivers\KMDFMEMIO.sys (SAMSUNG ELECTRONICS CO., LTD.)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.9
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.05.14 21:49:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.05.14 21:49:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011.05.22 10:31:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.30 08:01:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.14 21:49:17 | 000,000,000 | ---D | M]
 
[2009.09.27 14:30:07 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Felix\AppData\Roaming\mozilla\Extensions
[2011.04.04 22:03:39 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Felix\AppData\Roaming\mozilla\Firefox\Profiles\yfrsr6er.default\extensions
[2009.10.02 16:11:33 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Felix\AppData\Roaming\mozilla\Firefox\Profiles\yfrsr6er.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.25 19:01:51 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Users\Felix\AppData\Roaming\mozilla\Firefox\Profiles\yfrsr6er.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.04.04 22:03:39 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Felix\AppData\Roaming\mozilla\Firefox\Profiles\yfrsr6er.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.18 18:09:45 | 000,000,950 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin-1.xml
[2011.03.06 14:23:31 | 000,000,961 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin-2.xml
[2011.03.24 22:52:11 | 000,000,961 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin-3.xml
[2011.03.24 22:54:26 | 000,000,950 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin-4.xml
[2011.04.30 08:01:58 | 000,000,950 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin-5.xml
[2011.02.20 12:21:20 | 000,000,168 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin.gif
[2011.02.20 12:21:20 | 000,000,618 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin.src
[2010.12.10 18:27:31 | 000,001,069 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin.xml
[2009.12.26 14:27:06 | 000,003,915 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\sweetim.xml
[2011.03.24 22:54:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
File not found (No name found) -- 
() (No name found) -- C:\USERS\FELIX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YFRSR6ER.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
[2011.04.30 08:01:35 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files\McAfee\MSK\MskAPBho.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll ()
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Cm106Sound]  File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [TQ566808]  File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ICQ]  File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Felix\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Felix\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Felix\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.09.10 15:03:44 | 000,310,952 | R--- | M] (Samsung Computer) - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2006.12.08 11:35:26 | 000,000,045 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{7809f72d-8684-11df-9cb7-0024540c3527}\Shell - "" = AutoRun
O33 - MountPoints2\{7809f72d-8684-11df-9cb7-0024540c3527}\Shell\AutoRun\command - "" = F:\iStudio.exe
O33 - MountPoints2\{ceab42b2-9ea5-11de-8186-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ceab42b2-9ea5-11de-8186-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008.09.10 15:03:44 | 000,310,952 | R--- | M] (Samsung Computer)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.22 13:25:58 | 000,000,000 | -H-D | C] -- C:\Users\Felix\AppData\Roaming\Malwarebytes
[2011.05.22 13:25:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.22 13:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.22 13:25:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\Malwarebytes
[2011.05.22 13:25:45 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.05.22 13:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.05.22 11:11:48 | 000,000,000 | -H-D | C] -- C:\Users\Felix\AppData\Roaming\SUPERAntiSpyware.com
[2011.05.22 11:11:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011.05.22 11:11:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011.05.22 11:11:39 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011.05.22 10:29:45 | 000,000,000 | -H-D | C] -- C:\Samsung
[2011.05.22 10:27:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\NetsyncAgent
[2011.05.22 10:25:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011.05.22 10:19:46 | 000,034,216 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdk.sys
[2011.05.22 10:19:43 | 000,213,640 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys
[2011.05.22 10:19:43 | 000,079,304 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
[2011.05.22 10:19:43 | 000,040,552 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfesmfk.sys
[2011.05.22 10:19:43 | 000,035,272 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
[2011.05.22 10:19:32 | 000,130,424 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\Mpfp.sys
[2011.05.22 10:14:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2011.05.22 10:11:37 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2011.05.22 10:11:24 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2011.05.22 02:38:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\WindowsSearch
[2011.05.22 02:33:02 | 000,000,000 | -H-D | C] -- C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery
[2011.05.15 12:54:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2011.05.14 21:52:40 | 000,000,000 | -H-D | C] -- C:\Users\Felix\AppData\Local\DDMSettings
[2011.05.14 21:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011.05.14 21:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.05.14 10:02:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.05.14 10:01:24 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011.05.14 10:01:20 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011.05.14 09:59:36 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2006.11.24 08:14:44 | 000,139,264 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll
[2006.11.24 08:14:44 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.22 13:41:55 | 000,005,415 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2011.05.22 13:40:17 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.22 13:40:17 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.22 13:40:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.22 13:40:09 | 3184,115,712 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.22 13:39:18 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.05.22 13:15:16 | 000,000,144 | -H-- | M] () -- C:\ProgramData\~44687096r
[2011.05.22 13:15:16 | 000,000,120 | -H-- | M] () -- C:\ProgramData\~44687096
[2011.05.22 13:14:59 | 000,000,344 | -H-- | M] () -- C:\ProgramData\44687096
[2011.05.22 10:39:57 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2011.05.22 10:39:57 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
[2011.05.22 10:37:10 | 000,007,588 | ---- | M] () -- C:\Windows\HotFixList.ini
[2011.05.22 02:47:39 | 000,000,392 | -H-- | M] () -- C:\ProgramData\42983160
[2011.05.22 02:45:19 | 000,000,120 | -H-- | M] () -- C:\ProgramData\~42983160
[2011.05.22 02:33:02 | 000,000,595 | -H-- | M] () -- C:\Users\Felix\Desktop\Windows Vista Recovery.lnk
[2011.05.22 02:33:02 | 000,000,144 | -H-- | M] () -- C:\ProgramData\~42983160r
[2011.05.16 07:11:59 | 000,391,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.05.14 15:24:02 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.14 15:24:02 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.14 15:24:02 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.14 15:24:02 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.06 01:36:04 | 000,267,177 | -H-- | M] () -- C:\Users\Felix\Desktop\hayden_panettiere_56-wallpaper-1600x900.jpg
[2011.05.06 01:31:51 | 001,023,515 | -H-- | M] () -- C:\Users\Felix\Desktop\hayden-panettiere-sexy_1600x900_1877.jpg
[2011.04.22 22:31:15 | 000,078,848 | -H-- | M] () -- C:\Users\Felix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== Files Created - No Company Name ==========
 
[2011.05.22 13:15:16 | 000,000,144 | -H-- | C] () -- C:\ProgramData\~44687096r
[2011.05.22 13:15:16 | 000,000,120 | -H-- | C] () -- C:\ProgramData\~44687096
[2011.05.22 13:14:59 | 000,000,344 | -H-- | C] () -- C:\ProgramData\44687096
[2011.05.22 10:26:00 | 000,005,415 | ---- | C] () -- C:\Windows\System32\Config.MPF
[2011.05.22 10:15:03 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\McDefragTask.job
[2011.05.22 10:14:56 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\McQcTask.job
[2011.05.22 02:33:02 | 000,000,595 | -H-- | C] () -- C:\Users\Felix\Desktop\Windows Vista Recovery.lnk
[2011.05.22 02:33:02 | 000,000,144 | -H-- | C] () -- C:\ProgramData\~42983160r
[2011.05.22 02:33:02 | 000,000,120 | -H-- | C] () -- C:\ProgramData\~42983160
[2011.05.22 02:32:47 | 000,000,392 | -H-- | C] () -- C:\ProgramData\42983160
[2011.05.06 01:36:04 | 000,267,177 | -H-- | C] () -- C:\Users\Felix\Desktop\hayden_panettiere_56-wallpaper-1600x900.jpg
[2011.05.06 01:31:51 | 001,023,515 | -H-- | C] () -- C:\Users\Felix\Desktop\hayden-panettiere-sexy_1600x900_1877.jpg
[2011.01.08 23:39:47 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2011.01.08 11:39:56 | 000,143,360 | R--- | C] () -- C:\Windows\Vmix106.dll
[2011.01.08 11:39:45 | 000,000,270 | ---- | C] () -- C:\Windows\Cm106.ini.cfl
[2011.01.08 11:39:42 | 000,544,768 | R--- | C] () -- C:\Windows\System32\Cmeau106.exe
[2011.01.08 11:38:10 | 000,002,391 | R--- | C] () -- C:\Windows\Cm106.ini.cfg
[2011.01.08 11:38:10 | 000,000,951 | ---- | C] () -- C:\Windows\Cm106.ini.imi
[2011.01.07 19:19:53 | 000,299,008 | R--- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
[2010.12.19 20:19:24 | 000,283,648 | ---- | C] () -- C:\Windows\unin0407.exe
[2010.06.16 19:00:36 | 000,000,616 | ---- | C] () -- C:\Windows\eReg.dat
[2009.10.08 17:54:06 | 000,138,520 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.10.08 17:54:06 | 000,022,328 | -H-- | C] () -- C:\Users\Felix\AppData\Roaming\PnkBstrK.sys
[2009.10.08 17:53:49 | 000,233,960 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2009.10.08 17:53:48 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009.09.28 17:00:04 | 000,000,491 | ---- | C] () -- C:\Windows\System32\config.ini
[2009.09.28 01:15:25 | 000,078,848 | -H-- | C] () -- C:\Users\Felix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.09.27 15:02:01 | 000,055,317 | ---- | C] () -- C:\Windows\War3Unin.dat
[2009.07.11 09:54:36 | 000,311,296 | ---- | C] () -- C:\Windows\System32\Rezip.exe
[2009.04.17 20:04:47 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009.04.17 05:34:56 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.04.17 05:29:10 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe
[2009.04.17 04:51:23 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.04.17 04:51:23 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.04.17 04:22:32 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini
[2009.04.17 04:22:32 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini
[2009.04.17 04:17:24 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IhDEV.exe
[2009.04.17 04:17:24 | 000,024,576 | ---- | C] () -- C:\Windows\System32\IhINF.exe
[2009.04.17 04:17:09 | 000,007,588 | ---- | C] () -- C:\Windows\HotFixList.ini
[2009.04.17 02:50:13 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.04.17 02:50:13 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.04.17 02:50:13 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.04.17 02:50:13 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.04.17 02:33:51 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009.04.17 02:33:39 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.04.17 02:33:38 | 000,181,944 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.04.17 02:33:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009.04.17 02:33:38 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2009.04.07 12:43:00 | 000,000,350 | ---- | C] () -- C:\Windows\System32\AP6RMHV.BIN
[2009.04.07 12:43:00 | 000,000,308 | ---- | C] () -- C:\Windows\System32\AP6RMKV.BIN
[2009.04.07 12:43:00 | 000,000,252 | ---- | C] () -- C:\Windows\System32\AP6RMJXFSC.BIN
[2009.04.07 12:43:00 | 000,000,252 | ---- | C] () -- C:\Windows\System32\AP6RMJH.BIN
[2009.04.07 12:43:00 | 000,000,238 | ---- | C] () -- C:\Windows\System32\AP6RMFP.BIN
[2009.04.07 12:43:00 | 000,000,189 | ---- | C] () -- C:\Windows\System32\AP6RMKS.BIN
[2009.04.07 12:43:00 | 000,000,126 | ---- | C] () -- C:\Windows\System32\AP6RMHR.BIN
[2009.04.02 17:23:42 | 000,000,518 | R--- | C] () -- C:\Windows\cm106.ini
[2008.02.09 18:03:07 | 000,024,576 | ---- | C] () -- C:\Windows\System32\drivers\Marker.exe
[2007.02.26 09:49:12 | 006,139,774 | ---- | C] () -- C:\Windows\imagine digital freedom.dat
[2007.02.15 10:51:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\NDADLL.dll
[2006.11.29 11:00:30 | 000,045,056 | ---- | C] () -- C:\Windows\System32\MAWebControl.exe
[2006.11.29 11:00:28 | 000,307,200 | ---- | C] () -- C:\Windows\System32\LDBGenWizView.dll
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,391,432 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.10.09 04:01:28 | 000,061,440 | ---- | C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll
 
< End of report >
--- --- ---

 

Themen zu Trojaner, kritischer Fehler und kein Speichplatz
ad.yieldmanager, adfarm, adobe, advertising, anti-malware, appdata, bildschirm, black, call of duty, center, control, counter-strike source, dateien, detected, explorer, fehler, festplatte, flash player, folge, funktioniert, funktioniert nicht, install.exe, league of legends, microsoft, oldtimer, prefetch, recycle.bin, roaming, sched.exe, searchplugins, shell32.dll, shortcut, software, speicherplatz, start menu, superantispyware, sweetim, temp, tradedoubler, trojaner, windows


« Shift ist beim Start eingerastet , Taskmanager spinnt , Pc Lahmt | Nichts geht mehr - AntiVir Rescue System zeigt 1 Fund und 317 Warnungen an »


Ähnliche Themen: Trojaner, kritischer Fehler und kein Speichplatz


  1. Bluescreens (diverse), kritischer Fehler
    Plagegeister aller Art und deren Bekämpfung - 27.06.2014 (10)
  2. Windows 7 - Kritischer Fehler
    Alles rund um Windows - 25.04.2014 (1)
  3. Ein kritischer Fehler ist aufgetreten...
    Plagegeister aller Art und deren Bekämpfung - 19.03.2014 (17)
  4. Kritischer Fehler Kernel-Power
    Alles rund um Windows - 08.01.2014 (2)
  5. Windows 7 kritischer Fehler?
    Alles rund um Windows - 22.01.2013 (3)
  6. Zwangs-Neustarts: "Ein kritischer Fehler ist aufgetreten." Kein Scanner findet etwas. Zudem Spoofing
    Plagegeister aller Art und deren Bekämpfung - 26.08.2012 (17)
  7. Kritischer Fehler in ProFTPD
    Nachrichten - 10.11.2011 (0)
  8. Trojaner: system-plugin an der adresse ... Kritischer fehler
    Plagegeister aller Art und deren Bekämpfung - 24.06.2011 (27)
  9. Kritischer Fehler, Festplatte beschädigt - die 100.te
    Plagegeister aller Art und deren Bekämpfung - 30.05.2011 (15)
  10. Kritischer Fehler
    Plagegeister aller Art und deren Bekämpfung - 24.05.2011 (5)
  11. Trojaner, kritischer Fehler auf der Festplatte, Windows findet keinen Speicherplatz
    Plagegeister aller Art und deren Bekämpfung - 09.05.2011 (31)
  12. Maleware und kritischer fehler beschädigte festplatte
    Log-Analyse und Auswertung - 09.05.2011 (30)
  13. TR/Kasy.mekml.1 - Kritischer Fehler HDD
    Log-Analyse und Auswertung - 22.04.2011 (4)
  14. TR/Kazy.mekml.1 gefunden Kritischer fehler
    Log-Analyse und Auswertung - 21.04.2011 (25)
  15. Ein kritischer Fehler ist aufgetreten...
    Log-Analyse und Auswertung - 26.08.2010 (0)
  16. Windows: Kritischer Fehler - Trojaner im Spiel?
    Log-Analyse und Auswertung - 20.08.2010 (7)
  17. Malware, kritischer Fehler
    Plagegeister aller Art und deren Bekämpfung - 12.08.2010 (20)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Trojaner, kritischer Fehler und kein Speichplatz - Hallo, ich hab mir einen Trojaner eingefangen. Habe Malewarebytes und SUPERAntiSpyware durchlaufen lassen ( die ergebnisse unten). Jetzt hab ich noch folgenden Fehler: "Catalyst Control Center: Host application funktioniert nicht - Trojaner, kritischer Fehler und kein Speichplatz...
Archiv
Du betrachtest: Trojaner, kritischer Fehler und kein Speichplatz auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19