| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner, kritischer Fehler und kein SpeichplatzWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
22.05.2011, 13:25
| #1 |
 |  Trojaner, kritischer Fehler und kein Speichplatz Hallo, ich hab mir einen Trojaner eingefangen. Habe Malewarebytes und SUPERAntiSpyware durchlaufen lassen ( die ergebnisse unten). Jetzt hab ich noch folgenden Fehler: "Catalyst Control Center: Host application funktioniert nicht mehr." hab dazu das OTL durchlaufen lassen. Beide berichte sind unten. bis jetzt bin ich nach den schon bestehenden Thema: "Trojaner, kritischer Fehler auf der Festplatte, Windows findet keinen Speicherplatz " geganen. Aber nun komm ich nicht weiter. Hab noch einen weisen Bildschirm ohne icons. Wäre super, wenn mir jemand helfen kann. Vielen Dank schon mal Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6639 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 22.05.2011 13:38:45 mbam-log-2011-05-22 (13-38-44).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 149955 Laufzeit: 9 Minute(n), 1 Sekunde(n) Infizierte Speicherprozesse: 2 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 2 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 1 Infizierte Dateien: 3 Infizierte Speicherprozesse: c:\programdata\wvlmhxgdqr.exe (Trojan.FakeMS.Gen) -> 2184 -> Unloaded process successfully. c:\programdata\44687096.exe (Rogue.WindowsRecoveryConsole) -> 4508 -> Unloaded process successfully. Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wvLmHXgdqR (Trojan.FakeMS.Gen) -> Value: wvLmHXgdqR -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\4E3E0230AEBB4E96 (Trojan.SpyEyes) -> Value: 4E3E0230AEBB4E96 -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: c:\Recycle.Bin (Trojan.Spyeyes) -> Quarantined and deleted successfully. Infizierte Dateien: c:\programdata\wvlmhxgdqr.exe (Trojan.FakeMS.Gen) -> Quarantined and deleted successfully. c:\programdata\44687096.exe (Rogue.WindowsRecoveryConsole) -> Quarantined and deleted successfully. c:\Recycle.Bin\config.bin (Trojan.Spyeyes) -> Quarantined and deleted successfully. AntiSpy SUPERAntiSpyware Scan Log hxxp://www.superantispyware.com Generated 05/22/2011 at 01:10 PM Application Version : 4.52.1000 Core Rules Database Version : 7110 Trace Rules Database Version: 4922 Scan type : Complete Scan Total Scan Time : 01:55:34 Memory items scanned : 728 Memory threats detected : 1 Registry items scanned : 7593 Registry threats detected : 0 File items scanned : 180447 File threats detected : 65 Adware.Vundo/Variant-MSFake C:\PROGRAMDATA\42983160.EXE C:\PROGRAMDATA\42983160.EXE C:\Windows\Prefetch\42983160.EXE-7ABE5ADA.pf Adware.Tracking Cookie C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@hlstatsx[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@bs.serving-sys[1].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@ad.yieldmanager[1].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@webmasterplan[1].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@content.yieldmanager[3].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@mediaplex[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@sevenoneintermedia.112.2o7[1].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@tradedoubler[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@fastclick[1].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@doubleclick[1].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@tracking.mindshare[1].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@at.atwola[1].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@bluestreak[1].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@ad.adc-serv[1].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@adserver.traffictrack[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@adfarm1.adition[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@ad.zanox[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@ad.adnet[1].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@zanox[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@serving-sys[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@imrworldwide[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@www.zanox-affiliate[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@tacoda[1].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@ad2.adfarm1.adition[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@ads.creative-serving[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@tracking.quisma[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@advertising[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@zbox.zanox[1].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@unitymedia[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@tracking.hannoversche[1].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@apmebf[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@atdmt[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@atwola[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@zanox-affiliate[2].txt aka-cdn-ns.adtech.de [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] bc.youporn.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] cdn1.image.freeporn.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] cdn1.pics.mofosex.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] cdn1.static1.pornrabbit.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] cdn5.specificclick.net [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] counter.cam-content.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] games.adultswim.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] ia.media-imdb.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] imagesrv.adition.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] imgs.adverticum.net [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] media.mtvnservices.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] media.scanscout.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] media01.gameloft.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] media1.break.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] s0.2mdn.net [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] secure-uk.imrworldwide.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] secure-us.imrworldwide.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] serving-sys.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] static.sunporno.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] www.adserv3.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] www.adservercentral.info [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] www.alphaporno.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] www.naiadsystems.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] www.pornerbros.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] www.pornhub.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] www.pornme.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] www.secmedia.de [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] Trojan.Agent/Gen-FakeAntiSpy C:\USERS\FELIX\APPDATA\LOCAL\TEMP\ADOBE_FLASH_PLAYER.EXE Hier noch die OTL berichte:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 22.05.2011 13:55:32 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Felix\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 226,76 Gb Total Space | 131,96 Gb Free Space | 58,20% Space Free | Partition Type: NTFS
Drive D: | 226,00 Gb Total Space | 224,35 Gb Free Space | 99,27% Space Free | Partition Type: NTFS
Drive E: | 1,99 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: FELIX-PC | User Name: Felix | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01ECC3CC-DAD8-4715-A69F-301E51E2140E}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{0C948884-6C4E-4D70-A740-B08EC86422FA}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1EEBE49B-82BD-47F5-AF0C-3E5DD690FABA}" = lport=138 | protocol=17 | dir=in | app=system |
"{278C37A3-B383-46E6-B46F-920B274612FD}" = lport=137 | protocol=17 | dir=in | app=system |
"{48BE4F19-5DBB-42F7-9840-13AE6E011701}" = lport=445 | protocol=6 | dir=in | app=system |
"{49957279-DB68-4D19-9686-252C0752458C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5C57BC1C-44C9-4906-9A07-B091DC207E3E}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{681698B5-7A1A-4B56-8714-F721FC4A61E6}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6CB2137F-2AFB-4646-9DE7-9C5CC66DB423}" = rport=138 | protocol=17 | dir=out | app=system |
"{7E3165F2-F54F-407F-B4FF-4E5320994964}" = lport=6884 | protocol=17 | dir=in | name=league of legends launcher |
"{8422F98D-3253-4FE7-A8CA-4E32C9D4B7E5}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{8E4F7B1D-F46E-43F7-9521-8CA30B418D17}" = lport=6884 | protocol=6 | dir=in | name=league of legends launcher |
"{A65D2D46-45E6-4AB5-9746-E96694661324}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AAB0BD41-4208-483B-9BA6-754582D4FB91}" = rport=445 | protocol=6 | dir=out | app=system |
"{B4D7B22F-EDB2-4E91-BD98-304AC3BBDC41}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C3256DEA-6299-4007-BA4D-4D04E1B1D022}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{CA875650-A696-448E-A305-58C3D7B580B5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DC1F5D32-553D-487E-846E-0A7185272224}" = lport=139 | protocol=6 | dir=in | app=system |
"{E375AD22-E6E6-4C96-A4F3-59486F569777}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E38D8D5D-CF3D-40F1-A312-2E53E34D11E5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E87A9828-6F7A-4C15-A8B5-68CD99375094}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{F069C67B-5717-4496-BD8F-7A87A6879BF5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F21B14AE-8888-45B6-9216-5BE43EA86D6F}" = rport=137 | protocol=17 | dir=out | app=system |
"{F5247E09-A578-48CA-AE46-6A6E9DBFAE89}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A8F0797-8BC6-465A-B01F-826825B31A76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0C4658C9-EE8C-4E9C-BDBA-6D2C30A9A2B2}" = protocol=6 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{0FF32670-383F-4D96-AF20-5227B96C3E20}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{14321BE8-B11E-4C26-A3F1-249F665561F6}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{1849697E-5D2D-46A3-A750-EADDDA1B82AF}" = protocol=6 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{19AF2F96-280E-4AAA-9DA7-69A7C3105DE4}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sk1pp\counter-strike\hl.exe |
"{281913ED-E8C0-43D0-8E1D-4734C2EE4218}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{2CBABE00-DEC9-4F63-8284-A9CF3E2DC2D2}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{3418AD1E-99B4-4EA3-9831-83972942181E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{34870E45-0DE4-45B3-B1E7-A7F5C073C69A}" = protocol=17 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{3A7A118C-84CE-4138-A1B5-AC99CAA1A30A}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{3FB18742-9378-4A01-9B4D-1AE0598ACCDD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4AF369D2-8901-420C-B2FF-EA512F16C64C}" = protocol=17 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{5977618C-C8E8-40DE-8D66-D6CFB1188E65}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sk1pp\day of defeat\hl.exe |
"{5B37CD0A-B6D9-4ABB-9853-F846E0578218}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{5CDB2DB7-24F8-4D5A-BAC9-843B7D4BCF6E}" = protocol=6 | dir=in | app=d:\program files\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe |
"{5DEA3FB2-9709-478F-B391-65081E023774}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{5F148107-E89C-4DFC-8618-2B2D95E258A5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{63E9EEE8-1669-4E38-953D-DA653D20C255}" = protocol=6 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{75365E49-E805-4DFD-BA23-D68F791FD878}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{75628CF9-E4A1-47EF-B653-DC2C3A500743}" = protocol=17 | dir=in | app=d:\program files\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe |
"{83BC42C8-5526-4D25-8A67-D5D7A99800F8}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{8458D086-CA40-4CA3-924D-BD77A842924E}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{87DABAAD-0CFA-48DD-AB0D-F34E56CB1A40}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8B8F8A1C-CFB1-4EB0-A07F-7B66C760F5F0}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{8F52C181-0F0D-4D3F-B316-4D6F2AB4BC88}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sk1pp\day of defeat\hl.exe |
"{90E77AC6-26DE-48F9-9D1F-F3AE801FE747}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{91026C5B-54B7-4363-B58B-A1B7E770FC9C}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{917F707B-07B5-42C3-9737-E0006E791811}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sk1pp\counter-strike\hl.exe |
"{93172624-22C6-453A-BA09-D68C19C36820}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{94B88145-A79F-4AA6-938D-259AB1E31D25}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{9B859E58-1350-43CB-82E5-0B740ED70712}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{9C8D570B-C959-4811-BC6C-499F13B912ED}" = protocol=17 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{9D56EF44-2BF5-43A2-8AAD-EEDB3D73DC61}" = protocol=17 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{9D6AFDAF-0A58-4DA4-83CF-61A65F068608}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{A0C5A5F8-644A-4A31-B048-700C33828B47}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{A7F7CEBA-347D-4DCA-A4DE-A2B6918AE912}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sk1pp\counter-strike source\hl2.exe |
"{B60B460C-2794-4F47-A22D-C9F0C87CAF61}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sk1pp\counter-strike source\hl2.exe |
"{BDE98FFA-A59E-42A1-90AE-A5201F94E741}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{C243C223-C33B-42B3-84BA-77792BEC4362}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{C291508C-F7BD-498B-834D-6F6FCD15C4E2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C9E537EF-741E-4433-8619-7BEEA87DDC46}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CA2A9253-05A7-4A06-B9AC-5FFA2D39777E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D06082C7-2A29-4AFD-BBF5-32236E24C4D7}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{D9B74269-304A-476A-ABA4-C82DDB7C08CB}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{E60BB175-8E31-4261-8E78-0F8EF2157FDF}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{E92681A1-AFD1-48B3-95A9-24A0C0312C96}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{F0447D04-44BF-46D1-9F8D-D065AE7DB4D9}" = protocol=6 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{F0C4A210-A823-4F26-90A2-89B69BC31E01}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{FDCFAA91-290D-4851-95F6-C30A89787106}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"TCP Query User{029E4E02-42E9-4BE5-A32A-BEA8C1CFD8FA}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{0E94D920-F0DD-40B1-8706-A4A23A02D134}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe |
"TCP Query User{26B8B1DF-7B96-43D3-BB08-78B7D32C50D1}C:\program files\dotalicious gaming client\client.exe" = protocol=6 | dir=in | app=c:\program files\dotalicious gaming client\client.exe |
"TCP Query User{463EEA66-3832-47CB-AB4B-08388E6DD456}D:\program files\ea games\command and conquer generals\game.dat" = protocol=6 | dir=in | app=d:\program files\ea games\command and conquer generals\game.dat |
"TCP Query User{5EC773B7-3EBC-4475-BCD9-E55C8518BB41}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{7AB47933-9FD7-444D-84A6-07BA041425DF}C:\program files\ccp\eve\bin\exefile.exe" = protocol=6 | dir=in | app=c:\program files\ccp\eve\bin\exefile.exe |
"TCP Query User{7D42EE8C-0E53-4955-9BE0-5E7A17B797C7}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{7D92914D-BECD-4F9A-8E42-3D77C3592026}C:\program files\microsoft games\age of empires\empires.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires\empires.exe |
"TCP Query User{8B5292B7-5969-4128-90BB-C835ED1ABBDB}C:\users\felix\desktop\wc3\war3.exe" = protocol=6 | dir=in | app=c:\users\felix\desktop\wc3\war3.exe |
"TCP Query User{8C5928F5-37CF-4C56-9FDD-506EB1453B85}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{AB64028D-A969-4228-A1A2-15E6D144B5B1}C:\program files\dotalicious gaming client\client.exe" = protocol=6 | dir=in | app=c:\program files\dotalicious gaming client\client.exe |
"TCP Query User{B084174D-847E-4847-A86D-A3CAFEBC7560}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{B8ACE9E3-B98B-45EA-91E0-C72F94EBD0C6}C:\microprose\the test of time\civ2.exe" = protocol=6 | dir=in | app=c:\microprose\the test of time\civ2.exe |
"TCP Query User{BA3A0EA6-6C5A-48AF-876B-B95E7F9A6244}C:\program files\steam\steamapps\sk1pp\day of defeat source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sk1pp\day of defeat source\hl2.exe |
"TCP Query User{D1A74864-86AB-4AED-B173-F8E1150F04D5}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{D629BF65-9E95-4E12-9727-7F06E26FE293}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{E810F3A4-AA9E-48AC-857C-41F9BF4AAF07}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe |
"TCP Query User{F15174DA-7F1B-4752-BF19-3BA061B2F081}C:\program files\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{F577A9DE-E4F7-498F-817D-D259F5072420}C:\program files\starcraft ii\versions\base17326\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base17326\sc2.exe |
"TCP Query User{F6C05A35-F1B8-4962-A274-14788ABAC7FA}C:\users\felix\downloads\teamspeak3-server_win32-3.0.0-beta12\teamspeak3-server_win32\ts3server_win32.exe" = protocol=6 | dir=in | app=c:\users\felix\downloads\teamspeak3-server_win32-3.0.0-beta12\teamspeak3-server_win32\ts3server_win32.exe |
"TCP Query User{FCC0CE24-0669-4F63-A5E3-0D49E130CF16}C:\program files\heroes of newerth\hon.exe" = protocol=6 | dir=in | app=c:\program files\heroes of newerth\hon.exe |
"UDP Query User{0842C692-75DB-44D0-BB3F-F53AEEDE8F43}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe |
"UDP Query User{16664676-A56D-4944-ABE2-6221489B6D3C}D:\program files\ea games\command and conquer generals\game.dat" = protocol=17 | dir=in | app=d:\program files\ea games\command and conquer generals\game.dat |
"UDP Query User{2DF3325F-35CF-4849-88B8-E8860E4068CB}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{3F782A09-265C-4E9C-86B2-407D0792AC12}C:\microprose\the test of time\civ2.exe" = protocol=17 | dir=in | app=c:\microprose\the test of time\civ2.exe |
"UDP Query User{4969A184-E906-4043-B561-0E8D074EEA1E}C:\program files\steam\steamapps\sk1pp\day of defeat source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sk1pp\day of defeat source\hl2.exe |
"UDP Query User{4E432948-097A-4579-AED1-F6F3F0CA2F06}C:\program files\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{6405D92D-C844-428F-8C91-27E1DA4DE932}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{6B73B375-AFA2-45C1-9833-4A2285D8A290}C:\users\felix\downloads\teamspeak3-server_win32-3.0.0-beta12\teamspeak3-server_win32\ts3server_win32.exe" = protocol=17 | dir=in | app=c:\users\felix\downloads\teamspeak3-server_win32-3.0.0-beta12\teamspeak3-server_win32\ts3server_win32.exe |
"UDP Query User{73C564F1-0F1B-49D4-BA8E-A9A5F88BCEDB}C:\program files\dotalicious gaming client\client.exe" = protocol=17 | dir=in | app=c:\program files\dotalicious gaming client\client.exe |
"UDP Query User{7E9A1396-E982-40AF-889A-541ACDF22BEF}C:\program files\ccp\eve\bin\exefile.exe" = protocol=17 | dir=in | app=c:\program files\ccp\eve\bin\exefile.exe |
"UDP Query User{8BB0BADE-D7DE-424B-AA5C-1C851B6007A8}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{90F1321D-E80B-47A4-9ACC-1F7A01623077}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe |
"UDP Query User{9AA21F8C-EA6A-4E38-8A7E-65BDD4EC3DC8}C:\program files\microsoft games\age of empires\empires.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires\empires.exe |
"UDP Query User{A2525C2D-08D4-4C4A-83A3-5E424F52B0BF}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{C18759B6-B7D3-42FA-B3E5-6C165FEEDF1A}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{D195CB37-C224-46CB-BCD4-CA0756776AAC}C:\program files\starcraft ii\versions\base17326\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base17326\sc2.exe |
"UDP Query User{D26D0058-0B15-435F-82F1-0ADA4CF69947}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{D7FE8867-3745-4D70-94F7-3B1ADE2D883D}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{DA746F47-FA43-4EDB-9297-AE4653C49A4B}C:\program files\dotalicious gaming client\client.exe" = protocol=17 | dir=in | app=c:\program files\dotalicious gaming client\client.exe |
"UDP Query User{EDD54FF5-C2DE-4B1A-9CA7-9E32DE0CEC5B}C:\users\felix\desktop\wc3\war3.exe" = protocol=17 | dir=in | app=c:\users\felix\desktop\wc3\war3.exe |
"UDP Query User{FEC58041-9A2C-4B42-82D7-E2A1E0E7DB7B}C:\program files\heroes of newerth\hon.exe" = protocol=17 | dir=in | app=c:\program files\heroes of newerth\hon.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{027CC103-7CBD-3091-BD05-61C3B39C5F41}" = CCC Help French
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05C866EC-C6E6-B63B-5E93-310048EA28F4}" = ccc-utility
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{077A7810-A937-4465-AD08-ACED9807995F}" = ANNO 1602 Königs-Edition
"{13C3016D-EDE0-A37F-1F01-DAFB618DA715}" = CCC Help Greek
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
"{16119AAC-9FE5-8BDC-6DEF-F52576AF1649}" = CCC Help Czech
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{20226F96-074F-CA03-3FDB-48EA38F99A34}" = CCC Help English
"{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}" = Microsoft SQL Server VSS Writer
"{2F0B0B99-2AF4-0A85-4E37-F45C48CC0B21}" = CCC Help Swedish
"{312E49B1-3621-C991-7A6F-E3B30CCA9E6B}" = CCC Help Turkish
"{31B1789F-00B9-D898-1578-CE4CD0EF205B}" = CCC Help Chinese Standard
"{31CF6C0E-51F0-41D2-B088-A6A143C4303C}" = SweetIM Toolbar for Internet Explorer 3.6
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{3B240B92-3596-9F6F-2D1D-2E031D50F5DC}" = CCC Help Danish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{47F081A8-64F6-C280-A694-5637817B8904}" = Catalyst Control Center Graphics Light
"{506CEF40-A02C-D047-3F75-0FB34AFCCEE7}" = CCC Help Hungarian
"{52797A98-AB5F-2715-BAB9-256085988154}" = Catalyst Control Center Graphics Previews Vista
"{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}" = Microsoft SQL Server Native Client
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{581FE9BC-4A4F-85D9-7308-09DCD7817C29}" = ccc-core-static
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65A5CA1A-16CF-0FE2-2452-ED6D625AD58F}" = Skins
"{68CAE442-579C-4D84-AA5F-253852522ED5}" = PCTroubleshooting
"{6A1F72DD-2465-43A2-A137-8A849399B7A8}" = REALTEK Wireless LAN Software
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{70E893FF-56BB-8AF3-64E4-54A49F9F896E}" = Catalyst Control Center Graphics Full Existing
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7FE0877D-B669-F5E1-1842-0E9676F03A7A}" = Catalyst Control Center Core Implementation
"{836A12E6-3418-593C-DC70-B7E7048C44F2}" = CCC Help Dutch
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8E106A57-A17E-431D-B48F-175E42EB9F74}" = imagine digital freedom - Samsung
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{94815A13-F1B8-1384-0F0A-A8E4CE6EA62B}" = CCC Help Thai
"{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A230C543-7D98-D7CF-91EF-280081A0DDD2}" = CCC Help Japanese
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}" = Samsung Update Plus
"{A6BEDC5B-ABF7-FADF-8D0F-0FF1FEF34C87}" = CCC Help Chinese Traditional
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A7581D39-EA20-4883-A480-80C21047052B}" = Easy Network Manager
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AA16A9E5-40E9-44F5-801E-6B3D3CFE79E5}" = BatteryLifeExtender
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AFB6EECF-0CA4-9C01-C48A-6F0E5BB0FE74}" = Catalyst Control Center Localization All
"{B00EE7D4-8D4C-CE86-D1DF-5B9D026C13F5}" = CCC Help Russian
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B6D8DC8C-F077-4631-A221-4D5E1D8E87E7}" = Catalyst Control Center - Branding
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BD9F153A-E812-B910-EA23-1BFEF07D3352}" = CCC Help Korean
"{BE12D93E-0C6E-7DDD-0838-667326C287A1}" = CCC Help German
"{C0E2DFB6-3D76-8BAD-62DF-47871AF6A5A4}" = CCC Help Polish
"{C19DBE5E-712E-4F02-8380-ECEDD951B374}" = Fujitsu Siemens
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C343B6AD-A23C-8138-35CE-883DE2DEAFE7}" = CCC Help Finnish
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C73F2967-062E-48F2-A462-D335B8950183}" = Safari
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2777D85-7E63-402F-A5E7-2AF436C1C9D4}" = Intel(R) PROSet/Wireless WiFi Software
"{DDF998C0-099C-5D46-9985-5730306330A9}" = CCC Help Spanish
"{DEB8C753-9CB6-1BD1-34BA-4ED9382755E9}" = ATI Catalyst Install Manager
"{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{ED97F2D3-7BCF-E0B4-E8C6-0F6BA058CA95}" = CCC Help Portuguese
"{EEFB5B34-DEF9-0BF4-89A9-AB62320AA44E}" = Catalyst Control Center Graphics Full New
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5115AA1-78F1-EBBC-4888-A10310FD4A6A}" = CCC Help Italian
"{F59A9E08-A6A4-4ACF-91F2-D0344956C30B}" = iTunes
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FD458F33-C5A9-3E69-425C-129F21B3ADF9}" = CCC Help Norwegian
"{FEC19789-7756-17C3-765B-C532E09322D7}" = Catalyst Control Center InstallProxy
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Empires" = Microsoft Age of Empires
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"C-Media CM106 Like Sound Driver" = Trust 5.1 Surround Headset
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"DotAlicious Gaming Client" = DotAlicious Gaming Client
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"Heroes of Might and Magic II" = Heroes of Might and Magic II
"hon" = Heroes of Newerth
"ICQToolbar" = ICQ Toolbar
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"InstallShield_{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}" = Samsung Update Plus
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"MSC" = McAfee SecurityCenter
"ProInst" = Intel PROSet Wireless
"StarCraft II" = StarCraft II
"Steam App 10" = Counter-Strike
"Steam App 240" = Counter-Strike: Source
"Steam App 30" = Day of Defeat
"Steam App 300" = Day of Defeat: Source
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TmNationsForever_is1" = TmNationsForever Update 2010-03-15
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.9
"Warcraft III" = Warcraft III
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 14.05.2011 19:28:24 | Computer Name = Felix-PC | Source = EventSystem | ID = 4621
Description =
Error - 15.05.2011 01:32:23 | Computer Name = Felix-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.05.2011 05:07:00 | Computer Name = Felix-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung plugin-container.exe, Version 2.0.1.4120, Zeitstempel
0x4da6a99c, fehlerhaftes Modul Annots.api, Version 9.0.0.332, Zeitstempel 0x4850e57f,
Ausnahmecode 0xc0000409, Fehleroffset 0x0000ff52, Prozess-ID 0x17f0, Anwendungsstartzeit
01cc12df7195210e.
Error - 16.05.2011 01:12:53 | Computer Name = Felix-PC | Source = WinMgmt | ID = 10
Description =
Error - 16.05.2011 15:33:23 | Computer Name = Felix-PC | Source = WinMgmt | ID = 10
Description =
Error - 17.05.2011 00:02:26 | Computer Name = Felix-PC | Source = WinMgmt | ID = 10
Description =
Error - 17.05.2011 15:43:48 | Computer Name = Felix-PC | Source = WinMgmt | ID = 10
Description =
Error - 17.05.2011 17:30:25 | Computer Name = Felix-PC | Source = EventSystem | ID = 4621
Description =
Error - 18.05.2011 00:02:42 | Computer Name = Felix-PC | Source = WinMgmt | ID = 10
Description =
Error - 18.05.2011 01:21:26 | Computer Name = Felix-PC | Source = EventSystem | ID = 4621
Description =
[ System Events ]
Error - 22.05.2011 04:47:22 | Computer Name = Felix-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 22.05.2011 04:53:59 | Computer Name = Felix-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 22.05.2011 07:13:22 | Computer Name = Felix-PC | Source = HTTP | ID = 15016
Description =
Error - 22.05.2011 07:15:02 | Computer Name = Felix-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 22.05.2011 07:18:56 | Computer Name = Felix-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 22.05.2011 07:22:47 | Computer Name = Felix-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 22.05.2011 07:40:16 | Computer Name = Felix-PC | Source = HTTP | ID = 15016
Description =
Error - 22.05.2011 07:41:56 | Computer Name = Felix-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 22.05.2011 07:41:56 | Computer Name = Felix-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 22.05.2011 07:43:29 | Computer Name = Felix-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
< End of report >
Nr. 2 OTL Logfile: Code:
ATTFilter OTL logfile created on: 22.05.2011 13:55:32 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Felix\Downloads Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 226,76 Gb Total Space | 131,96 Gb Free Space | 58,20% Space Free | Partition Type: NTFS Drive D: | 226,00 Gb Total Space | 224,35 Gb Free Space | 99,27% Space Free | Partition Type: NTFS Drive E: | 1,99 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: FELIX-PC | User Name: Felix | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Felix\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe () PRC - C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) PRC - C:\Program Files\Fujitsu Siemens\WinManager\WinManager.exe () PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.) PRC - C:\Windows\System32\Rezip.exe () PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.) PRC - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (McAfee, Inc.) PRC - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.) PRC - C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.) PRC - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.) PRC - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.) PRC - C:\PROGRA~1\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) PRC - C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe (SAMSUNG Electronics co., LTD.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe () PRC - C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe (Samsung Electronics Co., Ltd.) PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) ========== Modules (SafeList) ========== MOD - C:\Users\Felix\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Program Files\McAfee\SiteAdvisor\saHook.dll () MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (ICQ Service) -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe () SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (Rezip) -- C:\Windows\System32\Rezip.exe () SRV - (yksvc) -- C:\Windows\System32\ykx32mpcoinst.dll (Marvell) SRV - (McODS) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe (McAfee, Inc.) SRV - (MpfService) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.) SRV - (McShield) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (McAfee, Inc.) SRV - (McNASvc) -- c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.) SRV - (McSysmon) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.) SRV - (MSK80Service) -- C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.) SRV - (McProxy) -- c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.) SRV - (mcmscsvc) -- C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.) SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe () SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (USBMULCD) -- C:\Windows\System32\drivers\CM106.sys (C-Media Electronics Inc) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (AVerAF15) -- C:\Windows\System32\drivers\AVerAF15.sys (AVerMedia TECHNOLOGIES, Inc.) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.) DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.) DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.) DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.) DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.) DRV - (MPFP) -- C:\Windows\System32\drivers\Mpfp.sys (McAfee, Inc.) DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation) DRV - (KMDFMEMIO) -- C:\Windows\System32\drivers\KMDFMEMIO.sys (SAMSUNG ELECTRONICS CO., LTD.) DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7 FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.9 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties" FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.05.14 21:49:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.05.14 21:49:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011.05.22 10:31:00 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.30 08:01:38 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.14 21:49:17 | 000,000,000 | ---D | M] [2009.09.27 14:30:07 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Felix\AppData\Roaming\mozilla\Extensions [2011.04.04 22:03:39 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Felix\AppData\Roaming\mozilla\Firefox\Profiles\yfrsr6er.default\extensions [2009.10.02 16:11:33 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Felix\AppData\Roaming\mozilla\Firefox\Profiles\yfrsr6er.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.03.25 19:01:51 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Users\Felix\AppData\Roaming\mozilla\Firefox\Profiles\yfrsr6er.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.04.04 22:03:39 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Felix\AppData\Roaming\mozilla\Firefox\Profiles\yfrsr6er.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.05.18 18:09:45 | 000,000,950 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin-1.xml [2011.03.06 14:23:31 | 000,000,961 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin-2.xml [2011.03.24 22:52:11 | 000,000,961 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin-3.xml [2011.03.24 22:54:26 | 000,000,950 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin-4.xml [2011.04.30 08:01:58 | 000,000,950 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin-5.xml [2011.02.20 12:21:20 | 000,000,168 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin.gif [2011.02.20 12:21:20 | 000,000,618 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin.src [2010.12.10 18:27:31 | 000,001,069 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin.xml [2009.12.26 14:27:06 | 000,003,915 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\sweetim.xml [2011.03.24 22:54:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions File not found (No name found) -- () (No name found) -- C:\USERS\FELIX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YFRSR6ER.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI [2011.04.30 08:01:35 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files\McAfee\MSK\MskAPBho.dll () O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll () O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll () O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Cm106Sound] File not found O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [TQ566808] File not found O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [ICQ] File not found O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Felix\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll () O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Felix\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Felix\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008.09.10 15:03:44 | 000,310,952 | R--- | M] (Samsung Computer) - E:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2006.12.08 11:35:26 | 000,000,045 | R--- | M] () - E:\Autorun.inf -- [ CDFS ] O33 - MountPoints2\{7809f72d-8684-11df-9cb7-0024540c3527}\Shell - "" = AutoRun O33 - MountPoints2\{7809f72d-8684-11df-9cb7-0024540c3527}\Shell\AutoRun\command - "" = F:\iStudio.exe O33 - MountPoints2\{ceab42b2-9ea5-11de-8186-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{ceab42b2-9ea5-11de-8186-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008.09.10 15:03:44 | 000,310,952 | R--- | M] (Samsung Computer) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.05.22 13:25:58 | 000,000,000 | -H-D | C] -- C:\Users\Felix\AppData\Roaming\Malwarebytes [2011.05.22 13:25:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.05.22 13:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.05.22 13:25:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\Malwarebytes [2011.05.22 13:25:45 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.05.22 13:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011.05.22 11:11:48 | 000,000,000 | -H-D | C] -- C:\Users\Felix\AppData\Roaming\SUPERAntiSpyware.com [2011.05.22 11:11:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2011.05.22 11:11:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2011.05.22 11:11:39 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2011.05.22 10:29:45 | 000,000,000 | -H-D | C] -- C:\Samsung [2011.05.22 10:27:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\NetsyncAgent [2011.05.22 10:25:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2011.05.22 10:19:46 | 000,034,216 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdk.sys [2011.05.22 10:19:43 | 000,213,640 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys [2011.05.22 10:19:43 | 000,079,304 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys [2011.05.22 10:19:43 | 000,040,552 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfesmfk.sys [2011.05.22 10:19:43 | 000,035,272 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys [2011.05.22 10:19:32 | 000,130,424 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\Mpfp.sys [2011.05.22 10:14:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee [2011.05.22 10:11:37 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com [2011.05.22 10:11:24 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee [2011.05.22 02:38:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\WindowsSearch [2011.05.22 02:33:02 | 000,000,000 | -H-D | C] -- C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery [2011.05.15 12:54:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games [2011.05.14 21:52:40 | 000,000,000 | -H-D | C] -- C:\Users\Felix\AppData\Local\DDMSettings [2011.05.14 21:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2011.05.14 21:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011.05.14 10:02:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.05.14 10:01:24 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011.05.14 10:01:20 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011.05.14 09:59:36 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2006.11.24 08:14:44 | 000,139,264 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll [2006.11.24 08:14:44 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK.dll ========== Files - Modified Within 30 Days ========== [2011.05.22 13:41:55 | 000,005,415 | ---- | M] () -- C:\Windows\System32\Config.MPF [2011.05.22 13:40:17 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.05.22 13:40:17 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.05.22 13:40:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.05.22 13:40:09 | 3184,115,712 | -HS- | M] () -- C:\hiberfil.sys [2011.05.22 13:39:18 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011.05.22 13:15:16 | 000,000,144 | -H-- | M] () -- C:\ProgramData\~44687096r [2011.05.22 13:15:16 | 000,000,120 | -H-- | M] () -- C:\ProgramData\~44687096 [2011.05.22 13:14:59 | 000,000,344 | -H-- | M] () -- C:\ProgramData\44687096 [2011.05.22 10:39:57 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job [2011.05.22 10:39:57 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\McQcTask.job [2011.05.22 10:37:10 | 000,007,588 | ---- | M] () -- C:\Windows\HotFixList.ini [2011.05.22 02:47:39 | 000,000,392 | -H-- | M] () -- C:\ProgramData\42983160 [2011.05.22 02:45:19 | 000,000,120 | -H-- | M] () -- C:\ProgramData\~42983160 [2011.05.22 02:33:02 | 000,000,595 | -H-- | M] () -- C:\Users\Felix\Desktop\Windows Vista Recovery.lnk [2011.05.22 02:33:02 | 000,000,144 | -H-- | M] () -- C:\ProgramData\~42983160r [2011.05.16 07:11:59 | 000,391,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.05.14 15:24:02 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.05.14 15:24:02 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.05.14 15:24:02 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.05.14 15:24:02 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.05.06 01:36:04 | 000,267,177 | -H-- | M] () -- C:\Users\Felix\Desktop\hayden_panettiere_56-wallpaper-1600x900.jpg [2011.05.06 01:31:51 | 001,023,515 | -H-- | M] () -- C:\Users\Felix\Desktop\hayden-panettiere-sexy_1600x900_1877.jpg [2011.04.22 22:31:15 | 000,078,848 | -H-- | M] () -- C:\Users\Felix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== Files Created - No Company Name ========== [2011.05.22 13:15:16 | 000,000,144 | -H-- | C] () -- C:\ProgramData\~44687096r [2011.05.22 13:15:16 | 000,000,120 | -H-- | C] () -- C:\ProgramData\~44687096 [2011.05.22 13:14:59 | 000,000,344 | -H-- | C] () -- C:\ProgramData\44687096 [2011.05.22 10:26:00 | 000,005,415 | ---- | C] () -- C:\Windows\System32\Config.MPF [2011.05.22 10:15:03 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\McDefragTask.job [2011.05.22 10:14:56 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\McQcTask.job [2011.05.22 02:33:02 | 000,000,595 | -H-- | C] () -- C:\Users\Felix\Desktop\Windows Vista Recovery.lnk [2011.05.22 02:33:02 | 000,000,144 | -H-- | C] () -- C:\ProgramData\~42983160r [2011.05.22 02:33:02 | 000,000,120 | -H-- | C] () -- C:\ProgramData\~42983160 [2011.05.22 02:32:47 | 000,000,392 | -H-- | C] () -- C:\ProgramData\42983160 [2011.05.06 01:36:04 | 000,267,177 | -H-- | C] () -- C:\Users\Felix\Desktop\hayden_panettiere_56-wallpaper-1600x900.jpg [2011.05.06 01:31:51 | 001,023,515 | -H-- | C] () -- C:\Users\Felix\Desktop\hayden-panettiere-sexy_1600x900_1877.jpg [2011.01.08 23:39:47 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll [2011.01.08 11:39:56 | 000,143,360 | R--- | C] () -- C:\Windows\Vmix106.dll [2011.01.08 11:39:45 | 000,000,270 | ---- | C] () -- C:\Windows\Cm106.ini.cfl [2011.01.08 11:39:42 | 000,544,768 | R--- | C] () -- C:\Windows\System32\Cmeau106.exe [2011.01.08 11:38:10 | 000,002,391 | R--- | C] () -- C:\Windows\Cm106.ini.cfg [2011.01.08 11:38:10 | 000,000,951 | ---- | C] () -- C:\Windows\Cm106.ini.imi [2011.01.07 19:19:53 | 000,299,008 | R--- | C] () -- C:\Windows\System32\CmiInstallResAll.dll [2010.12.19 20:19:24 | 000,283,648 | ---- | C] () -- C:\Windows\unin0407.exe [2010.06.16 19:00:36 | 000,000,616 | ---- | C] () -- C:\Windows\eReg.dat [2009.10.08 17:54:06 | 000,138,520 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2009.10.08 17:54:06 | 000,022,328 | -H-- | C] () -- C:\Users\Felix\AppData\Roaming\PnkBstrK.sys [2009.10.08 17:53:49 | 000,233,960 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2009.10.08 17:53:48 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2009.09.28 17:00:04 | 000,000,491 | ---- | C] () -- C:\Windows\System32\config.ini [2009.09.28 01:15:25 | 000,078,848 | -H-- | C] () -- C:\Users\Felix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.09.27 15:02:01 | 000,055,317 | ---- | C] () -- C:\Windows\War3Unin.dat [2009.07.11 09:54:36 | 000,311,296 | ---- | C] () -- C:\Windows\System32\Rezip.exe [2009.04.17 20:04:47 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2009.04.17 05:34:56 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009.04.17 05:29:10 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe [2009.04.17 04:51:23 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.04.17 04:51:23 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009.04.17 04:22:32 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini [2009.04.17 04:22:32 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini [2009.04.17 04:17:24 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IhDEV.exe [2009.04.17 04:17:24 | 000,024,576 | ---- | C] () -- C:\Windows\System32\IhINF.exe [2009.04.17 04:17:09 | 000,007,588 | ---- | C] () -- C:\Windows\HotFixList.ini [2009.04.17 02:50:13 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009.04.17 02:50:13 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009.04.17 02:50:13 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009.04.17 02:50:13 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009.04.17 02:33:51 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2009.04.17 02:33:39 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2009.04.17 02:33:38 | 000,181,944 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2009.04.17 02:33:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe [2009.04.17 02:33:38 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe [2009.04.07 12:43:00 | 000,000,350 | ---- | C] () -- C:\Windows\System32\AP6RMHV.BIN [2009.04.07 12:43:00 | 000,000,308 | ---- | C] () -- C:\Windows\System32\AP6RMKV.BIN [2009.04.07 12:43:00 | 000,000,252 | ---- | C] () -- C:\Windows\System32\AP6RMJXFSC.BIN [2009.04.07 12:43:00 | 000,000,252 | ---- | C] () -- C:\Windows\System32\AP6RMJH.BIN [2009.04.07 12:43:00 | 000,000,238 | ---- | C] () -- C:\Windows\System32\AP6RMFP.BIN [2009.04.07 12:43:00 | 000,000,189 | ---- | C] () -- C:\Windows\System32\AP6RMKS.BIN [2009.04.07 12:43:00 | 000,000,126 | ---- | C] () -- C:\Windows\System32\AP6RMHR.BIN [2009.04.02 17:23:42 | 000,000,518 | R--- | C] () -- C:\Windows\cm106.ini [2008.02.09 18:03:07 | 000,024,576 | ---- | C] () -- C:\Windows\System32\drivers\Marker.exe [2007.02.26 09:49:12 | 006,139,774 | ---- | C] () -- C:\Windows\imagine digital freedom.dat [2007.02.15 10:51:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\NDADLL.dll [2006.11.29 11:00:30 | 000,045,056 | ---- | C] () -- C:\Windows\System32\MAWebControl.exe [2006.11.29 11:00:28 | 000,307,200 | ---- | C] () -- C:\Windows\System32\LDBGenWizView.dll [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,391,432 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.10.09 04:01:28 | 000,061,440 | ---- | C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll < End of report > |
|
23.05.2011, 12:55
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Trojaner, kritischer Fehler und kein SpeichplatzZitat:
 Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________ |
|
23.05.2011, 21:57
| #3 |
| | Trojaner, kritischer Fehler und kein Speichplatz hey, danke für die schnelle antwort.
__________________vorab mal ne frage, ein kumpel meinte, dass man die trojaner nie ganz weg bekommt, weil die teilweise garnich gefunden werden können weil die in irgendwelchen "win... -Dateien" wären oder so... is das richtige? denn sonst hau ich einfach alles runter und mach alles nochmal drauf... also hier ein scannlauf von gerstern. Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: 6639 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 22.05.2011 15:59:54 mbam-log-2011-05-22 (15-59-54).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 307614 Laufzeit: 1 Stunde(n), 23 Minute(n), 58 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 1 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\Users\Felix\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\20KJ7RRM\files_load1[1].exe (Trojan.FakeMS.Gen) -> Quarantined and deleted successfully. und nochmal von heut nach ner aktuallisierung Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: 6657 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 23.05.2011 22:52:14 mbam-log-2011-05-23 (22-52-14).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 303353 Laufzeit: 57 Minute(n), 17 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
24.05.2011, 11:22
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner, kritischer Fehler und kein SpeichplatzZitat:
Deinstalliere jetzt also entweder McAfee oder AntiVir. Bei der Gelegenheit auch bitte jede Toolbar deinstallieren. Wenn du willst auch solche Software deinstallieren, die du definitiv nicht mehr brauchst/willst.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
25.05.2011, 06:36
| #5 |
| | Trojaner, kritischer Fehler und kein Speichplatz Hey, jo ich weis, dass 2 doof sind. hab das mcafee in ner panikreaktion am sonntag drauf gespielt und mo amd wieder runter gehauen. hier nochmal beide kompl. scanns nach nem update: SUPERAntiSpyware Scan Log SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware! Generated 05/24/2011 at 11:30 PM Application Version : 4.52.1000 Core Rules Database Version : 7132 Trace Rules Database Version: 4944 Scan type : Complete Scan Total Scan Time : 01:36:37 Memory items scanned : 652 Memory threats detected : 0 Registry items scanned : 7306 Registry threats detected : 0 File items scanned : 164096 File threats detected : 7 Adware.Tracking Cookie C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@cdn.at.atwola[1].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@at.atwola[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@ar.atwola[1].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@advertising[2].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@tacoda.at.atwola[1].txt C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Cookies\felix@atwola[1].txt games.adultswim.com [ C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UEJX25T4 ] Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6667 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 25.05.2011 01:18:27 mbam-log-2011-05-25 (01-18-27).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 303416 Laufzeit: 1 Stunde(n), 0 Minute(n), 1 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
25.05.2011, 10:01
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner, kritischer Fehler und kein Speichplatz Bitte ein frisches Log mit OTL erstellen und posten: CustomScan mit OTL Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ --> Trojaner, kritischer Fehler und kein Speichplatz |
|
25.05.2011, 18:00
| #7 |
| | Trojaner, kritischer Fehler und kein Speichplatz OTL Logfile: Code:
ATTFilter OTL logfile created on: 25.05.2011 18:45:36 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Felix\Downloads Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 71,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 226,76 Gb Total Space | 132,66 Gb Free Space | 58,50% Space Free | Partition Type: NTFS Drive D: | 226,00 Gb Total Space | 224,35 Gb Free Space | 99,27% Space Free | Partition Type: NTFS Computer Name: FELIX-PC | User Name: Felix | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Felix\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe () PRC - C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.) PRC - C:\Windows\System32\Rezip.exe () PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe (SAMSUNG Electronics co., LTD.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe (Samsung Electronics Co., Ltd.) PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) PRC - C:\Windows\System32\lpksetup.exe (Microsoft Corporation) PRC - C:\Windows\System32\lpremove.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Felix\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (Rezip) -- C:\Windows\System32\Rezip.exe () SRV - (yksvc) -- C:\Windows\System32\ykx32mpcoinst.dll (Marvell) SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (USBMULCD) -- C:\Windows\System32\drivers\CM106.sys (C-Media Electronics Inc) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (AVerAF15) -- C:\Windows\System32\drivers\AVerAF15.sys (AVerMedia TECHNOLOGIES, Inc.) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation) DRV - (KMDFMEMIO) -- C:\Windows\System32\drivers\KMDFMEMIO.sys (SAMSUNG ELECTRONICS CO., LTD.) DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7 FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.9 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties" FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.05.14 21:49:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.05.14 21:49:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.30 08:01:38 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.14 21:49:17 | 000,000,000 | ---D | M] [2009.09.27 14:30:07 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Felix\AppData\Roaming\mozilla\Extensions [2011.04.04 22:03:39 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Felix\AppData\Roaming\mozilla\Firefox\Profiles\yfrsr6er.default\extensions [2009.10.02 16:11:33 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Felix\AppData\Roaming\mozilla\Firefox\Profiles\yfrsr6er.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.03.25 19:01:51 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Users\Felix\AppData\Roaming\mozilla\Firefox\Profiles\yfrsr6er.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.04.04 22:03:39 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Felix\AppData\Roaming\mozilla\Firefox\Profiles\yfrsr6er.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.05.25 18:40:07 | 000,000,950 | ---- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin-1.xml [2011.03.06 14:23:31 | 000,000,961 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin-2.xml [2011.03.24 22:52:11 | 000,000,961 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin-3.xml [2011.03.24 22:54:26 | 000,000,950 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin-4.xml [2011.04.30 08:01:58 | 000,000,950 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin-5.xml [2011.02.20 12:21:20 | 000,000,168 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin.gif [2011.02.20 12:21:20 | 000,000,618 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin.src [2010.12.10 18:27:31 | 000,001,069 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\icqplugin.xml [2009.12.26 14:27:06 | 000,003,915 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\yfrsr6er.default\searchplugins\sweetim.xml [2011.03.24 22:54:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions File not found (No name found) -- () (No name found) -- C:\USERS\FELIX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YFRSR6ER.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI [2011.04.30 08:01:35 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Cm106Sound] File not found O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [TQ566808] File not found O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [ICQ] File not found O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Felix\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img16.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img16.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{7809f72d-8684-11df-9cb7-0024540c3527}\Shell - "" = AutoRun O33 - MountPoints2\{7809f72d-8684-11df-9cb7-0024540c3527}\Shell\AutoRun\command - "" = F:\iStudio.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.dll (Intel Corporation) Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.05.22 13:25:58 | 000,000,000 | -H-D | C] -- C:\Users\Felix\AppData\Roaming\Malwarebytes [2011.05.22 13:25:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.05.22 13:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.05.22 13:25:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\Malwarebytes [2011.05.22 13:25:45 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.05.22 13:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011.05.22 11:11:48 | 000,000,000 | -H-D | C] -- C:\Users\Felix\AppData\Roaming\SUPERAntiSpyware.com [2011.05.22 11:11:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2011.05.22 11:11:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2011.05.22 11:11:39 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2011.05.22 10:29:45 | 000,000,000 | -H-D | C] -- C:\Samsung [2011.05.22 10:27:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\NetsyncAgent [2011.05.22 02:38:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\WindowsSearch [2011.05.22 02:33:02 | 000,000,000 | -H-D | C] -- C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery [2011.05.15 12:54:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games [2011.05.14 21:52:40 | 000,000,000 | -H-D | C] -- C:\Users\Felix\AppData\Local\DDMSettings [2011.05.14 21:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2011.05.14 21:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011.05.14 10:02:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.05.14 10:01:24 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011.05.14 10:01:20 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011.05.14 09:59:36 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2006.11.24 08:14:44 | 000,139,264 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll [2006.11.24 08:14:44 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK.dll ========== Files - Modified Within 30 Days ========== [2011.05.25 18:30:18 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.05.25 18:30:18 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.05.25 18:30:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.05.25 18:30:13 | 3184,115,712 | -HS- | M] () -- C:\hiberfil.sys [2011.05.25 07:37:47 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011.05.22 13:15:16 | 000,000,144 | -H-- | M] () -- C:\ProgramData\~44687096r [2011.05.22 13:15:16 | 000,000,120 | -H-- | M] () -- C:\ProgramData\~44687096 [2011.05.22 13:14:59 | 000,000,344 | -H-- | M] () -- C:\ProgramData\44687096 [2011.05.22 10:37:10 | 000,007,588 | ---- | M] () -- C:\Windows\HotFixList.ini [2011.05.22 02:47:39 | 000,000,392 | -H-- | M] () -- C:\ProgramData\42983160 [2011.05.22 02:45:19 | 000,000,120 | -H-- | M] () -- C:\ProgramData\~42983160 [2011.05.22 02:33:02 | 000,000,595 | -H-- | M] () -- C:\Users\Felix\Desktop\Windows Vista Recovery.lnk [2011.05.22 02:33:02 | 000,000,144 | -H-- | M] () -- C:\ProgramData\~42983160r [2011.05.16 07:11:59 | 000,391,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.05.14 15:24:02 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.05.14 15:24:02 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.05.14 15:24:02 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.05.14 15:24:02 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.05.06 01:36:04 | 000,267,177 | -H-- | M] () -- C:\Users\Felix\Desktop\hayden_panettiere_56-wallpaper-1600x900.jpg [2011.05.06 01:31:51 | 001,023,515 | -H-- | M] () -- C:\Users\Felix\Desktop\hayden-panettiere-sexy_1600x900_1877.jpg ========== Files Created - No Company Name ========== [2011.05.22 13:15:16 | 000,000,144 | -H-- | C] () -- C:\ProgramData\~44687096r [2011.05.22 13:15:16 | 000,000,120 | -H-- | C] () -- C:\ProgramData\~44687096 [2011.05.22 13:14:59 | 000,000,344 | -H-- | C] () -- C:\ProgramData\44687096 [2011.05.22 02:33:02 | 000,000,595 | -H-- | C] () -- C:\Users\Felix\Desktop\Windows Vista Recovery.lnk [2011.05.22 02:33:02 | 000,000,144 | -H-- | C] () -- C:\ProgramData\~42983160r [2011.05.22 02:33:02 | 000,000,120 | -H-- | C] () -- C:\ProgramData\~42983160 [2011.05.22 02:32:47 | 000,000,392 | -H-- | C] () -- C:\ProgramData\42983160 [2011.05.06 01:36:04 | 000,267,177 | -H-- | C] () -- C:\Users\Felix\Desktop\hayden_panettiere_56-wallpaper-1600x900.jpg [2011.05.06 01:31:51 | 001,023,515 | -H-- | C] () -- C:\Users\Felix\Desktop\hayden-panettiere-sexy_1600x900_1877.jpg [2011.01.08 23:39:47 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll [2011.01.08 11:39:56 | 000,143,360 | R--- | C] () -- C:\Windows\Vmix106.dll [2011.01.08 11:39:45 | 000,000,270 | ---- | C] () -- C:\Windows\Cm106.ini.cfl [2011.01.08 11:39:42 | 000,544,768 | R--- | C] () -- C:\Windows\System32\Cmeau106.exe [2011.01.08 11:38:10 | 000,002,391 | R--- | C] () -- C:\Windows\Cm106.ini.cfg [2011.01.08 11:38:10 | 000,000,951 | ---- | C] () -- C:\Windows\Cm106.ini.imi [2011.01.07 19:19:53 | 000,299,008 | R--- | C] () -- C:\Windows\System32\CmiInstallResAll.dll [2010.12.19 20:19:24 | 000,283,648 | ---- | C] () -- C:\Windows\unin0407.exe [2010.06.16 19:00:36 | 000,000,616 | ---- | C] () -- C:\Windows\eReg.dat [2009.10.08 17:54:06 | 000,138,520 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2009.10.08 17:54:06 | 000,022,328 | -H-- | C] () -- C:\Users\Felix\AppData\Roaming\PnkBstrK.sys [2009.10.08 17:53:49 | 000,233,960 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2009.10.08 17:53:48 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2009.09.28 17:00:04 | 000,000,491 | ---- | C] () -- C:\Windows\System32\config.ini [2009.09.28 01:15:25 | 000,078,848 | -H-- | C] () -- C:\Users\Felix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.09.27 15:02:01 | 000,055,317 | ---- | C] () -- C:\Windows\War3Unin.dat [2009.07.11 09:54:36 | 000,311,296 | ---- | C] () -- C:\Windows\System32\Rezip.exe [2009.04.17 20:04:47 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2009.04.17 05:34:56 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009.04.17 05:29:10 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe [2009.04.17 04:51:23 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.04.17 04:51:23 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009.04.17 04:22:32 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini [2009.04.17 04:22:32 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini [2009.04.17 04:17:24 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IhDEV.exe [2009.04.17 04:17:24 | 000,024,576 | ---- | C] () -- C:\Windows\System32\IhINF.exe [2009.04.17 04:17:09 | 000,007,588 | ---- | C] () -- C:\Windows\HotFixList.ini [2009.04.17 02:50:13 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009.04.17 02:50:13 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009.04.17 02:50:13 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009.04.17 02:50:13 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009.04.17 02:33:51 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2009.04.17 02:33:39 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2009.04.17 02:33:38 | 000,181,944 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2009.04.17 02:33:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe [2009.04.17 02:33:38 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe [2009.04.07 12:43:00 | 000,000,350 | ---- | C] () -- C:\Windows\System32\AP6RMHV.BIN [2009.04.07 12:43:00 | 000,000,308 | ---- | C] () -- C:\Windows\System32\AP6RMKV.BIN [2009.04.07 12:43:00 | 000,000,252 | ---- | C] () -- C:\Windows\System32\AP6RMJXFSC.BIN [2009.04.07 12:43:00 | 000,000,252 | ---- | C] () -- C:\Windows\System32\AP6RMJH.BIN [2009.04.07 12:43:00 | 000,000,238 | ---- | C] () -- C:\Windows\System32\AP6RMFP.BIN [2009.04.07 12:43:00 | 000,000,189 | ---- | C] () -- C:\Windows\System32\AP6RMKS.BIN [2009.04.07 12:43:00 | 000,000,126 | ---- | C] () -- C:\Windows\System32\AP6RMHR.BIN [2009.04.02 17:23:42 | 000,000,518 | R--- | C] () -- C:\Windows\cm106.ini [2008.02.09 18:03:07 | 000,024,576 | ---- | C] () -- C:\Windows\System32\drivers\Marker.exe [2007.02.26 09:49:12 | 006,139,774 | ---- | C] () -- C:\Windows\imagine digital freedom.dat [2007.02.15 10:51:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\NDADLL.dll [2006.11.29 11:00:30 | 000,045,056 | ---- | C] () -- C:\Windows\System32\MAWebControl.exe [2006.11.29 11:00:28 | 000,307,200 | ---- | C] () -- C:\Windows\System32\LDBGenWizView.dll [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,391,432 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.10.09 04:01:28 | 000,061,440 | ---- | C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll ========== LOP Check ========== [2011.04.04 22:03:38 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\DVDVideoSoftIEHelpers [2011.05.21 21:39:20 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\ICQ [2010.01.03 19:18:53 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\Leadertech [2010.06.12 18:12:30 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\LolClient [2010.10.31 14:44:21 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\OpenOffice.org [2010.01.09 22:19:36 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\TS3Client [2011.05.25 07:37:47 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010.06.12 17:53:34 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\Adobe [2011.02.05 12:04:08 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\Apple Computer [2009.09.23 19:13:04 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\ATI [2011.05.14 21:49:03 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\DivX [2011.03.06 21:35:10 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\dvdcss [2011.04.04 22:03:38 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\DVDVideoSoftIEHelpers [2009.09.27 14:28:13 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\Google [2011.05.21 21:39:20 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\ICQ [2009.09.23 19:12:12 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\Identities [2011.01.01 18:36:50 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\Intelli-studio [2010.01.03 19:18:53 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\Leadertech [2010.06.12 18:12:30 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\LolClient [2009.09.27 14:46:18 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\Macromedia [2011.05.22 13:25:58 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\Malwarebytes [2006.11.02 14:37:34 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\Media Center Programs [2011.04.22 09:40:37 | 000,000,000 | --SD | M] -- C:\Users\Felix\AppData\Roaming\Microsoft [2009.09.27 14:30:07 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\Mozilla [2010.10.31 14:44:21 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\OpenOffice.org [2011.05.22 11:11:48 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\SUPERAntiSpyware.com [2010.09.25 18:29:45 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\teamspeak2 [2010.01.09 22:19:36 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\TS3Client [2011.05.14 21:33:11 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\vlc [2010.04.09 19:03:57 | 000,000,000 | -H-D | M] -- C:\Users\Felix\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > [2010.06.12 17:53:02 | 000,038,208 | -H-- | M] () -- C:\Users\Felix\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\drivers\atapi.sys [2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys [2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2008.03.12 08:24:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTOR.SYS > [2009.02.11 10:26:18 | 000,407,576 | ---- | M] (Intel Corporation) MD5=1ADAA4F16073FD0C7270F451FD024E97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys [2009.02.11 10:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys [2009.02.11 10:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\drivers\iaStor.sys [2009.02.11 10:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_ea118ff5\iaStor.sys < MD5 for: IASTORV.SYS > [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll [2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll [2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: USER32.DLL > [2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll [2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll < MD5 for: USERINIT.EXE > [2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe < MD5 for: WININIT.EXE > [2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe [2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe < MD5 for: WINLOGON.EXE > [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe [2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys [2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < > < End of report > |
|
25.05.2011, 21:21
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner, kritischer Fehler und kein Speichplatz Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
SRV - (Rezip) -- C:\Windows\System32\Rezip.exe ()
O4 - HKLM..\Run: [TQ566808] File not found
O4 - HKCU..\Run: [ICQ] File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7809f72d-8684-11df-9cb7-0024540c3527}\Shell - "" = AutoRun
O33 - MountPoints2\{7809f72d-8684-11df-9cb7-0024540c3527}\Shell\AutoRun\command - "" = F:\iStudio.exe
[2011.05.22 13:15:16 | 000,000,144 | -H-- | M] () -- C:\ProgramData\~44687096r
[2011.05.22 13:15:16 | 000,000,120 | -H-- | M] () -- C:\ProgramData\~44687096
[2011.05.22 13:14:59 | 000,000,344 | -H-- | M] () -- C:\ProgramData\44687096
[2011.05.22 02:47:39 | 000,000,392 | -H-- | M] () -- C:\ProgramData\42983160
[2011.05.22 02:45:19 | 000,000,120 | -H-- | M] () -- C:\ProgramData\~42983160
[2011.05.22 02:33:02 | 000,000,595 | -H-- | M] () -- C:\Users\Felix\Desktop\Windows Vista Recovery.lnk
[2011.05.22 02:33:02 | 000,000,144 | -H-- | M] () -- C:\ProgramData\~42983160r
:Commands
[purity]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.05.2011, 22:04
| #9 |
| | Trojaner, kritischer Fehler und kein Speichplatz ========== OTL ========== Error: Unable to stop service Rezip! Service Rezip deleted successfully! C:\Windows\System32\Rezip.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TQ566808 deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! C:\autoexec.bat moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7809f72d-8684-11df-9cb7-0024540c3527}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7809f72d-8684-11df-9cb7-0024540c3527}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7809f72d-8684-11df-9cb7-0024540c3527}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7809f72d-8684-11df-9cb7-0024540c3527}\ not found. File F:\iStudio.exe not found. C:\ProgramData\~44687096r moved successfully. C:\ProgramData\~44687096 moved successfully. C:\ProgramData\44687096 moved successfully. C:\ProgramData\42983160 moved successfully. C:\ProgramData\~42983160 moved successfully. C:\Users\Felix\Desktop\Windows Vista Recovery.lnk moved successfully. C:\ProgramData\~42983160r moved successfully. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.22.3 log created on 05252011_230106 |
|
25.05.2011, 22:06
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner, kritischer Fehler und kein Speichplatz Das ist mein Script selbst, nicht der Output, der generiert wird, wenn du dieses Script anwendest 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.05.2011, 22:08
| #11 |
| | Trojaner, kritischer Fehler und kein Speichplatz habs nochmal geändert  |
|
26.05.2011, 06:31
| #12 |
| | Trojaner, kritischer Fehler und kein Speichplatz ========== OTL ========== Error: Unable to stop service Rezip! Service Rezip deleted successfully! C:\Windows\System32\Rezip.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TQ566808 deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! C:\autoexec.bat moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7809f72d-8684-11df-9cb7-0024540c3527}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7809f72d-8684-11df-9cb7-0024540c3527}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7809f72d-8684-11df-9cb7-0024540c3527}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7809f72d-8684-11df-9cb7-0024540c3527}\ not found. File F:\iStudio.exe not found. C:\ProgramData\~44687096r moved successfully. C:\ProgramData\~44687096 moved successfully. C:\ProgramData\44687096 moved successfully. C:\ProgramData\42983160 moved successfully. C:\ProgramData\~42983160 moved successfully. C:\Users\Felix\Desktop\Windows Vista Recovery.lnk moved successfully. C:\ProgramData\~42983160r moved successfully. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.22.3 log created on 05252011_230106 |
|
26.05.2011, 09:51
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner, kritischer Fehler und kein Speichplatz Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.05.2011, 21:08
| #14 |
| | Trojaner, kritischer Fehler und kein Speichplatz 2011/05/26 22:08:08.0723 4880 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24 2011/05/26 22:08:09.0176 4880 ================================================================================ 2011/05/26 22:08:09.0176 4880 SystemInfo: 2011/05/26 22:08:09.0176 4880 2011/05/26 22:08:09.0176 4880 OS Version: 6.0.6001 ServicePack: 1.0 2011/05/26 22:08:09.0176 4880 Product type: Workstation 2011/05/26 22:08:09.0176 4880 ComputerName: FELIX-PC 2011/05/26 22:08:09.0176 4880 UserName: Felix 2011/05/26 22:08:09.0176 4880 Windows directory: C:\Windows 2011/05/26 22:08:09.0176 4880 System windows directory: C:\Windows 2011/05/26 22:08:09.0176 4880 Processor architecture: Intel x86 2011/05/26 22:08:09.0176 4880 Number of processors: 2 2011/05/26 22:08:09.0176 4880 Page size: 0x1000 2011/05/26 22:08:09.0176 4880 Boot type: Normal boot 2011/05/26 22:08:09.0176 4880 ================================================================================ 2011/05/26 22:08:09.0466 4880 Initialize success 2011/05/26 22:08:12.0793 4188 ================================================================================ 2011/05/26 22:08:12.0793 4188 Scan started 2011/05/26 22:08:12.0793 4188 Mode: Manual; 2011/05/26 22:08:12.0793 4188 ================================================================================ 2011/05/26 22:08:13.0295 4188 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys 2011/05/26 22:08:13.0349 4188 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 2011/05/26 22:08:13.0394 4188 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 2011/05/26 22:08:13.0424 4188 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 2011/05/26 22:08:13.0463 4188 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 2011/05/26 22:08:13.0524 4188 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys 2011/05/26 22:08:13.0601 4188 AgereSoftModem (1cfeba39fc613e45b49d3eddfbcda289) C:\Windows\system32\DRIVERS\AGRSM.sys 2011/05/26 22:08:13.0674 4188 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 2011/05/26 22:08:13.0716 4188 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/05/26 22:08:13.0741 4188 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 2011/05/26 22:08:13.0787 4188 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 2011/05/26 22:08:13.0824 4188 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 2011/05/26 22:08:13.0855 4188 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 2011/05/26 22:08:13.0888 4188 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 2011/05/26 22:08:13.0987 4188 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 2011/05/26 22:08:14.0031 4188 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 2011/05/26 22:08:14.0074 4188 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/05/26 22:08:14.0173 4188 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys 2011/05/26 22:08:14.0332 4188 atikmdag (45c45796caad4f3354496530329a7b10) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/05/26 22:08:14.0477 4188 AVerAF15 (54c7c8498972379cff88973984497216) C:\Windows\system32\Drivers\AVerAF15.sys 2011/05/26 22:08:14.0553 4188 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys 2011/05/26 22:08:14.0599 4188 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys 2011/05/26 22:08:14.0635 4188 avipbb (6d52060b59e7d79cd2a044b6add1f1ef) C:\Windows\system32\DRIVERS\avipbb.sys 2011/05/26 22:08:14.0698 4188 bcm4sbxp (08015d34f6fdd0b355805bad978497c3) C:\Windows\system32\DRIVERS\bcm4sbxp.sys 2011/05/26 22:08:14.0729 4188 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2011/05/26 22:08:14.0772 4188 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 2011/05/26 22:08:14.0808 4188 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys 2011/05/26 22:08:14.0841 4188 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/05/26 22:08:14.0864 4188 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/05/26 22:08:14.0908 4188 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/05/26 22:08:14.0933 4188 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/05/26 22:08:14.0948 4188 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/05/26 22:08:14.0967 4188 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/05/26 22:08:15.0019 4188 BthEnum (c7065fa296c91bf054f421b0ebf93461) C:\Windows\system32\DRIVERS\BthEnum.sys 2011/05/26 22:08:15.0035 4188 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/05/26 22:08:15.0072 4188 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 2011/05/26 22:08:15.0093 4188 BTHPORT (1712d956e5a96f866d6791869e99b1d6) C:\Windows\system32\Drivers\BTHport.sys 2011/05/26 22:08:15.0147 4188 BTHUSB (66088e161e769d11c3134bc23d0e6144) C:\Windows\system32\Drivers\BTHUSB.sys 2011/05/26 22:08:15.0183 4188 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/05/26 22:08:15.0255 4188 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys 2011/05/26 22:08:15.0281 4188 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 2011/05/26 22:08:15.0311 4188 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys 2011/05/26 22:08:15.0382 4188 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/05/26 22:08:15.0399 4188 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 2011/05/26 22:08:15.0441 4188 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 2011/05/26 22:08:15.0456 4188 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 2011/05/26 22:08:15.0477 4188 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 2011/05/26 22:08:15.0514 4188 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys 2011/05/26 22:08:15.0551 4188 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys 2011/05/26 22:08:15.0595 4188 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2011/05/26 22:08:15.0642 4188 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys 2011/05/26 22:08:15.0669 4188 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/05/26 22:08:15.0714 4188 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys 2011/05/26 22:08:15.0765 4188 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 2011/05/26 22:08:15.0795 4188 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 2011/05/26 22:08:15.0873 4188 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys 2011/05/26 22:08:15.0898 4188 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys 2011/05/26 22:08:15.0928 4188 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 2011/05/26 22:08:15.0967 4188 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2011/05/26 22:08:15.0991 4188 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2011/05/26 22:08:16.0009 4188 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/05/26 22:08:16.0049 4188 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys 2011/05/26 22:08:16.0080 4188 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2011/05/26 22:08:16.0108 4188 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 2011/05/26 22:08:16.0166 4188 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2011/05/26 22:08:16.0207 4188 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 2011/05/26 22:08:16.0225 4188 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/05/26 22:08:16.0244 4188 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/05/26 22:08:16.0271 4188 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2011/05/26 22:08:16.0312 4188 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys 2011/05/26 22:08:16.0333 4188 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 2011/05/26 22:08:16.0400 4188 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys 2011/05/26 22:08:16.0433 4188 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 2011/05/26 22:08:16.0485 4188 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/05/26 22:08:16.0540 4188 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys 2011/05/26 22:08:16.0591 4188 iaStor (71ecc07bc7c5e24c3dd01d8a29a24054) C:\Windows\system32\DRIVERS\iaStor.sys 2011/05/26 22:08:16.0622 4188 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 2011/05/26 22:08:16.0652 4188 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/05/26 22:08:16.0753 4188 IntcAzAudAddService (b4fd14f7b231e358bec6c71d1a6c2845) C:\Windows\system32\drivers\RTKVHDA.sys 2011/05/26 22:08:16.0936 4188 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 2011/05/26 22:08:16.0964 4188 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2011/05/26 22:08:17.0019 4188 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/05/26 22:08:17.0060 4188 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 2011/05/26 22:08:17.0081 4188 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2011/05/26 22:08:17.0123 4188 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2011/05/26 22:08:17.0143 4188 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 2011/05/26 22:08:17.0182 4188 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/05/26 22:08:17.0199 4188 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/05/26 22:08:17.0224 4188 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/05/26 22:08:17.0245 4188 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/05/26 22:08:17.0268 4188 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/05/26 22:08:17.0315 4188 KMDFMEMIO (ebc507f129df8f0e0ca270dcfc0cf87f) C:\Windows\system32\DRIVERS\kmdfmemio.sys 2011/05/26 22:08:17.0355 4188 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys 2011/05/26 22:08:17.0392 4188 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/05/26 22:08:17.0436 4188 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 2011/05/26 22:08:17.0452 4188 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 2011/05/26 22:08:17.0484 4188 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 2011/05/26 22:08:17.0506 4188 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2011/05/26 22:08:17.0538 4188 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 2011/05/26 22:08:17.0562 4188 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 2011/05/26 22:08:17.0585 4188 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2011/05/26 22:08:17.0603 4188 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2011/05/26 22:08:17.0626 4188 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2011/05/26 22:08:17.0642 4188 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2011/05/26 22:08:17.0653 4188 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2011/05/26 22:08:17.0702 4188 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 2011/05/26 22:08:17.0721 4188 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2011/05/26 22:08:17.0746 4188 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/05/26 22:08:17.0769 4188 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys 2011/05/26 22:08:17.0782 4188 mrxsmb (c4ad205530888404e2b5fc8d9319b119) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/05/26 22:08:17.0823 4188 mrxsmb10 (0a986b34f1678a2697574d7b1664e2dd) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/05/26 22:08:17.0847 4188 mrxsmb20 (3268b8c3fa92bfc086355c39b45e9cc9) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/05/26 22:08:17.0910 4188 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 2011/05/26 22:08:17.0964 4188 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 2011/05/26 22:08:18.0003 4188 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2011/05/26 22:08:18.0038 4188 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2011/05/26 22:08:18.0077 4188 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2011/05/26 22:08:18.0107 4188 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/05/26 22:08:18.0125 4188 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2011/05/26 22:08:18.0148 4188 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys 2011/05/26 22:08:18.0164 4188 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/05/26 22:08:18.0191 4188 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2011/05/26 22:08:18.0210 4188 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys 2011/05/26 22:08:18.0260 4188 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys 2011/05/26 22:08:18.0296 4188 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys 2011/05/26 22:08:18.0316 4188 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/05/26 22:08:18.0340 4188 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/05/26 22:08:18.0365 4188 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/05/26 22:08:18.0393 4188 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2011/05/26 22:08:18.0418 4188 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2011/05/26 22:08:18.0440 4188 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys 2011/05/26 22:08:18.0528 4188 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys 2011/05/26 22:08:18.0654 4188 NETw5v32 (7269039e216bdd863abf1850a0ffdbaf) C:\Windows\system32\DRIVERS\NETw5v32.sys 2011/05/26 22:08:18.0764 4188 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/05/26 22:08:18.0794 4188 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys 2011/05/26 22:08:18.0814 4188 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2011/05/26 22:08:18.0858 4188 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys 2011/05/26 22:08:18.0884 4188 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/05/26 22:08:18.0904 4188 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2011/05/26 22:08:18.0947 4188 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 2011/05/26 22:08:18.0973 4188 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 2011/05/26 22:08:19.0005 4188 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 2011/05/26 22:08:19.0084 4188 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/05/26 22:08:19.0127 4188 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/05/26 22:08:19.0162 4188 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys 2011/05/26 22:08:19.0186 4188 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/05/26 22:08:19.0228 4188 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys 2011/05/26 22:08:19.0275 4188 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 2011/05/26 22:08:19.0310 4188 pcmcia (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/05/26 22:08:19.0360 4188 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/05/26 22:08:19.0448 4188 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2011/05/26 22:08:19.0466 4188 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 2011/05/26 22:08:19.0512 4188 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys 2011/05/26 22:08:19.0562 4188 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 2011/05/26 22:08:19.0587 4188 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/05/26 22:08:19.0609 4188 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2011/05/26 22:08:19.0629 4188 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2011/05/26 22:08:19.0653 4188 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/05/26 22:08:19.0677 4188 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/05/26 22:08:19.0688 4188 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys 2011/05/26 22:08:19.0729 4188 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys 2011/05/26 22:08:19.0740 4188 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/05/26 22:08:19.0775 4188 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 2011/05/26 22:08:19.0788 4188 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2011/05/26 22:08:19.0819 4188 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys 2011/05/26 22:08:19.0869 4188 RFCOMM (10536b0ad6f416fc7f1149977c28ccdc) C:\Windows\system32\DRIVERS\rfcomm.sys 2011/05/26 22:08:19.0894 4188 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2011/05/26 22:08:20.0069 4188 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 2011/05/26 22:08:20.0107 4188 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 2011/05/26 22:08:20.0131 4188 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/05/26 22:08:20.0187 4188 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys 2011/05/26 22:08:20.0210 4188 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/05/26 22:08:20.0251 4188 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2011/05/26 22:08:20.0270 4188 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2011/05/26 22:08:20.0290 4188 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2011/05/26 22:08:20.0321 4188 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 2011/05/26 22:08:20.0337 4188 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 2011/05/26 22:08:20.0351 4188 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 2011/05/26 22:08:20.0362 4188 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/05/26 22:08:20.0395 4188 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 2011/05/26 22:08:20.0419 4188 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 2011/05/26 22:08:20.0456 4188 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 2011/05/26 22:08:20.0489 4188 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys 2011/05/26 22:08:20.0524 4188 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2011/05/26 22:08:20.0575 4188 srv (73dddbeec61e78568082916a27aadaee) C:\Windows\system32\DRIVERS\srv.sys 2011/05/26 22:08:20.0609 4188 srv2 (4ceeb95e0b79e48b81f2da0a6c24c64b) C:\Windows\system32\DRIVERS\srv2.sys 2011/05/26 22:08:20.0631 4188 srvnet (f63a0a58aafe34d7a1a0a74abccdd9c0) C:\Windows\system32\DRIVERS\srvnet.sys 2011/05/26 22:08:20.0668 4188 ssmdrv (5ec550b8952882ee856b862cf648522d) C:\Windows\system32\DRIVERS\ssmdrv.sys 2011/05/26 22:08:20.0723 4188 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2011/05/26 22:08:20.0748 4188 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/05/26 22:08:20.0764 4188 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/05/26 22:08:20.0785 4188 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/05/26 22:08:20.0836 4188 SynTP (71837fbce3fd8143953444b3ff7938dc) C:\Windows\system32\DRIVERS\SynTP.sys 2011/05/26 22:08:20.0912 4188 Tcpip (8a7ad2a214233f684242f289ed83ebc3) C:\Windows\system32\drivers\tcpip.sys 2011/05/26 22:08:20.0938 4188 Tcpip6 (8a7ad2a214233f684242f289ed83ebc3) C:\Windows\system32\DRIVERS\tcpip.sys 2011/05/26 22:08:20.0999 4188 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys 2011/05/26 22:08:21.0024 4188 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2011/05/26 22:08:21.0049 4188 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2011/05/26 22:08:21.0085 4188 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys 2011/05/26 22:08:21.0100 4188 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys 2011/05/26 22:08:21.0140 4188 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/05/26 22:08:21.0172 4188 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2011/05/26 22:08:21.0190 4188 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys 2011/05/26 22:08:21.0214 4188 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 2011/05/26 22:08:21.0243 4188 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys 2011/05/26 22:08:21.0273 4188 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 2011/05/26 22:08:21.0301 4188 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 2011/05/26 22:08:21.0325 4188 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/05/26 22:08:21.0344 4188 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/05/26 22:08:21.0369 4188 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2011/05/26 22:08:21.0447 4188 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys 2011/05/26 22:08:21.0520 4188 usbaudio (f89033df77b636621cf6b090f7e1913d) C:\Windows\system32\drivers\usbaudio.sys 2011/05/26 22:08:21.0568 4188 usbccgp (afb10a231254a1920c3bb4a0d02e1ca6) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/05/26 22:08:21.0605 4188 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/05/26 22:08:21.0628 4188 usbehci (44245742c4ed2eafd69020583424455b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/05/26 22:08:21.0648 4188 usbhub (db39b3f83af77bca019d7df6aaddbdae) C:\Windows\system32\DRIVERS\usbhub.sys 2011/05/26 22:08:21.0737 4188 USBMULCD (7b9a398725011a2bd0d0753cd73301e5) C:\Windows\system32\drivers\CM106.sys 2011/05/26 22:08:21.0770 4188 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2011/05/26 22:08:21.0787 4188 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys 2011/05/26 22:08:21.0815 4188 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/05/26 22:08:21.0858 4188 usbuhci (587809974e43cfad0ca0ef6e1d940ca9) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/05/26 22:08:21.0900 4188 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 2011/05/26 22:08:21.0950 4188 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/05/26 22:08:22.0004 4188 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2011/05/26 22:08:22.0022 4188 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 2011/05/26 22:08:22.0037 4188 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 2011/05/26 22:08:22.0056 4188 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 2011/05/26 22:08:22.0098 4188 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2011/05/26 22:08:22.0124 4188 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys 2011/05/26 22:08:22.0139 4188 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys 2011/05/26 22:08:22.0164 4188 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 2011/05/26 22:08:22.0186 4188 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/05/26 22:08:22.0221 4188 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/05/26 22:08:22.0241 4188 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/05/26 22:08:22.0271 4188 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 2011/05/26 22:08:22.0299 4188 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2011/05/26 22:08:22.0374 4188 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys 2011/05/26 22:08:22.0443 4188 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys 2011/05/26 22:08:22.0480 4188 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/05/26 22:08:22.0523 4188 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/05/26 22:08:22.0575 4188 yukonwlh (6d16a5c05d4fa06fade1d97580986803) C:\Windows\system32\DRIVERS\yk60x86.sys 2011/05/26 22:08:22.0624 4188 MBR (0x1B8) (61a349592c4728853f4a90ff78f7628e) \Device\Harddisk0\DR0 2011/05/26 22:08:22.0832 4188 ================================================================================ 2011/05/26 22:08:22.0832 4188 Scan finished 2011/05/26 22:08:22.0832 4188 ================================================================================ 2011/05/26 22:08:22.0841 5060 Detected object count: 0 2011/05/26 22:08:22.0841 5060 Actual detected object count: 0 |
|
26.05.2011, 21:09
| #15 |
| | Trojaner, kritischer Fehler und kein Speichplatz icons sind auch wieder da, hab das unhide verwendet... |
|
| Themen zu Trojaner, kritischer Fehler und kein Speichplatz |
| ad.yieldmanager, adfarm, adobe, advertising, anti-malware, appdata, bildschirm, black, call of duty, center, control, counter-strike source, dateien, detected, explorer, fehler, festplatte, flash player, folge, funktioniert, funktioniert nicht, install.exe, league of legends, microsoft, oldtimer, prefetch, recycle.bin, roaming, sched.exe, searchplugins, shell32.dll, shortcut, software, speicherplatz, start menu, superantispyware, sweetim, temp, tradedoubler, trojaner, windows |
Textbox.
.
Linear-Darstellung
