Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   TR/Kazy.mekml.1 mich hats auch erwischt (https://www.trojaner-board.de/98394-tr-kazy-mekml-1-mich-hats-erwischt.html)

lordnuke 28.04.2011 13:31
TR/Kazy.mekml.1 mich hats auch erwischt
 
Mich hats leider auch erwischt
- Desktop schwaz
- Verknüpfungen und daten "weg"
- Fakefehlermeldung

Extras.TXT vom OTL

OTL Logfile:
Code:
OTL Extras logfile created on: 28.04.2011 14:22:19 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Melanie\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 576,17 Gb Total Space | 417,76 Gb Free Space | 72,51% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 3,26 Gb Free Space | 16,28% Space Free | Partition Type: FAT32
Drive F: | 931,28 Gb Total Space | 925,00 Gb Free Space | 99,32% Space Free | Partition Type: FAT32
 
Computer Name: MELANIE-PC | User Name: Melanie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{FAF101A8-4D55-49B2-9695-F968C584A431}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{17DCF6CB-08D4-4352-B031-59CDC2E39FA7}" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"{2052B0F6-C320-4A51-A7DC-5F76664D67F7}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{228F83F3-DFDE-48AE-B230-1540D92CCE70}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{2F2BA981-6AB0-437B-82E8-638BD96701C1}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{327491AB-DCE3-4AC6-9FED-1A075460CFCA}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{40BC69D8-8FB2-43C8-B822-BC67FCBB931B}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{41A13FD6-1A0D-4611-B670-CA5B33EE7D8F}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4A3E4347-2D81-49F4-BD52-8EE1B91FF519}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{4CBDCE48-220A-4AC1-A9DF-08DB8ADC463E}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{4F8724F1-9403-47AF-B46C-DA8460B359BB}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{503A5A49-6B51-4EAF-8606-9198C6FECD41}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{5A6DD73B-AE92-436E-9213-94C570BFB29B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6794FD54-A4B2-430F-BE8D-563D1D5DF3A5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{6B7010AC-7729-439F-845A-67B747B80084}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{77735337-3871-4E2A-B5AF-AAB5E766F35D}" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"{7F3F4A8D-33A9-4ADC-BE32-1BE99419E8EC}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{8293129F-EE95-41FB-8E9D-E28C68B9F1A1}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{888E0D64-B183-4FA5-82BA-0F26D41D1A51}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{937A2086-0A5A-473D-A0F9-1963CADB181B}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{9F75EBBE-9CBF-49C0-B3BF-9FD2A3536C25}" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"{ABCA4D38-212D-4D93-BA02-53EDF5579260}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{AEE3C337-5B4E-4914-BDCA-7B940E4D142B}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{B6D77873-69F2-44E3-9A84-7A3D91C9AF40}" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"{BA474D20-BF06-4AB8-ADE6-458A83572FA9}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{C12E8AED-4005-49CB-BDA5-07CC4718F807}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{C8E59C92-380E-4246-B473-15A6E83B44C6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{CA5B3499-24F4-483E-A282-237379D499AD}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{CD2A2344-7D7B-4088-B396-26D7F2295EFD}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{D042162E-93A2-4B69-A856-12E27B949CAA}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{D2CBEF93-F3B9-451F-A39F-73AB909A6C5F}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{D994C188-7C98-439B-87B1-47D0D9A2E011}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{DFC64DEB-9876-4E4C-8043-A312A4301870}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{E05363AD-1FA7-4512-B7E9-EBE272C5698F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{E6007301-5CFF-4A9E-B5DE-5C35AC9C27D0}" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"{E83DDC0B-02F9-4859-9939-5F91CB39A2DF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F9761D22-638F-4754-8700-64B9385B7C8E}" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{2A81AC58-693C-4930-BBDB-A73B1E343AA3}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{40B231E8-2855-474D-90BF-415A883A5698}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{77FC0B2C-A904-4A7F-BB27-57459CC5222B}C:\users\melanie\downloads\quake 3 arena\quake 3 arena\quake3.exe" = protocol=6 | dir=in | app=c:\users\melanie\downloads\quake 3 arena\quake 3 arena\quake3.exe |
"UDP Query User{4DEFA010-F93B-4890-8900-9A6727E3D62C}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{6432E4BA-C8BC-4719-AC92-9C497CA9A3A8}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{88DE30F0-F99C-4013-AEE8-86DB9EE29215}C:\users\melanie\downloads\quake 3 arena\quake 3 arena\quake3.exe" = protocol=17 | dir=in | app=c:\users\melanie\downloads\quake 3 arena\quake 3 arena\quake3.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1A2A15C2-6780-49c1-B296-503230E9DE00}" = Die Sims™ 2 Villen- und Garten-Accessoires
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{81063354-9060-42B2-A000-1EBE96778AA9}" = iTunes
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8e584a1b-90d7-4add-93e0-fe4b4ac5f57f}" = Nero 9 Lite
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB938897-211A-4999-9749-236D2E8E464A}" = NETGEAR WPN311 Wireless Adapter
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = Die Sims 2: Nightlife
"{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}" = Media Go
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DVDVideoSoft Toolbar" = DVDVideoSoft Toolbar
"Easy-Shutdown" = Easy-Shutdown 1.3
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 3.2
"Free YouTube Download_is1" = Free YouTube Download 2.3
"Furnish Pro" = Furnish Pro
"ICQToolbar" = ICQ Toolbar
"InstallShield_{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"InstallShield_{AB938897-211A-4999-9749-236D2E8E464A}" = NETGEAR WPN311 Wireless Adapter
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"NVIDIA Drivers" = NVIDIA Drivers
"PartyPoker" = PartyPoker
"PhotoScape" = PhotoScape
"Pixie_is1" = Pixie 1.4.1
"PunkBusterSvc" = PunkBuster Services
"TeamViewer 5" = TeamViewer 5
"Uninstall_is1" = Uninstall 1.0.0.1
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"CreepSmash.com" = CreepSmash.com
"Winamp Detect" = Winamp Detector Plug-in
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
--- --- ---


OTL.txt vom OTL
OTL Logfile:
Code:
OTL logfile created on: 28.04.2011 14:22:18 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Melanie\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 576,17 Gb Total Space | 417,76 Gb Free Space | 72,51% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 3,26 Gb Free Space | 16,28% Space Free | Partition Type: FAT32
Drive F: | 931,28 Gb Total Space | 925,00 Gb Free Space | 99,32% Space Free | Partition Type: FAT32
 
Computer Name: MELANIE-PC | User Name: Melanie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Melanie\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\kmQvQcUSBfWiJhv.exe (WinTrust)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\NETGEAR\WPN311\wlancfg5.exe ()
PRC - C:\Windows\System32\attrib.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Melanie\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (OMSI download service) -- C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (s0017mdm) -- C:\Windows\System32\drivers\s0017mdm.sys (MCCI Corporation)
DRV - (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) -- C:\Windows\System32\drivers\s0017unic.sys (MCCI Corporation)
DRV - (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0017mgmt.sys (MCCI Corporation)
DRV - (s0017obex) -- C:\Windows\System32\drivers\s0017obex.sys (MCCI Corporation)
DRV - (s0017bus) Sony Ericsson Device 0017 driver (WDM) -- C:\Windows\System32\drivers\s0017bus.sys (MCCI Corporation)
DRV - (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) -- C:\Windows\System32\drivers\s0017nd5.sys (MCCI Corporation)
DRV - (s0017mdfl) -- C:\Windows\System32\drivers\s0017mdfl.sys (MCCI Corporation)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - (athr) -- C:\Windows\System32\drivers\WPN311.sys (Atheros Communications, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "GMX Suche"
FF - prefs.js..browser.search.order.2: "WEB.DE Suche"
FF - prefs.js..browser.search.order.3: "1und1 Suche"
FF - prefs.js..browser.search.order.4: "amazon.de"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.8
FF - prefs.js..extensions.enabledItems: {95f24680-9e31-11da-a746-0800200c9a66}:0.1.5.5
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.7.0190
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.23.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.8&q="
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.24 13:50:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.24 13:50:34 | 000,000,000 | ---D | M]
 
[2009.10.03 12:42:09 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Melanie\AppData\Roaming\mozilla\Extensions
[2011.04.28 13:18:32 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\i7r6xtxa.default\extensions
[2010.04.28 13:30:09 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\i7r6xtxa.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.04.28 10:41:12 | 000,000,000 | -H-D | M] (Yahoo! Toolbar) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\i7r6xtxa.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.03.21 14:13:10 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\i7r6xtxa.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.02.02 13:28:42 | 000,000,000 | -H-D | M] (Update Notifier) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\i7r6xtxa.default\extensions\{95f24680-9e31-11da-a746-0800200c9a66}
[2010.01.29 15:14:12 | 000,000,000 | -H-D | M] (DVDVideoSoft Toolbar) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\i7r6xtxa.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2010.07.07 15:50:48 | 000,000,000 | -H-D | M] (Battlefield Heroes Updater) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\i7r6xtxa.default\extensions\battlefieldheroespatcher@ea.com
[2011.04.23 18:24:02 | 000,000,000 | -H-D | M] ("DAEMON Tools Toolbar") -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\i7r6xtxa.default\extensions\DTToolbar@toolbarnet.com
[2011.03.31 09:05:29 | 000,000,000 | -H-D | M] (Nero Toolbar) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\i7r6xtxa.default\extensions\toolbar@ask.com
[2010.01.29 20:15:26 | 000,000,881 | -H-- | M] () -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\i7r6xtxa.default\searchplugins\conduit.xml
[2010.06.06 12:46:11 | 000,002,059 | -H-- | M] () -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\i7r6xtxa.default\searchplugins\daemon-search.xml
[2011.04.23 01:18:13 | 000,000,950 | -H-- | M] () -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\i7r6xtxa.default\searchplugins\icqplugin-1.xml
[2010.11.09 16:48:26 | 000,000,950 | -H-- | M] () -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\i7r6xtxa.default\searchplugins\icqplugin-10.xml
[2011.01.24 17:50:48 | 000,000,950 | -H-- | M] () -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\i7r6xtxa.default\searchplugins\icqplugin-11.xml
[2011.03.16 09:11:58 | 000,000,950 | -H-- | M] () -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\i7r6xtxa.default\searchplugins\icqplugin-12.xml
[2011.03.24 13:50:47 | 000,000,950 | -H-- | M] () -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\i7r6xtxa.default\searchplugins\icqplugin-13.xml
[2011.04.01 09:28:54 | 000,000,950 | -H-- | M] () -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\i7r6xtxa.default\searchplugins\icqplugin-14.xml
[2010.01.29 20:16:03 | 000,000,961 | -H-- | M] () -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\i7r6xtxa.default\searchplugins\icqplugin-2.xml
[2010.02.24 19:59:33 | 000,000,950 | -H-- | M] () -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\i7r6xtxa.default\searchplugins\icqplugin-3.xml
[2010.04.07 12:45:35 | 000,000,950 | -H-- | M] () -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\i7r6xtxa.default\searchplugins\icqplugin-4.xml
[2010.06.06 12:55:32 | 000,000,950 | -H-- | M] () -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\i7r6xtxa.default\searchplugins\icqplugin-5.xml
[2010.07.06 10:14:52 | 000,000,950 | -H-- | M] () -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\i7r6xtxa.default\searchplugins\icqplugin-6.xml
[2010.08.01 14:47:19 | 000,000,950 | -H-- | M] () -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\i7r6xtxa.default\searchplugins\icqplugin-7.xml
[2010.10.05 09:30:07 | 000,000,950 | -H-- | M] () -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\i7r6xtxa.default\searchplugins\icqplugin-8.xml
[2010.10.28 16:23:31 | 000,000,950 | -H-- | M] () -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\i7r6xtxa.default\searchplugins\icqplugin-9.xml
[2010.05.12 18:40:06 | 000,001,042 | -H-- | M] () -- C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\i7r6xtxa.default\searchplugins\icqplugin.xml
[2010.06.21 20:27:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.10.27 22:49:06 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.02.02 13:28:15 | 000,000,000 | ---D | M] (Update Notifier) -- C:\Programme\Mozilla Firefox\extensions\{95f24680-9e31-11da-a746-0800200c9a66}
[2010.02.02 13:28:14 | 000,000,000 | ---D | M] (GMX Firefox Addon) -- C:\Programme\Mozilla Firefox\extensions\{C473DC2B-895F-4E11-B8BF-FF28DFD62829}
[2009.10.03 13:59:23 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009.12.02 12:48:00 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010.03.23 21:02:50 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[2010.01.14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npwachk.dll
[2011.03.16 09:11:34 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.03.16 09:11:34 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.03.16 09:11:34 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.03.16 09:11:34 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.03.16 09:11:34 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Programme\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [kmQvQcUSBfWiJhv] C:\ProgramData\kmQvQcUSBfWiJhv.exe (WinTrust)
O4 - Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img18.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img18.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{63b1e644-afb2-11de-9d56-dccde4ff10c9}\Shell\AutoRun\command - "" = rundll32.exe url,FileProtocolHandler library.htm
O33 - MountPoints2\{b31016e5-7159-11df-b5ad-406186022260}\Shell - "" = AutoRun
O33 - MountPoints2\{b31016e5-7159-11df-b5ad-406186022260}\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.04.28 14:07:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.04.28 14:07:31 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.04.28 13:41:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\WindowsSearch
[2011.04.28 13:27:18 | 000,000,000 | -H-D | C] -- C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011.04.28 13:20:47 | 000,573,440 | -H-- | C] (WinTrust) -- C:\ProgramData\kmQvQcUSBfWiJhv.exe
[2011.04.28 10:43:34 | 000,000,000 | -H-D | C] -- C:\Users\Melanie\AppData\Local\Yahoo
[2011.04.28 10:41:19 | 000,000,000 | -H-D | C] -- C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserPlus
[2011.04.28 10:41:16 | 000,000,000 | -H-D | C] -- C:\Users\Melanie\AppData\Local\Yahoo!
[2011.04.28 10:40:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\Yahoo! Companion
[2011.04.28 10:40:55 | 000,000,000 | -H-D | C] -- C:\Users\Melanie\AppData\Roaming\Yahoo!
[2011.04.28 10:40:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[2011.04.28 10:40:31 | 000,000,000 | -H-D | C] -- C:\ProgramData\Yahoo!
[2011.04.28 10:35:27 | 000,000,000 | ---D | C] -- C:\Programme\Yahoo!
[2011.04.27 11:47:58 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011.04.27 11:47:58 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011.04.26 12:00:48 | 000,000,000 | ---D | C] -- C:\Programme\Easy-Shutdown
[2011.04.26 12:00:45 | 000,000,000 | ---D | C] -- C:\Windows\uninstall
[2011.04.14 15:37:16 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.04.14 15:37:16 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.04.14 15:37:13 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011.04.14 15:37:12 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011.04.14 15:37:09 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011.04.14 15:37:06 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.04.14 15:37:05 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.14 15:37:05 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.04.14 15:37:05 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.14 15:37:05 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.14 15:37:05 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.14 15:37:05 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.04.14 15:37:05 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.14 15:37:05 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2011.04.14 15:37:05 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.14 15:36:58 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.04.14 15:36:56 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.04.14 15:36:55 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.04.28 14:25:43 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.28 14:25:43 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.28 14:25:43 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.28 14:25:42 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.28 14:18:51 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.28 14:18:51 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.28 14:18:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.28 14:18:41 | 3220,463,616 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.28 13:53:59 | 000,000,680 | -H-- | M] () -- C:\Users\Melanie\AppData\Local\d3d9caps.dat
[2011.04.28 13:27:19 | 000,000,184 | -H-- | M] () -- C:\ProgramData\~38592264
[2011.04.28 13:27:19 | 000,000,144 | -H-- | M] () -- C:\ProgramData\~38592264r
[2011.04.28 13:27:11 | 000,000,336 | -H-- | M] () -- C:\ProgramData\38592264
[2011.04.28 13:27:07 | 000,032,061 | -H-- | M] () -- C:\ProgramData\nvModes.dat
[2011.04.28 13:27:07 | 000,032,061 | -H-- | M] () -- C:\ProgramData\nvModes.001
[2011.04.28 13:20:47 | 000,573,440 | -H-- | M] (WinTrust) -- C:\ProgramData\kmQvQcUSBfWiJhv.exe
[2011.04.26 12:00:48 | 000,001,756 | -H-- | M] () -- C:\Users\Melanie\Desktop\Easy-Shutdown.lnk
[2011.04.19 17:50:33 | 000,394,400 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.04.28 13:55:15 | 3220,463,616 | -HS- | C] () -- C:\hiberfil.sys
[2011.04.28 13:27:19 | 000,000,184 | -H-- | C] () -- C:\ProgramData\~38592264
[2011.04.28 13:27:19 | 000,000,144 | -H-- | C] () -- C:\ProgramData\~38592264r
[2011.04.28 13:27:11 | 000,000,336 | -H-- | C] () -- C:\ProgramData\38592264
[2011.04.26 12:00:48 | 000,001,768 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy-Shutdown.lnk
[2011.04.26 12:00:48 | 000,001,756 | -H-- | C] () -- C:\Users\Melanie\Desktop\Easy-Shutdown.lnk
[2010.07.07 16:18:47 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.07.07 16:18:47 | 000,138,056 | -H-- | C] () -- C:\Users\Melanie\AppData\Roaming\PnkBstrK.sys
[2010.07.07 16:18:25 | 000,215,016 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010.07.07 16:18:23 | 002,427,248 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010.07.07 16:18:23 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009.10.04 15:13:34 | 000,009,216 | -H-- | C] () -- C:\Users\Melanie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.10.04 15:07:41 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.10.04 15:07:41 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.10.03 03:01:04 | 000,004,984 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2009.10.03 02:36:56 | 000,032,061 | -H-- | C] () -- C:\ProgramData\nvModes.001
[2009.10.03 02:36:55 | 000,032,061 | -H-- | C] () -- C:\ProgramData\nvModes.dat
[2009.10.03 02:22:33 | 000,000,680 | -H-- | C] () -- C:\Users\Melanie\AppData\Local\d3d9caps.dat
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.01.21 09:15:58 | 000,628,504 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,126,248 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,394,400 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
 
< End of report >
--- --- ---


wie gehts nun weiter ? CCL oder wie das heißt ist schon drüber gelaufen

Bericht nach Scan und löschen von 4 gefundenen Dateien

Zitat:
Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 6463

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

28.04.2011 14:55:16
mbam-log-2011-04-28 (14-55-16).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 147733
Laufzeit: 13 Minute(n), 23 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2

Infizierte Speicherprozesse:
c:\programdata\kmqvqcusbfwijhv.exe (Trojan.FakeAlert) -> 4000 -> Unloaded process successfully.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kmQvQcUSBfWiJhv (Trojan.FakeAlert) -> Value: kmQvQcUSBfWiJhv -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\programdata\kmqvqcusbfwijhv.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Melanie\downloads\stressreducer.exe (Joke.Stressreducer) -> Quarantined and deleted successfully.
hoppla 2x abgeschickt

cosinus 06.05.2011 11:51
Hallo und :hallo:

Bitte routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!


Danach OTL-Custom:


CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:01 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131