hallo,
hab nen virus auf meinen pc...bitte helft mir 
La_chica (41) 
|
trojanisches pferd. hilfe :(
Antworten zu trojanisches pferd. hilfe :(:
Hat dir diese Antwort geholfen?
hier der malware bericht:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6266
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019
04.04.2011 11:07:07
mbam-log-2011-04-04 (11-07-07).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 173151
Laufzeit: 5 Minute(n), 24 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 8
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
c:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> Not selected for removal.
c:\Users\Nicki\downloads\mywebface.exe (PUP.FunWebProducts) -> Not selected for removal.
Hat dir diese Antwort geholfen?
OTL logfile created on: 04.04.2011 11:14:47 - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Nicki\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
11,00 Gb Paging File | 10,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): c:\pagefile.sys 8192 8192 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 911,51 Gb Total Space | 620,94 Gb Free Space | 68,12% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 8,94 Gb Free Space | 44,69% Space Free | Partition Type: FAT32
Computer Name: NICKI-PC | User Name: Nicki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Nicki\Downloads\OTL(3).exe (OldTimer Tools)
PRC - C:\Users\Nicki\Downloads\yahoo_firefox_4.0-rc2_setup_de.exe (Mozilla)
PRC - C:\Users\Nicki\AppData\Local\Temp\7zS8F05.tmp\setup.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\ZooskMessenger\ZooskMessenger.exe ()
PRC - C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Cyberlink\Shared files\brs.exe (cyberlink)
PRC - C:\Programme\HomeCinema\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Windows\System32\PSIService.exe ()
PRC - C:\Windows\ModLEDKey.exe (Chicony)
PRC - C:\Windows\CNYHKey.exe (Chicony)
PRC - C:\Windows\PixArt\PAC7302\Monitor.exe (PixArt Imaging Incorporation)
========== Modules (SafeList) ==========
MOD - C:\Users\Nicki\Downloads\OTL(3).exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe ()
Hat dir diese Antwort geholfen?
========== Driver Services (SafeList) ==========
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAd Block (Bitte beachten: Unsere Regeln zu Werbeblockern!)er.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAd Block (Bitte beachten: Unsere Regeln zu Werbeblockern!)er.com and SUPERAntiSpyware.com)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (s1018mdm) -- C:\Windows\System32\drivers\s1018mdm.sys (MCCI Corporation)
DRV - (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s1018mgmt.sys (MCCI Corporation)
DRV - (s1018bus) Sony Ericsson Device 1018 driver (WDM) -- C:\Windows\System32\drivers\s1018bus.sys (MCCI Corporation)
DRV - (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) -- C:\Windows\System32\drivers\s1018nd5.sys (MCCI Corporation)
DRV - (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) -- C:\Windows\System32\drivers\s1018unic.sys (MCCI Corporation)
DRV - (s1018obex) -- C:\Windows\System32\drivers\s1018obex.sys (MCCI Corporation)
DRV - (s1018mdfl) -- C:\Windows\System32\drivers\s1018mdfl.sys (MCCI Corporation)
DRV - (s0017mdm) -- C:\Windows\System32\drivers\s0017mdm.sys (MCCI Corporation)
DRV - (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) -- C:\Windows\System32\drivers\s0017unic.sys (MCCI Corporation)
DRV - (s0017obex) -- C:\Windows\System32\drivers\s0017obex.sys (MCCI Corporation)
DRV - (s0017bus) Sony Ericsson Device 0017 driver (WDM) -- C:\Windows\System32\drivers\s0017bus.sys (MCCI Corporation)
DRV - (s0017mdfl) -- C:\Windows\System32\drivers\s0017mdfl.sys (MCCI Corporation)
DRV - (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0017mgmt.sys (MCCI Corporation)
DRV - (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) -- C:\Windows\System32\drivers\s0017nd5.sys (MCCI Corporation)
DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation)
DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation)
DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016obex) -- C:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation)
DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - (PAC7302) -- C:\Windows\System32\drivers\PAC7302.SYS (PixArt Imaging Inc.)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\tbFree.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 78 16 90 B3 3C 86 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\tbFree.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=18&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Fast Browser Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.de"
FF - prefs.js..extensions.enabledItems: [email protected]:3.2.5.2
FF - prefs.js..extensions.enabledItems: {6226BA26-C017-4007-928C-DE9715C6FA67}:1.0.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {7e111a5c-3d11-4f56-9463-5310c3c69025}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}:2.2.3
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.1
FF - prefs.js..keyword.URL: "http://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=18&tid={92DD173C-9CE2-7B17-952B-D325A6DB5086}&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.03.08 09:09:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\2.bin
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.08 09:55:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.08 09:55:42 | 000,000,000 | ---D | M]
Hat dir diese Antwort geholfen?
[2009.05.30 18:50:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nicki\AppData\Roaming\mozilla\Extensions
[2011.04.04 11:01:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nicki\AppData\Roaming\mozilla\Firefox\Profiles\147mpres.default\extensions
[2010.08.09 12:45:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Nicki\AppData\Roaming\mozilla\Firefox\Profiles\147mpres.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.07.23 11:40:35 | 000,000,000 | ---D | M] (Blingee Toolbar) -- C:\Users\Nicki\AppData\Roaming\mozilla\Firefox\Profiles\147mpres.default\extensions\{6226BA26-C017-4007-928C-DE9715C6FA67}
[2010.08.09 12:45:09 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Nicki\AppData\Roaming\mozilla\Firefox\Profiles\147mpres.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.08.09 12:45:09 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Nicki\AppData\Roaming\mozilla\Firefox\Profiles\147mpres.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010.12.15 22:23:49 | 000,000,000 | ---D | M] (Freeware.de Community Toolbar) -- C:\Users\Nicki\AppData\Roaming\mozilla\Firefox\Profiles\147mpres.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}
[2010.09.19 10:08:32 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Nicki\AppData\Roaming\mozilla\Firefox\Profiles\147mpres.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.07.25 09:02:45 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Nicki\AppData\Roaming\mozilla\Firefox\Profiles\147mpres.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009.08.31 01:20:30 | 000,000,000 | ---D | M] (My Tattoons (Fast Browser Search)) -- C:\Users\Nicki\AppData\Roaming\mozilla\Firefox\Profiles\147mpres.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
[2010.07.30 20:41:40 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Users\Nicki\AppData\Roaming\mozilla\Firefox\Profiles\147mpres.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2010.12.15 22:23:49 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Nicki\AppData\Roaming\mozilla\Firefox\Profiles\147mpres.default\extensions\[email protected]
[2009.07.27 20:27:47 | 000,000,681 | ---- | M] () -- C:\Users\Nicki\AppData\Roaming\Mozilla\Firefox\Profiles\147mpres.default\searchplugins\ask.xml
[2009.10.27 15:30:46 | 000,002,171 | ---- | M] () -- C:\Users\Nicki\AppData\Roaming\Mozilla\Firefox\Profiles\147mpres.default\searchplugins\bing.xml
[2009.08.31 01:20:32 | 000,005,407 | ---- | M] () -- C:\Users\Nicki\AppData\Roaming\Mozilla\Firefox\Profiles\147mpres.default\searchplugins\fast-browser-search.xml
[2011.04.01 23:43:45 | 000,000,944 | ---- | M] () -- C:\Users\Nicki\AppData\Roaming\Mozilla\Firefox\Profiles\147mpres.default\searchplugins\icqplugin.xml
[2010.01.13 19:03:55 | 000,002,149 | ---- | M] () -- C:\Users\Nicki\AppData\Roaming\Mozilla\Firefox\Profiles\147mpres.default\searchplugins\MyStart Search.xml
[2011.04.01 11:23:43 | 000,005,401 | ---- | M] () -- C:\Users\Nicki\AppData\Roaming\Mozilla\Firefox\Profiles\147mpres.default\searchplugins\searchcanvas.xml
[2009.05.30 18:50:28 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.03.08 09:09:02 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2007.12.17 19:16:14 | 000,065,536 | ---- | M] ( ) -- C:\Programme\Mozilla Firefox\plugins\npkimi.dll
[2010.09.18 11:56:19 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.09.18 11:56:19 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2009.09.01 14:48:57 | 000,003,700 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\fast.png
[2009.09.01 14:48:56 | 000,001,963 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\fast.xml
[2010.09.18 11:56:19 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.09.18 11:56:19 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.09.18 11:56:19 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.05.07 17:51:31 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\tbFree.dll (Conduit Ltd.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - File not found
O3 - HKLM\..\Toolbar: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\tbFree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Freeware.de Toolbar) - {7E111A5C-3D11-4F56-9463-5310C3C69025} - C:\Programme\Freeware.de\tbFree.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [BDRegion] C:\Programme\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ledpointer] C:\Windows\CNYHKey.exe (Chicony)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MoLed] C:\Windows\ModLEDKey.exe (Chicony)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Nicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk = C:\Programme\ZooskMessenger\ZooskMessenger.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube Download - C:\Users\Nicki\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Nicki\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Wecker-Alarm - {7B499570-29C5-4a80-9F57-94A420D140CE} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Nach Wecker für Windows exportieren - {7B499570-29C5-4a80-9F57-94A420D140CE} - Reg Error: Key error. File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Programme\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\Nicki\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Nicki\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAd Block (Bitte beachten: Unsere Regeln zu Werbeblockern!)er.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0c352697-2478-11e0-805c-0024210fa032}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\vAuoCey.exE
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Hat dir diese Antwort geholfen?
========== Files/Folders - Created Within 30 Days ==========
[2011.04.04 10:55:41 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{EB23C91B-1B3A-4D51-A3BD-75043C91BAB8}
[2011.04.03 22:55:29 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{FF51A3B0-6B47-4414-B5EB-375EFC38A3C4}
[2011.04.03 10:55:19 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{F8C223ED-D6C0-43A0-B05D-7AB79484BBD7}
[2011.04.02 22:55:08 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{09198EB4-1A13-4ED5-9739-64D3D9270EFC}
[2011.04.02 10:54:57 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{1CE90916-4C1F-497D-BDEC-22239E24F3F1}
[2011.04.01 22:54:46 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{6D987E26-76FA-4C27-B881-FEDABB551878}
[2011.03.31 22:57:32 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{A6F9849B-0F4E-4B93-BFB5-49D6931CCAFB}
[2011.03.31 10:57:21 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{EB3C5474-5CBB-425E-9099-21A3123D0C52}
[2011.03.30 22:57:10 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{3DDE7266-12C1-41FB-BB35-BBFA5A5B5366}
[2011.03.30 10:56:59 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{5C31AF50-A181-42B1-8EA6-D4164F4F7EFE}
[2011.03.29 23:17:11 | 000,000,000 | ---D | C] -- C:\Users\Nicki\Desktop\fotoshooting mit manu
[2011.03.29 22:56:48 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{28BF3106-34BC-4160-AFA1-B9902B86B06A}
[2011.03.29 10:56:38 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{1BCC9810-4A03-4A0F-B8CF-D281A9558B01}
[2011.03.28 22:56:27 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{7111A266-F2A5-4DCC-A0BD-54D56DDC2270}
[2011.03.28 10:56:04 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{27AD078A-5E7C-4D54-B009-3966A6295883}
[2011.03.27 22:55:53 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{669706E6-0ADF-4FE5-B964-A19D2D8AD843}
[2011.03.27 10:55:42 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{1770047A-B933-473A-8397-AE8263F94341}
[2011.03.26 22:55:31 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{7E4C0BE6-A52C-46BE-9B6D-9BDBE2D55D61}
[2011.03.26 10:55:20 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{CD2665D9-4F8F-4AB6-8746-77CCA9DD9D22}
[2011.03.26 00:17:48 | 000,000,000 | ---D | C] -- C:\Users\Nicki\meine frisuren
[2011.03.25 22:55:09 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{04AA661B-C926-4312-9F81-A451849C12DE}
[2011.03.25 10:54:58 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{97C0FC67-610F-411B-8816-A954916F0C72}
[2011.03.24 22:54:47 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{E2199DE1-0E2C-481D-829A-B9E5560CD62C}
[2011.03.24 10:54:25 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{542B6A59-C89E-4922-AFE6-7AB911CCE71C}
[2011.03.23 22:54:14 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{49B4E97E-1E23-40D4-BCB5-F7DC61A99A20}
[2011.03.23 16:05:01 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.03.23 16:05:01 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.03.23 10:54:03 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{2C266604-16F7-4CFD-AA1B-1442115491D5}
[2011.03.22 22:53:52 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{0E5AAF93-A3C8-4788-B41D-E5E0DFDE7312}
[2011.03.22 10:53:42 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{F6C10386-929A-4C7C-B489-E364015E66F2}
[2011.03.21 23:24:28 | 000,000,000 | ---D | C] -- C:\Users\Nicki\Desktop\countdown pics fertig
[2011.03.21 22:53:31 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{1F01764D-DAF8-41F2-A2BD-6565A906D056}
[2011.03.21 10:53:08 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{031F17D4-19F8-4A6A-80A8-36C3378A7BAB}
[2011.03.20 22:52:57 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{7ECAAE0F-594E-4C17-9112-54AE1C03B518}
[2011.03.20 10:52:34 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{C4191F26-5A78-44BB-97A8-197A93F9EB9B}
[2011.03.19 22:52:23 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{A1EC7B5F-DF57-424D-9637-8B0D61EB06FF}
[2011.03.19 08:58:47 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{F9A6BA19-B537-44CD-8E8C-AB5FD42F11DD}
[2011.03.18 20:58:36 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{36148941-FD47-416C-9F55-EDAA560D2D6B}
[2011.03.18 08:58:25 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{AA89B330-2B0E-4EB0-884F-9EC87C5B910B}
[2011.03.17 20:58:14 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{CE64E0FF-0822-445B-9D22-CAE9CC5BA4F6}
[2011.03.17 08:58:03 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{232D9A4D-ADE9-4604-AB29-7B1A481C9228}
[2011.03.16 20:57:52 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{6ACA58C4-6DAB-41DA-A96F-153504AE6BF3}
[2011.03.16 08:57:41 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{BEA43993-A868-4296-B90A-0C0AB45208B6}
[2011.03.15 20:57:20 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{AC6A55AB-0E30-4C6A-A617-5CFC151A6391}
[2011.03.15 09:04:19 | 000,000,000 | ---D | C] -- C:\Users\Nicki\Desktop\new
[2011.03.15 08:57:09 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{D9F8C031-CCB4-4941-9DF7-06B2A430BBAA}
[2011.03.14 20:56:58 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{9C376E07-9864-4AD9-87D7-5ECDDB8105CE}
[2011.03.14 08:56:47 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{A3C38E46-1672-4B67-A11C-84AA4DF7747E}
[2011.03.14 00:31:45 | 000,000,000 | ---D | C] -- C:\Users\Nicki\Desktop\entwickeln
[2011.03.13 20:56:36 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{4E88D86E-90DB-4D47-A180-C0CBA28C60D4}
[2011.03.11 08:00:08 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{B6664CB7-C108-4F6C-9FBB-6E22D4176393}
[2011.03.10 19:59:57 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{E8F740A5-BAB2-40A6-A20A-4AE47BD2AB71}
[2011.03.10 07:59:46 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{69CF451B-B78B-4D1A-B35F-712ABCB4F09E}
[2011.03.09 19:59:35 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{270AB019-4B03-4FC3-84E6-FAF909A023DE}
[2011.03.09 17:50:57 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011.03.09 17:50:56 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011.03.09 17:50:56 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011.03.09 17:50:56 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011.03.09 07:59:24 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{DBFA388A-EBDD-4DCE-86F9-B75ED55B1177}
[2011.03.08 19:59:13 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{94C5B094-2AA5-4FC3-9C5A-FD095100AA7E}
[2011.03.08 13:32:26 | 000,000,000 | ---D | C] -- C:\Users\Nicki\Desktop\countdown
[2011.03.08 07:59:02 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{5845914F-37C8-4CC2-8082-D9543C42C3CB}
[2011.03.07 19:58:51 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{4846A65C-2A33-4309-A5B2-E96111929B36}
[2011.03.07 07:58:40 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{7E17942A-6FB5-4526-9137-28C9B973387D}
[2011.03.06 19:58:30 | 000,000,000 | ---D | C] -- C:\Users\Nicki\AppData\Local\{1DAB17AD-4C4F-4DB1-88B9-14B759AA6C11}
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.04.04 11:05:58 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.04 11:05:58 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.04 11:05:58 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.04 11:05:58 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.04 11:01:47 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{79D56AA5-42EF-401D-AF9A-66E44CE88761}.job
[2011.04.04 11:00:24 | 000,000,852 | ---- | M] () -- C:\Users\Nicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk
[2011.04.04 11:00:15 | 000,000,680 | ---- | M] () -- C:\Users\Nicki\AppData\Local\d3d9caps.dat
[2011.04.04 11:00:05 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.04.04 10:59:47 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.04 10:59:42 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.04 10:59:42 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.04 10:59:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.04 10:49:24 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.03 18:22:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.03.30 01:23:17 | 000,095,744 | ---- | M] () -- C:\Users\Nicki\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.29 22:27:43 | 000,029,709 | ---- | M] () -- C:\Users\Nicki\Desktop\marienkaefermuffins-desiree.gif
[2011.03.28 22:07:57 | 000,000,000 | ---- | M] () -- C:\Users\Nicki\Desktop\Video call snapshot 5.png.part
[2011.03.28 22:07:57 | 000,000,000 | ---- | M] () -- C:\Users\Nicki\Desktop\Video call snapshot 5.png
[2011.03.28 22:07:52 | 000,000,000 | ---- | M] () -- C:\Users\Nicki\Desktop\Video call snapshot 6.png.part
[2011.03.28 10:28:39 | 000,060,797 | ---- | M] () -- C:\Users\Nicki\Desktop\23780_398282390627_774470627_4929594_5331627_n.jpg
[2011.03.25 01:57:41 | 027,838,571 | R--- | M] () -- C:\Users\Nicki\Desktop\Domian_2011-02-01.hq.mp3
[2011.03.24 14:51:27 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.03.20 20:32:00 | 000,032,768 | ---- | M] (FunWebProducts.com) -- C:\Windows\System32\f3PSSavr.scr
[2011.03.19 19:44:56 | 003,629,381 | ---- | M] () -- C:\Users\Nicki\Desktop\P1070645.JPG
[2011.03.19 19:27:44 | 002,177,081 | ---- | M] () -- C:\Users\Nicki\Desktop\P1070634.JPG
[2011.03.19 16:03:30 | 003,427,933 | ---- | M] () -- C:\Users\Nicki\Desktop\P1070633.JPG
[2011.03.19 16:02:22 | 002,816,590 | ---- | M] () -- C:\Users\Nicki\Desktop\P1070632.JPG
[2011.03.19 16:00:22 | 002,904,061 | ---- | M] () -- C:\Users\Nicki\Desktop\P1070631.JPG
[2011.03.11 01:26:11 | 001,433,728 | ---- | M] () -- C:\Users\Nicki\Desktop\YouTube - I Just Had Sex (feat. Akon).mp3
[2011.03.10 22:55:17 | 000,029,628 | ---- | M] () -- C:\Users\Nicki\Desktop\8bd43cabca932a36351925da96b29055.jpg
[2011.03.10 18:32:45 | 000,271,628 | ---- | M] () -- C:\Users\Nicki\Desktop\IMG_0059.JPG
[2011.03.10 14:42:58 | 000,025,253 | ---- | M] () -- C:\Users\Nicki\Desktop\filmrolle-3-fotos-b-228-f1.jpg
[2011.03.10 12:11:56 | 000,021,608 | ---- | M] () -- C:\Users\Nicki\Desktop\babyfotos-mainzu.jpg
[2011.03.10 12:11:49 | 000,021,608 | ---- | M] () -- C:\Users\Nicki\Desktop\babyfotos-mainz.jpg
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
Hat dir diese Antwort geholfen?
[2011.04.04 10:49:24 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.03.29 22:27:43 | 000,029,709 | ---- | C] () -- C:\Users\Nicki\Desktop\marienkaefermuffins-desiree.gif
[2011.03.28 22:07:57 | 000,000,000 | ---- | C] () -- C:\Users\Nicki\Desktop\Video call snapshot 5.png.part
[2011.03.28 22:07:57 | 000,000,000 | ---- | C] () -- C:\Users\Nicki\Desktop\Video call snapshot 5.png
[2011.03.28 22:07:52 | 000,000,000 | ---- | C] () -- C:\Users\Nicki\Desktop\Video call snapshot 6.png.part
[2011.03.28 10:28:38 | 000,060,797 | ---- | C] () -- C:\Users\Nicki\Desktop\23780_398282390627_774470627_4929594_5331627_n.jpg
[2011.03.25 07:47:44 | 000,271,628 | ---- | C] () -- C:\Users\Nicki\Desktop\IMG_0059.JPG
[2011.03.25 01:57:41 | 027,838,571 | R--- | C] () -- C:\Users\Nicki\Desktop\Domian_2011-02-01.hq.mp3
[2011.03.21 00:12:43 | 000,649,885 | ---- | C] () -- C:\Users\Nicki\Desktop\Köln 2 029.jpg
[2011.03.21 00:12:40 | 000,648,146 | ---- | C] () -- C:\Users\Nicki\Desktop\Köln 2 003.jpg
[2011.03.21 00:12:40 | 000,640,091 | ---- | C] () -- C:\Users\Nicki\Desktop\Köln 2 002.jpg
[2011.03.21 00:12:39 | 000,651,989 | ---- | C] () -- C:\Users\Nicki\Desktop\Köln 2 001.jpg
[2011.03.20 22:53:51 | 003,629,381 | ---- | C] () -- C:\Users\Nicki\Desktop\P1070645.JPG
[2011.03.20 22:53:38 | 002,816,590 | ---- | C] () -- C:\Users\Nicki\Desktop\P1070632.JPG
[2011.03.20 22:53:36 | 002,904,061 | ---- | C] () -- C:\Users\Nicki\Desktop\P1070631.JPG
[2011.03.20 22:53:28 | 002,177,081 | ---- | C] () -- C:\Users\Nicki\Desktop\P1070634.JPG
[2011.03.20 22:53:23 | 003,427,933 | ---- | C] () -- C:\Users\Nicki\Desktop\P1070633.JPG
[2011.03.11 01:26:07 | 001,433,728 | ---- | C] () -- C:\Users\Nicki\Desktop\YouTube - I Just Had Sex (feat. Akon).mp3
[2011.03.10 22:55:17 | 000,029,628 | ---- | C] () -- C:\Users\Nicki\Desktop\8bd43cabca932a36351925da96b29055.jpg
[2011.03.10 14:42:58 | 000,025,253 | ---- | C] () -- C:\Users\Nicki\Desktop\filmrolle-3-fotos-b-228-f1.jpg
[2011.03.10 12:11:56 | 000,021,608 | ---- | C] () -- C:\Users\Nicki\Desktop\babyfotos-mainzu.jpg
[2011.03.10 12:11:49 | 000,021,608 | ---- | C] () -- C:\Users\Nicki\Desktop\babyfotos-mainz.jpg
[2011.03.07 12:49:07 | 002,286,995 | ---- | C] () -- C:\Users\Nicki\Desktop\P1070316.JPG
[2011.03.07 12:49:04 | 002,420,214 | ---- | C] () -- C:\Users\Nicki\Desktop\P1070314.JPG
[2011.03.07 12:48:46 | 002,426,606 | ---- | C] () -- C:\Users\Nicki\Desktop\P1070301.JPG
[2011.03.07 12:48:45 | 002,264,054 | ---- | C] () -- C:\Users\Nicki\Desktop\P1070302.JPG
[2011.03.07 12:46:28 | 003,535,760 | ---- | C] () -- C:\Users\Nicki\P1070259.JPG
[2011.03.06 19:54:54 | 000,000,680 | ---- | C] () -- C:\Users\Nicki\AppData\Local\d3d9caps.dat
[2011.02.10 04:04:23 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010.07.27 00:03:44 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010.05.31 00:12:09 | 000,138,416 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.05.31 00:12:00 | 000,270,904 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010.05.31 00:11:54 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010.05.22 00:15:28 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010.05.07 17:31:48 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010.05.07 17:31:48 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010.05.07 17:31:48 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010.05.07 17:31:48 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010.05.07 17:31:48 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010.04.21 22:51:10 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.04.11 16:22:03 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010.04.01 09:56:37 | 000,106,436 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010.03.16 22:45:21 | 000,000,000 | ---- | C] () -- C:\Users\Nicki\AppData\Roaming\wklnhst.dat
[2010.03.15 20:12:07 | 000,004,544 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2010.03.15 20:12:07 | 000,000,008 | RHS- | C] () -- C:\Windows\System32\58B397C290.sys
[2010.01.31 00:54:32 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010.01.08 18:43:14 | 000,146,432 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2010.01.08 18:43:14 | 000,072,704 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2010.01.04 01:20:51 | 000,000,769 | ---- | C] () -- C:\Windows\System32\Remover.ini
[2010.01.04 01:20:47 | 000,000,566 | ---- | C] () -- C:\Windows\System32\SP7302.ini
[2009.06.11 20:37:27 | 000,095,744 | ---- | C] () -- C:\Users\Nicki\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.05.30 19:16:38 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.05.30 19:16:37 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.05.28 21:01:47 | 000,049,152 | ---- | C] () -- C:\Windows\CNYUSB.dll
[2009.05.28 21:01:47 | 000,005,120 | ---- | C] () -- C:\Windows\HKCYDLL.dll
[2009.05.28 21:01:47 | 000,000,360 | ---- | C] () -- C:\Windows\CNYHKey.ini
[2009.04.02 15:28:23 | 000,000,030 | R--- | C] () -- C:\Windows\System32\drivers\version.dat
[2009.03.26 02:13:21 | 000,628,504 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.03.26 02:13:21 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.03.26 02:13:21 | 000,126,248 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.03.26 02:13:21 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.03.25 18:07:08 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.06.05 13:20:32 | 000,177,704 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,327,376 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== LOP Check ==========
[2010.12.15 22:18:42 | 000,000,000 | ---D | M] -- C:\Users\Nicki\AppData\Roaming\Ashampoo Cover Studio 2
[2010.03.03 23:03:38 | 000,000,000 | ---D | M] -- C:\Users\Nicki\AppData\Roaming\com.deepblue.vf360facebookconnect.7BF95FD95635E7CB2A0C1D1B78D6360D007A443E.1
[2011.02.26 00:50:34 | 000,000,000 | ---D | M] -- C:\Users\Nicki\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
[2010.07.30 20:45:39 | 000,000,000 | ---D | M] -- C:\Users\Nicki\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.06.07 14:49:46 | 000,000,000 | ---D | M] -- C:\Users\Nicki\AppData\Roaming\Facebook
[2010.12.15 22:23:58 | 000,000,000 | ---D | M] -- C:\Users\Nicki\AppData\Roaming\GetRightToGo
[2010.06.07 23:17:56 | 000,000,000 | ---D | M] -- C:\Users\Nicki\AppData\Roaming\ICQ
[2010.07.23 11:38:45 | 000,000,000 | ---D | M] -- C:\Users\Nicki\AppData\Roaming\IN-MEDIAKG
[2011.01.24 12:42:46 | 000,000,000 | ---D | M] -- C:\Users\Nicki\AppData\Roaming\LolClient
[2010.07.24 11:57:29 | 000,000,000 | ---D | M] -- C:\Users\Nicki\AppData\Roaming\mresreg
[2010.05.10 12:51:41 | 000,000,000 | ---D | M] -- C:\Users\Nicki\AppData\Roaming\Online Solutions
[2010.05.19 13:53:02 | 000,000,000 | ---D | M] -- C:\Users\Nicki\AppData\Roaming\SecondLife
[2010.05.22 00:15:36 | 000,000,000 | ---D | M] -- C:\Users\Nicki\AppData\Roaming\Silverback Productions
[2010.07.27 12:09:48 | 000,000,000 | ---D | M] -- C:\Users\Nicki\AppData\Roaming\Sony
[2010.05.19 03:11:25 | 000,000,000 | ---D | M] -- C:\Users\Nicki\AppData\Roaming\SumatraPDF
[2011.02.08 20:52:49 | 000,000,000 | ---D | M] -- C:\Users\Nicki\AppData\Roaming\Trillian
[2010.12.13 17:16:44 | 000,000,000 | ---D | M] -- C:\Users\Nicki\AppData\Roaming\TuneUp Software
[2011.02.08 20:52:42 | 000,000,000 | ---D | M] -- C:\Users\Nicki\AppData\Roaming\TuneUpMedia
[2009.10.06 22:27:40 | 000,000,000 | ---D | M] -- C:\Users\Nicki\AppData\Roaming\Windows Live Writer
[2011.04.04 10:57:18 | 000,032,510 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.04.04 11:01:47 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{79D56AA5-42EF-401D-AF9A-66E44CE88761}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:DFC5A2B2
< End of report >
Hat dir diese Antwort geholfen?
hier OTL EXTRA
OTL Extras logfile created on: 04.04.2011 11:14:47 - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Nicki\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
11,00 Gb Paging File | 10,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): c:\pagefile.sys 8192 8192 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 911,51 Gb Total Space | 620,94 Gb Free Space | 68,12% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 8,94 Gb Free Space | 44,69% Space Free | Partition Type: FAT32
Computer Name: NICKI-PC | User Name: Nicki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MI1933~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
Hat dir diese Antwort geholfen?
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0368209A-4EE7-496D-8A91-EE8748802534}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{0B4977B6-7973-4DE6-8234-B46A20AB7EBF}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{11CA77E7-F1FD-40C5-A32F-582FA4559D2A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{18A0DE4C-5881-4499-B025-16C71FAB412F}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{2035D12A-EC8B-4DAC-BD35-B2523A6176E2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{54DE8893-818D-440B-9340-E75791CA40D3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{65DBA05A-C14E-457C-930F-EA877D05A607}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6C665A3C-4F1A-428F-8604-722B8F66DE39}" = lport=445 | protocol=6 | dir=in | app=system |
"{73FB5879-D59C-43C7-B5BD-DF8D0408D135}" = rport=138 | protocol=17 | dir=out | app=system |
"{7769D438-BE53-49CF-8E7C-78227EC66F18}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{78A29DFB-E7DB-4BCC-B401-E2196F42F1BB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{82F9BAF2-8D04-43E5-AC79-CB40B1635D6A}" = rport=137 | protocol=17 | dir=out | app=system |
"{8D183FAE-D1DB-4E14-BC34-B3749F4CAB1E}" = rport=139 | protocol=6 | dir=out | app=system |
"{9E8A6C3E-91CE-4835-BAB2-3E8E63C5B2B3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B615C5B0-5EB7-440C-A35D-320BE195B4CE}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{BDFFCB93-FBD9-4865-9E96-F1D25842CCB0}" = lport=137 | protocol=17 | dir=in | app=system |
"{C534EE18-BB21-46B3-8E74-1C7669E1B635}" = lport=138 | protocol=17 | dir=in | app=system |
"{C5560E34-E99B-456F-950B-2FA708F10642}" = lport=139 | protocol=6 | dir=in | app=system |
"{CBC4E875-E3F0-4B2A-922C-EBB084ACBB96}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D365F771-8669-4129-8040-F0AD80AF194C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{DBD6F02B-B8C0-4F9B-9944-DCAA96D8ABE9}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E9075C32-8093-442D-97DA-B6838E210F5A}" = rport=445 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00ECB269-D368-445B-A5E3-CC07ECCA705E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{00F894F9-A592-4158-AFF1-53E7040FE3A2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{01289BDB-3E16-4B9E-BDF9-23ADB6C9B755}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{01C7E48C-27DA-4382-B0DE-792A190A1812}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{01EF486C-0C6B-4FD4-A583-4831337B18EF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{020404F4-57D1-471D-A28E-3AFFB599EB2C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{02B1A3A3-E6F9-4601-A3B3-B8CEE05BE901}" = dir=in | app=c:\program files\homecinema\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{0404F0BD-D88A-4770-9D8F-63C6FE2DD814}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0607A534-DB3B-437C-9B5D-01679F412CD1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{08597C1D-44A4-47ED-A9A4-046270B96F05}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{08936A35-3659-4E2C-93FA-BBEDC75CB45A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{08D501EA-4811-4704-9036-F14E75E50BBE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{09D0C21E-21E7-44E3-8581-2734DF05A2C8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{09FCB5F8-6455-40A8-9D68-27F2878584EF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0A30747B-62A6-4228-B8C1-F8CAB409DB50}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0D7C462E-3F23-45DC-A688-9393140786C7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F0951DC-EF95-407D-BA2C-8F300232237D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F7A39B8-D926-44DC-8EEB-DB5B4521485C}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{12DAA664-4E4F-40D6-AB57-7F63AA190882}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1408F6E5-9B40-4487-980D-2A1CC326FABC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{197E23C6-013E-4F40-A56A-E5684954C6C6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1A8B5E0E-AAEC-4DFF-AAE2-4931474C7BD3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1B93DF3D-A46B-4045-936D-8B424755DB3D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1CCE51CA-C3F2-4FB3-B08B-1A93750B3A18}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1EB804D1-EB32-4D11-9B9F-53EA83FC0043}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{1F40FE0B-B034-4A3D-AC32-F08B3AD454DF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{21107B00-71D6-4B20-AEBD-2F4D79D23781}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2143606C-D90D-4E6A-9FFA-64AFCFFC0D20}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{2374264F-52C7-4F9C-8A29-001266C0A57A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{245EBC0E-0E1F-450A-AE76-EF4882A67523}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24F1D9C4-A236-4B3B-A6F2-35FD2359F114}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2740E810-7446-4CF2-99AA-4BB76BB7D7EA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{294D6CA5-11CB-4B9D-A0DE-23365F30962D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
Hat dir diese Antwort geholfen?
"{29C37D00-9AC7-4727-9916-5A1094CBF857}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2A3A0B53-DEB4-4E29-BD1E-8C4E87825582}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2E8B1E28-C45D-4587-91FA-D48CCB81C77F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{31249CDE-3451-490B-A28F-C73794590BF5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{31477827-5A34-4E54-894F-5BE0BDFA835F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{32732D73-9520-4CF1-A6A8-6AECFF7FE0E7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{37BFDD44-8BE9-4A55-873B-456945683404}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{38C3B57E-6A8F-4EB1-A260-8FE0D52403C1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3AA30286-C21C-4FD6-AD00-C18253A9F832}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3C3ACA75-008C-4000-B9D9-0FE0C7C78116}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3F2569A6-DC0E-4D47-8D73-9C8EF5869AAE}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{41993667-1BBC-46BA-9614-8F2A3ADC9D27}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4267B70D-08EA-463E-913F-4FC9E1D7D066}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{42E61098-C987-4275-9047-A0132F0F6CFB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{43FA492D-AAB4-4FD7-B560-691DF93BD236}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{44CD4E0E-66DC-40F7-B4A4-9795458D6B52}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{46DE8857-AE5F-4AE7-9FA7-E8BF30942E71}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{470AF460-A684-4DA2-BBE6-E579CD4F692B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{48382D1D-CBBD-4141-B56E-820725487250}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4974A401-2913-4506-A192-C6AD02CF9B54}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4B44834B-C7DC-455A-81C4-6EA00728AAD8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4BAAC89C-D189-4369-B8B2-529FF766118B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4D26C4C5-7A38-43B2-9F4D-F7B810F4DAE0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4EA4322E-ED16-463E-8120-7FC7E254E289}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4FAB9545-9CBF-426C-877A-B0B4E79B3A35}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{506123B5-F5F8-4D45-93D3-3B0D1DD2D5F1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{53CC1E4C-C15B-45F5-BB5D-F874CA3D87B1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{556FB2A2-A89E-47C9-85C7-5B10668520ED}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{559B1A48-A006-4D24-81B0-CC42C61E8CE7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{575D829E-0E94-48B0-A994-60E734683262}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{5849CC1F-213E-43EE-9322-B530188FD4EC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5C5D76A8-3840-4349-97B5-C5C189D9C722}" = dir=in | app=c:\program files\homecinema\powerdvd9\powerdvd9.exe |
"{5C85C9D2-A332-419C-8A59-305AEF4CDFC1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5CA9A759-0F22-4933-BC91-9EB09CBAB78E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{617BBCF8-42EF-4694-97C3-A4CCFB4FEF43}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{68C617BD-00F6-4875-94CB-E9F9E583ED48}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{68EC80A1-3737-457B-BE69-D79C97BB32FE}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{6B756CB8-3986-4B2F-A922-7A9A7F1BB551}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{6E0C197E-BD83-4B27-B8CD-B4AE2953B9A0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6E202D99-D8A2-4011-81ED-1D6621085165}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6E2AA1D7-3E19-463F-9377-7B8AC994740A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{70F80E6B-46D2-4B62-9B2A-379E19EE5E85}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{718B7729-DAC7-471F-AAC1-457F1D4BD7F2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
Hat dir diese Antwort geholfen?
"{732A947F-8C31-43EC-A618-B1CC48FB597F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7333C151-3FA5-4EE8-9A02-7777960945DA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7387EEE8-FE32-4D7F-8A16-248E48646948}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{74F315F5-C9E5-4578-BDE7-C640392593B6}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{75CC39E5-2158-449A-944C-036F0F3775A5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{77C14804-4AE8-4823-A9A4-96132BF87486}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{78428EE6-FB41-4816-8A66-8D97B18AF5C2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{78C78FBF-DF77-4616-A6B7-3A26C960752E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7D1D5622-7BE4-47A9-8B48-C440132927B1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7D240735-09F6-43E6-93CA-689316CB540D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7D535975-4A2D-4879-9ECC-0A331723F750}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7E1AD236-5593-4F4C-99B5-F58A1B40597F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7E7F529C-E564-4F62-AA95-6077EF5F77D0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{801BCAA7-1150-439E-9E0A-D0E196309A73}" = protocol=58 | dir=out | [email protected],-28546 |
"{81900108-40B1-49E2-B14C-CBCFFF73D993}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{81C1B4C3-287C-42D1-938D-72CAA4B25466}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{839109FB-17CE-45EC-BD5E-FBCFF4E98B02}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{83D456C5-2AD4-4228-88FE-3910F8367AC7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{881D8BBF-E1FA-4936-BE7D-2B6C914CFB8C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8824141D-5B1F-435F-A123-864114A71CFF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{88F0FA59-6310-4FEB-9218-70536294E0BE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8AFDE7B3-BF11-4313-B981-CAED191A342D}" = protocol=1 | dir=in | [email protected],-28543 |
"{8BC9053F-CA86-44BF-BC3D-DCB318013F6F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8C222823-BCF5-46DF-81CF-42DAA0770601}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9015E627-7F6B-488E-9B3A-34ED408F9714}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{91432D9B-81B7-4BAC-8685-8BB3B21FC712}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{91E41175-68DC-43F7-946F-A9A4959D65A2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{92E31A09-76C4-4BDE-A7E8-B3F7F3D4DB5C}" = protocol=58 | dir=in | [email protected],-28545 |
"{93A0D723-BE1C-44DE-87ED-4782BD470406}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9430D654-E610-4F8D-ABFE-EB5831AE3F48}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{95977AA3-80DB-4AEF-BAE6-96C7FDD49F89}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{974F8A4D-5997-40D1-AFD4-22CBF1831646}" = protocol=1 | dir=out | [email protected],-28544 |
"{97C53395-38A2-4974-82ED-41732FE363FA}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{99D4E21B-5047-448B-9D41-5B55299E6A68}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9B850A12-7AC6-40C7-85FA-6A729AC995EF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9CF7AB0D-B2BE-4DBF-BBED-6989980323C5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9EF05520-E8FE-4522-A530-A84AC1D77184}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{9FB70E68-9F42-455F-9F5C-3C4C91FEA54D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A0C1590B-F32A-4CF5-8087-BB044EDE6FFB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A1CD56EE-77CD-4492-904F-2DCFE8D38695}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A24004F0-77D9-400D-8BEA-56D89CE9A615}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A2400C69-8997-46FF-8FC2-839D83145D83}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A2825F00-C488-4388-949D-8C046B1C12B8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A2E56C0A-8E39-4FB2-A1E8-359EFB1E3D11}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A44B8543-B889-40FC-A35D-4275C25105E4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A5375D6A-7E60-4EC5-9C42-4A1010A85087}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{A6E602C3-D174-45CC-ADD1-95BA83123875}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{A92F19B4-6526-47C5-98C3-4505ACA90553}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AB79EAF9-4294-4CC8-A3A9-73488410A9AE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AC4BAD45-524C-4F0F-82A4-B58DB259246B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AC941240-2276-4BFD-83A1-21F132025F24}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AD9B83E3-F1C0-4CDF-B193-5E4DD9F0E0EB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ADA10E02-FA60-45D8-923E-314A2EDFC246}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B0B9294A-26D9-46A1-9556-5A3DD4CDD5DD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B150655A-EF5A-475E-84AA-160662D0CBF7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B2F206B9-1E92-4D9A-8A1B-36FBD2DF6173}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B327F016-5FE9-41F5-9900-1B8732A31416}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B51C8116-62C1-4E20-89BF-568F6DD9C216}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{B62124BA-5098-4B64-B017-3A46F0BCF510}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B6C9686E-796D-45B1-810C-CE4E1D2859CE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B85BABC0-6BB4-4E12-851F-82045D09B4F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B8DF3CCB-6ECC-4A9C-8381-70BE826DC054}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BAE378E0-30DF-4A5E-BB54-F3D3D4D9EC17}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB35F578-E70D-4E71-8C3F-59099AA89CCB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BBD19D14-31C2-4E0B-985A-7768A44ABFDA}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{BD961572-7B02-4E8B-8919-3EE4D009960B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BF0D81E1-7F1A-47CD-A6AA-9DE7E2A758A7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C177AEBE-A1AB-4D77-A097-2A7CA2B1CE9E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C2F68B68-19D7-44C1-AF99-289FE83690C7}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{C546BE55-7444-4DB4-864E-F053CC4F2C49}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C571488A-8123-448C-B46E-9BD56006375E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C6E5D345-E972-4463-B2E9-BEDF72880843}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C6EB1591-5865-4589-89C2-E3915E42F284}" = dir=in | app=c:\program files\homecinema\powerdirector\pdr.exe |
"{C72AFB99-C889-48B4-83A4-F35EFB69120D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C7EE5924-21B5-4E57-983E-6FE872C848A9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C9505410-A84D-4A9E-827F-DAE8C9282401}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CA4AB234-E3D4-4DFC-BAE5-9947C5CDF16F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CA51E275-3ADD-4049-815A-C63514E248A3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CA87861F-7649-49D5-818B-D860342E4AD0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CAC1A2DB-443E-4BB2-9FC9-A7E99052CE13}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{CB3F60F7-1E3A-4C65-B5FE-81B3D5666D7A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CB823A10-1DE5-4B8C-8937-631630A5000E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CD853B19-F46F-46D4-94CE-AF741C0382DC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D0E51232-229A-4C33-BC48-546F9AE62462}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D29C9471-8FF2-49EF-A67A-E8D876927603}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D6315C77-D40A-4C36-9E7D-51CC6E21E49C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D7458E72-8734-45B8-AA42-5972DFB985B8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D98EC40E-018A-4628-86E4-13B34FB2BF55}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DAE1DBFC-C570-4552-9A07-7271EAA4B9EF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DCF9FA84-DA54-4EC4-BBF9-2BA81189B8EF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DE6BA96D-2D3E-4F49-B5D2-D4631713EE05}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{E1FB0B7A-9C9A-4719-912A-F05554FFCEB2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E43F8818-C34C-44CB-B93A-8B809D3E57A8}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{EAD0695D-0090-4D0B-A64A-77B905B49D73}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EDDC5FEF-9C3F-46CA-9189-5B05EE935080}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EE1DB990-200C-4446-BCF6-F266C1FC9182}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{EEE77F78-1376-40D9-8A01-26CB37EF6DE8}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{F0986952-7E98-41A3-8316-8E038BD83704}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F14E47E2-9C7B-44A5-9065-9F51396E5DD9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F231DFE8-06F9-4863-A034-65D8FD71FE76}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F255612F-1AEE-4376-8020-C2EA57C383D6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F2CE4F20-6583-40CD-83B0-DCA618C6A702}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F2E5F402-7459-4C20-9B2E-97CF508BC0AD}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{F5BE031D-EB9C-4E76-B787-DCC1125F4825}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F60AC12C-D5B9-465B-B58A-03F24F57FFCE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F65D2206-484A-425B-B9D4-4C65689AFECE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F6DE6091-25CB-4946-B3E3-4430E071A22B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F9E498BE-1A61-4526-9AF5-D47EB9A30671}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB83107F-EDC2-423B-A4B6-7B3EAC2F4ADA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FC84C10E-EA7A-4C1A-B255-F22F6C717380}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FCF2AEE3-679B-42F1-912E-DDECB51D7A26}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FE184F53-11FC-4041-9714-A63EC1E31131}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FEAF40D0-41C8-47FE-821A-B977FBCDA9D7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FEF3C95D-8875-4139-9642-417A5C36D4CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{17189F74-CC7C-473D-984C-351D89F7FA8E}C:\riot games\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"TCP Query User{1D22E267-D04F-47C2-A480-FFEAAF938984}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{1D9956B5-BA69-498F-A981-AE32AC3A094C}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{81DC39DB-9980-4591-A97A-E1D3859A3DBE}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{93799BBA-4A78-41B0-8CE8-CF84F8B1235D}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{CDD237E4-71BB-4773-AC6E-17221BC2B57C}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{DE4CA5AF-3D05-4D2A-88CC-CF326E2E2544}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{FEC615A3-00A5-4A75-A35D-A7A33CE6F226}C:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{1FC5D832-680D-458B-A0A1-758BD0553F41}C:\riot games\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"UDP Query User{29096CBD-7A4A-4FDF-9CF2-4B950E5ED7CB}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{2C106A50-474A-4C67-9B7A-005DBDE23F89}C:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{2ED8FDAB-AD71-4B6B-864A-A32C5B33FB10}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{35A21830-437E-47A7-8D5F-B2206A39DC6B}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{8653AACB-F8A9-4B0F-B2EA-49405B0FC844}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{C4468B71-2A1F-4BEA-9CDD-7238EE3FE4AC}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{CE5A4F00-5287-4648-9765-0282DDF368DA}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
Hat dir diese Antwort geholfen?
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{084F0F60-DA25-4A86-A954-1BE5FE19E495}" = TSR Launcher
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2B4E24A0-A06F-488D-87D8-16738E5E1104}" = Windows Live Family Safety
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{4A9849CA-E11C-4F24-8BB1-97C717A1C898}" = LightScribe System Software
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{691E3DA6-8AB9-BD12-78D4-8B18E774E6E5}" = Zoosk Messenger
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.1
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7AFDF9AE-66B2-4A1F-8249-32EF14B97150}" = ArcSoft PhotoImpression 5
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A062A15F-9CAC-4B88-98DF-87628A0BD721}" = Corel MediaOne
"{A1DD0268-4069-4D39-B6D2-E00DB50CA9C4}" = League of Legends
"{A334F1BA-0A1D-4ED6-B4F9-4066157CA15D}" = DE
"{A59AB961-BE82-41E0-B0FB-648DFA6DDEA4}" = IC 445C Webcam
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B67DE614-BDB8-4CB1-B3C3-8BD5EED1FDE1}" = System Requirements Lab CYRI
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EDC66A92-4603-4D72-B28C-570075B55DF0}" = USB Wireless Keyboard Driver
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"AC3Filter" = AC3Filter (remove only)
"AC3Filter_is1" = AC3Filter 1.63b
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"CoC" = Call of Combat
"com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1" = Zoosk Messenger
"conduitEngine" = Conduit Engine
"Defraggler" = Defraggler
"DivX Setup.divx.com" = DivX-Setup
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"EADM" = EA Download Manager
"FotoWorks XL_is1" = FotoWorks XL
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube Download_is1" = Free YouTube Download 2.8
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.7
"Freeware.de Toolbar" = Freeware.de Toolbar
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Imikimi Plugin" = Imikimi Plugin
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Picasa2" = Picasa 2
"RealPlayer 12.0" = RealPlayer
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"SumatraPDF" = SumatraPDF
"Tales of Monkey Island" = Tales of Monkey Island
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"TuneUpMedia" = TuneUp Companion 1.9.0
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 0.9.9
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wondershare Photo Collage Studio_is1" = Wondershare Photo Collage Studio 4.2.9.2
"Yahoo! Messenger" = Yahoo! Messenger
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
@La Chica: Poste bitte alle malwarebytes Log die im Reiter Logdateien sichtbar sind.
Die OTL-Logs bitte alle zusammen in eine Datei zippen, dort hochladen => http://www.file-upload.net
Und hier verlinken.
Hat dir diese Antwort geholfen?
also hier mal der link von otl:
http://www.file-upload.net/download-3335377/OTL.zip.html
was genau bedeutet daten sichern? was wird dann gesichert? hab ich noch nie gemachht...
dh mir bleibt nichts anderes übrig als meinen kompletten pc zu formatieren und neu installieren???
oh nein
tune up hab ich gleich vorab mal gelöscht. danke für den tip 
welches programm ist denn empfehlenswert wenn tuneup so schlecht ist?
Hat dir diese Antwort geholfen?
hier von malware:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4052
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904
04.05.2010 19:28:43
mbam-log-2010-05-04 (19-28-43).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 118561
Laufzeit: 5 Minute(n), 50 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
--> in meiner quarantäne sind 274 böse dateien!!!!!!!
ohgott
Zitat
was genau bedeutet daten sichern? was wird dann gesichert? hab ich noch nie gemachht...
dh mir bleibt nichts anderes übrig als meinen kompletten pc zu formatieren und neu installieren???
Vergiss den Kommentar von q1, der lässt bei jedem shice formatieren
Hast du noch weitere Logs von Malwarebytes? Bitte alle Logs posten!
Und mach bitte einen Vollscna, VORHER über den Updatebutton die Signaturen von Malwarebytes updaten!
hab jetzt nochmal nen vollscan gemacht mit malware
hier der bericht:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6268
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019
04.04.2011 21:18:37
mbam-log-2011-04-04 (21-18-37).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 366646
Laufzeit: 1 Stunde(n), 46 Minute(n), 11 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 6
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
c:\program files\windows live\messenger\msimg32.dll (PUP.FunWebProducts) -> Not selected for removal.
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
c:\program files\windows live\messenger\msimg32.dll (PUP.FunWebProducts) -> Not selected for removal.
c:\program files\windows live\messenger\riched20.dll (PUP.FunWebProducts) -> Not selected for removal.
c:\program files\homecinema\mediashow4\subsys\BigBang\Runtime\muitransfer\muitransfer.dll (Trojan.Hiloti.Gen) -> Quarantined and deleted successfully.
c:\Users\Nicki\AppData\LocalLow\mywebsearch\bar\setups\mwsautSp.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Users\Nicki\downloads\mywebface.exe (PUP.FunWebProducts) -> Not selected for removal.
c:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> Not selected for removal.
und die logdaten:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4052
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904
04.05.2010 19:14:57
mbam-log-2010-05-04 (19-14-57).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 118606
Laufzeit: 10 Minute(n), 49 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 5
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 3
Infizierte Verzeichnisse: 0
Infizierte Dateien: 8
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\canaveral (Trojan.Downloader) -> Quarantined and deleted successfully.
Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Downloader) -> Data: c:\windows\system32\sdra64.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Downloader) -> Data: system32\sdra64.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\Windows\system32\userinit.exe,C:\Windows\system32\sdra64.exe,) Good: (Userinit.exe) -> Quarantined and deleted successfully.
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\Windows\System32\sdra64.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Nicki\AppData\Local\Temp\khvcol.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Nicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk (Rogue.AntiMalwareDoctor) -> Quarantined and deleted successfully.
C:\Users\Nicki\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\Users\Nicki\Desktop\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\Users\Nicki\AppData\Roaming\Microsoft\Windows\Start Menu\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
Kennst du das Teil und brauchst es unbedingt? => ZooskMessenger
Deinstalliere bitte auch alle Toolbars und TuneUp, das ist kontraproduktiver Unsinn!
Mach danach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)
Code: [Auswählen]
:OTL
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0c352697-2478-11e0-805c-0024210fa032}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\vAuoCey.exE
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:DFC5A2B2
:Commands
[purity]
[resethosts]
[emptytemp]Klick dann oben links auf den Button Fix!Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
| « Angriffe-auf-deutsche-mTAN-Banking-User | Windows XP: Panik: Avira hat 588 versteckte Dateien gefunden » | ||
Schnelle Hilfe: Hier nach ähnlichen Fragen und passenden Tipps suchen!
| Mehr Themen zu "trojanisches pferd hilfe"
