Windows Vista: Könnte mal jemand meinen HijackThis Log überprüfen? (Seite 2 von 3)

sgalex77
Gast

Re: Windows Vista: Könnte mal jemand meinen HijackThis Log überprüfen?

« Antwort #15 am: 01.12.11, 18:34:43 »

Soll ich es in kleinen Stücken posten?

Moderator informieren

HCK
Gast

Re: Windows Vista: Könnte mal jemand meinen HijackThis Log überprüfen?

« Antwort #16 am: 01.12.11, 18:42:33 »

NEIN ... in großen

Dann abwarten ... da muss dann cosinus ran .

Moderator informieren

sgalex77
Gast

Re: Windows Vista: Könnte mal jemand meinen HijackThis Log überprüfen?

« Antwort #17 am: 01.12.11, 18:45:14 »

also so groß wie möglich??

Moderator informieren

A K (15.095)
Special-Member

1111x Beste Antwort

2912x "Danke"

Re: Windows Vista: Könnte mal jemand meinen HijackThis Log überprüfen?

« Antwort #18 am: 01.12.11, 19:05:59 »

Hat dir diese Antwort geholfen?

@Ava-Tar

habe Cosinus schon einen Auftrag erteilt....

Moderator informieren

HCK
Gast

Re: Windows Vista: Könnte mal jemand meinen HijackThis Log überprüfen?

« Antwort #19 am: 01.12.11, 19:19:24 »

Zitat von: sgalex77 am 01.12.11, 18:45:14

also so groß wie möglich??

JA , oder ins Netz hochladen und LINK hier angeben .

auch möglich :
Per Snipping-Tool Teile ausschneiden und als .JPG speichern .
Dann hier anhängen als Bild .
Dann kann man damit aber nicht weiterarbeiten ....

« Letzte Änderung: 01.12.11, 19:22:27 von Ava-Tar »

Moderator informieren

sgalex77
Gast

Re: Windows Vista: Könnte mal jemand meinen HijackThis Log überprüfen?

« Antwort #20 am: 01.12.11, 19:39:45 »

OTL logfile created on: 01.12.2011 18:03:53 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\...\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,99 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 61,85% Memory free
3,87 Gb Paging File | 2,75 Gb Available in Paging File | 71,02% Paging File free
Paging file location(s): c:\pagefile.sys 1000 1500 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 263,09 Gb Free Space | 57,70% Space Free | Partition Type: NTFS
Drive D: | 770,19 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: ...-PC | User Name: ... | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.12.01 18:03:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\...\Desktop\OTL.exe
PRC - [2011.11.15 14:29:26 | 000,896,352 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2011.11.15 14:22:52 | 000,746,392 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2011.11.08 18:00:47 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.10.19 16:56:15 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.19 16:56:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.19 16:55:48 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.19 16:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.10.15 09:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011.10.15 09:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011.09.07 11:32:36 | 027,473,760 | ---- | M] (SlimWare Utilities, Inc.) -- C:\Program Files\SlimDrivers\SlimDrivers.exe
PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.08.17 08:29:20 | 004,527,424 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Pro\DTAgent.exe
PRC - [2011.08.17 08:28:14 | 003,120,448 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2010.01.15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.09.02 08:41:24 | 001,466,476 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
PRC - [2009.09.02 08:41:06 | 000,102,503 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
PRC - [2009.06.23 16:19:14 | 000,711,200 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe
PRC - [2009.06.23 16:19:14 | 000,707,104 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe
PRC - [2009.06.23 16:19:12 | 000,453,152 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerEvent.exe
PRC - [2009.05.26 14:26:20 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.02.19 04:42:50 | 000,866,824 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2006.05.24 07:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) -- C:\Windows\System32\StkASv2K.exe

========== Modules (No Company Name) ==========

MOD - [2011.11.08 18:00:47 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2010.12.04 15:05:45 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll
MOD - [2009.08.16 16:06:02 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2003.06.07 22:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (ioloSystemService)
SRV - File not found [Auto | Stopped] -- -- (ioloFileInfoList)
SRV - [2011.11.18 12:42:56 | 003,313,752 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_d768ebc.dll -- (Akamai)
SRV - [2011.11.15 14:22:52 | 000,746,392 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2011.10.19 16:56:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.19 16:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.09.18 12:21:48 | 000,316,816 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\Windows\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.01.18 23:39:00 | 003,885,424 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010.02.06 11:37:52 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)
SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.09.23 15:37:30 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009.09.02 08:41:24 | 001,466,476 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2009.09.02 08:41:06 | 000,102,503 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS)
SRV - [2009.06.23 16:19:14 | 000,707,104 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009.05.26 14:26:20 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009.03.25 18:52:50 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.02.03 11:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007.01.24 12:21:24 | 000,375,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.01.24 12:21:14 | 000,177,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006.05.24 07:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) [Auto | Running] -- C:\Windows\System32\StkASv2K.exe -- (StkASSrv)

Moderator informieren

sgalex77
Gast

Re: Windows Vista: Könnte mal jemand meinen HijackThis Log überprüfen?

« Antwort #21 am: 01.12.11, 19:40:09 »

========== Driver Services (SafeList) ==========

DRV - [2011.12.01 17:53:16 | 000,012,984 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2011.11.17 14:58:15 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011.11.17 14:55:22 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.10.19 16:56:15 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.19 16:56:15 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.19 16:56:15 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.10.15 09:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.09.18 12:21:51 | 003,033,712 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\System32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.07.08 00:21:28 | 000,139,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.01.27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2009.10.10 13:40:30 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.10.10 13:40:29 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.07.08 09:17:36 | 000,039,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2009.06.17 13:02:46 | 000,029,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2009.06.17 13:02:40 | 000,017,928 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2009.06.17 13:01:42 | 000,025,480 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2009.06.17 13:01:36 | 000,020,744 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2009.06.17 13:01:10 | 000,032,392 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VCommMgr.sys -- (VcommMgr)
DRV - [2009.06.17 13:01:04 | 000,014,856 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
DRV - [2009.04.11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.03.17 19:28:50 | 000,452,096 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2009.01.19 19:31:56 | 000,277,544 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2008.12.29 18:51:14 | 003,715,072 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.12.09 09:59:30 | 000,020,392 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElRawDsk.sys -- (ElRawDisk)
DRV - [2008.09.03 20:12:56 | 000,223,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink (TM)
DRV - [2006.09.27 04:01:36 | 000,241,628 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StkAMini.sys -- (StkAMini)
DRV - [2006.08.02 07:44:04 | 000,004,772 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StkScan.sys -- (StkScan)
DRV - [2005.08.10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.05.16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0809&m=easynote_tj65
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0809&m=easynote_tj65
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0809&m=easynote_tj65
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = ${URL_SEARCHPAGE}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://start.facemoods.com/?a=ddrnw [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://de.ask.com/?l=dis&o=14200
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.8\iobitToolbarIE.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "InnoGames Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2682599&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.de/ig"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: [email protected]:5.0.67.0
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.1.1
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.3.5.20110120033202
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {a6fd85ed-e919-4a43-a5af-8da18bda539f}:1.0.10
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:3.3.2.1
FF - prefs.js..extensions.enabledItems: {d2f11d8b-3eb5-4b42-9511-370dbec707fb}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {f999a48b-1950-4d81-9971-79018f807b4b}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {df902f29-c93b-4b6a-88e1-5bc2f17cb637}:3.3.2.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..keyword.URL: "http://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=382950&p="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2520057&SearchSource=3&q={searchTerms}"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.de/ig"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2520057&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.08 18:00:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.05 12:53:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\...\AppData\Roaming\5021 [2011.07.26 11:04:27 | 000,000,000 | ---D | M]

Moderator informieren

sgalex77
Gast

Re: Windows Vista: Könnte mal jemand meinen HijackThis Log überprüfen?

« Antwort #22 am: 01.12.11, 19:41:19 »

[2011.07.30 18:47:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\...\AppData\Roaming\mozilla\Extensions
[2011.12.01 16:06:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\...\AppData\Roaming\mozilla\Firefox\Profiles\4rd6j7sn.default\extensions
[2011.03.13 11:41:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\...\AppData\Roaming\mozilla\Firefox\Profiles\4rd6j7sn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.07.30 18:47:07 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\...\AppData\Roaming\mozilla\Firefox\Profiles\4rd6j7sn.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2011.11.15 20:54:44 | 000,000,000 | ---D | M] (Selenium IDE) -- C:\Users\...\AppData\Roaming\mozilla\Firefox\Profiles\4rd6j7sn.default\extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}
[2010.10.04 13:12:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\...\AppData\Roaming\mozilla\Firefox\Profiles\4rd6j7sn.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.01.15 18:57:30 | 000,000,000 | ---D | M] (eGames Toolbar) -- C:\Users\...\AppData\Roaming\mozilla\Firefox\Profiles\4rd6j7sn.default\extensions\{b2b46577-0217-4ec5-a467-7a1e8d0d7b71}
[2011.11.07 17:29:18 | 000,000,000 | ---D | M] (InnoGames Community Toolbar) -- C:\Users\...\AppData\Roaming\mozilla\Firefox\Profiles\4rd6j7sn.default\extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}
[2011.11.07 17:29:20 | 000,000,000 | ---D | M] (Oryte Games 1.15 Community Toolbar) -- C:\Users\...\AppData\Roaming\mozilla\Firefox\Profiles\4rd6j7sn.default\extensions\{d2f11d8b-3eb5-4b42-9511-370dbec707fb}
[2011.12.01 16:06:08 | 000,000,000 | ---D | M] (Fussballcup Community Toolbar) -- C:\Users\...\AppData\Roaming\mozilla\Firefox\Profiles\4rd6j7sn.default\extensions\{df902f29-c93b-4b6a-88e1-5bc2f17cb637}
[2009.10.11 16:51:36 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\...\AppData\Roaming\mozilla\Firefox\Profiles\4rd6j7sn.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011.11.16 20:49:23 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\...\AppData\Roaming\mozilla\Firefox\Profiles\4rd6j7sn.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.04.09 08:23:28 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\...\AppData\Roaming\mozilla\Firefox\Profiles\4rd6j7sn.default\extensions\[email protected]
[2011.11.05 12:39:46 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\...\AppData\Roaming\mozilla\Firefox\Profiles\4rd6j7sn.default\extensions\[email protected]
[2011.05.11 16:43:26 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\...\AppData\Roaming\mozilla\Firefox\Profiles\4rd6j7sn.default\extensions\[email protected]
[2011.06.27 17:32:24 | 000,000,000 | ---D | M] (Gutscheinrausch.de) -- C:\Users\...\AppData\Roaming\mozilla\Firefox\Profiles\4rd6j7sn.default\extensions\[email protected]
[2010.09.22 20:18:26 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\...\AppData\Roaming\mozilla\Firefox\Profiles\4rd6j7sn.default\extensions\vshare@toolbar
[2010.05.26 15:18:50 | 000,002,333 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\askcom.xml
[2011.03.21 14:50:08 | 000,000,921 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\conduit.xml
[2011.07.21 16:07:53 | 000,002,055 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\daemon-search.xml
[2010.01.17 10:01:05 | 000,002,280 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\google-und-download-suche.xml
[2011.12.01 16:03:59 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-1.xml
[2011.03.11 18:39:00 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-10.xml
[2011.03.11 19:08:55 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-11.xml
[2011.03.11 19:37:22 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-12.xml
[2011.03.11 20:32:26 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-13.xml
[2011.03.12 09:34:22 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-14.xml
[2011.03.12 10:29:27 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-15.xml
[2011.03.12 21:27:45 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-16.xml
[2011.03.13 10:44:59 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-17.xml
[2011.03.13 11:36:35 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-18.xml
[2011.03.13 11:42:30 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-19.xml
[2010.06.04 18:15:52 | 000,000,961 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-2.xml
[2011.03.13 15:33:22 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-20.xml
[2011.03.13 15:36:31 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-21.xml
[2011.03.13 15:41:08 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-22.xml
[2011.03.13 17:00:20 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-23.xml
[2011.03.13 19:38:16 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-24.xml
[2011.03.13 20:08:26 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-25.xml
[2011.03.15 14:19:13 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-26.xml
[2011.03.20 17:19:06 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-27.xml
[2011.03.20 18:28:20 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-28.xml
[2011.03.23 17:42:23 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-29.xml
[2010.07.31 16:40:32 | 000,000,961 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-3.xml
[2010.09.15 15:43:18 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-4.xml
[2010.10.04 14:11:29 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-5.xml
[2010.11.08 19:12:20 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-6.xml
[2010.12.12 10:49:17 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-7.xml
[2011.03.06 15:47:08 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-8.xml
[2011.03.07 20:07:54 | 000,000,950 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin-9.xml
[2010.05.12 16:40:48 | 000,001,042 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\icqplugin.xml
[2011.07.30 18:47:03 | 000,002,501 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\SearchResults.xml
[2011.04.05 18:25:53 | 000,003,915 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\SweetIM Search.xml
[2011.04.05 18:26:24 | 000,003,915 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\sweetim.xml
[2010.09.22 20:18:32 | 000,001,583 | ---- | M] () -- C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\4rd6j7sn.default\searchplugins\web-search.xml
[2011.11.27 11:57:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.02.02 18:56:42 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

Moderator informieren

sgalex77
Gast

Re: Windows Vista: Könnte mal jemand meinen HijackThis Log überprüfen?

« Antwort #23 am: 01.12.11, 19:41:48 »

() (No name found) -- C:\USERS\...\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4RD6J7SN.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
() (No name found) -- C:\USERS\...\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4RD6J7SN.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI
() (No name found) -- C:\USERS\...\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4RD6J7SN.DEFAULT\EXTENSIONS\{C36177C0-224A-11DA-8CD6-0800200C9A91}.XPI
() (No name found) -- C:\USERS\...\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4RD6J7SN.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\...\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4RD6J7SN.DEFAULT\EXTENSIONS\{DD05FD3D-18DF-4CE4-AE53-E795339C5F01}.XPI
() (No name found) -- C:\USERS\...\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4RD6J7SN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\...\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4RD6J7SN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\...\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4RD6J7SN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\...\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4RD6J7SN.DEFAULT\EXTENSIONS\[email protected]
[2011.11.08 18:00:47 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.04.12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.05 15:38:06 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.11.05 12:39:34 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.10.05 15:38:06 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.10.05 15:38:06 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.07.21 14:18:31 | 000,002,048 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2011.10.05 15:38:06 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.07.30 18:47:03 | 000,002,501 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2011.10.05 15:38:06 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.05 15:38:06 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - default_search_provider: SweetIM Search ()
CHR - default_search_provider: search_url = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.8\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O2 - BHO: (no name) - {EEE6C35C-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.8\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe (Acer Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe (Ascentive)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\...\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Monopoly/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Monopoly/Images/armhelper.ocx (ArmHelper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC9B8EB1-1AE7-4D4B-AF74-755E6AA34B06}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\System32\skype4com.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll) -C:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Packard Bell\Wallpaper\Wallpaper Galactic_1900x1440.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Packard Bell\Wallpaper\Wallpaper Galactic_1900x1440.jpg
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007.08.04 16:54:31 | 000,000,000 | R--D | M] - D:\AutoRun -- [ UDF ]
O32 - AutoRun File - [2007.08.04 16:54:31 | 000,700,416 | R--- | M] (Electronic Arts Inc.) - D:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2007.08.04 15:09:54 | 000,659,456 | R--- | M] (Electronic Arts Inc.) - D:\AutoRunGUI.dll -- [ UDF ]
O32 - AutoRun File - [2007.08.04 17:00:52 | 000,000,152 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{96efdff6-8ca6-11de-ae6b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{96efdff6-8ca6-11de-ae6b-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2007.08.04 16:54:31 | 000,700,416 | R--- | M] (Electronic Arts Inc.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

Moderator informieren

sgalex77
Gast

Re: Windows Vista: Könnte mal jemand meinen HijackThis Log überprüfen?

« Antwort #24 am: 01.12.11, 19:48:13 »

========== Files/Folders - Created Within 30 Days ==========

[2011.12.01 18:03:02 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\...\Desktop\OTL.exe
[2011.12.01 16:01:40 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.11.30 18:43:55 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Roaming\Avira
[2011.11.30 18:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.11.30 18:37:32 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011.11.30 18:37:28 | 000,134,344 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.11.30 18:37:28 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011.11.30 18:36:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.11.30 18:36:15 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011.11.27 11:57:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2011.11.27 11:57:54 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Toolbar
[2011.11.27 11:57:54 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2011.11.26 22:26:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011.11.23 20:44:51 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.11.23 20:44:36 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2011.11.23 20:44:35 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2011.11.17 15:26:56 | 000,000,000 | ---D | C] -- C:\Users\...\Documents\Games for Windows - LIVE Demos
[2011.11.17 14:55:22 | 000,232,512 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011.11.17 14:51:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro
[2011.11.17 14:51:35 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Pro
[2011.11.17 14:51:12 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Roaming\DAEMON Tools Pro
[2011.11.17 14:51:12 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro
[2011.11.16 22:51:38 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2011.11.16 22:50:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2011.11.16 22:50:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011.11.16 22:50:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2011.11.16 22:12:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
[2011.11.16 22:12:32 | 019,087,360 | ---- | C] (Intel Corporation / Blue Ripple Sound Limited) -- C:\Windows\System32\mkl_blueripple.dll
[2011.11.16 22:12:32 | 001,302,528 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\System32\rapture3d_oal.dll
[2011.11.16 22:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\BRS
[2011.11.16 22:12:20 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2011.11.16 22:12:20 | 000,109,144 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2011.11.16 22:12:20 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2011.11.16 22:12:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codemasters
[2011.11.16 21:54:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)
[2011.11.16 21:35:31 | 000,000,000 | ---D | C] -- C:\Users\...\Desktop\Neuer Ordner
[2011.11.12 20:25:50 | 000,223,232 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\k57nd60x.sys
[2011.11.12 20:25:50 | 000,000,000 | ---D | C] -- C:\drivers
[2011.11.12 20:03:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2011.11.12 20:03:12 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2011.11.12 19:47:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
[2011.11.12 19:47:38 | 000,000,000 | ---D | C] -- C:\Program Files\SlimDrivers
[2011.11.12 19:45:50 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\SlimWare Utilities Inc
[2011.11.12 19:45:24 | 000,000,000 | ---D | C] -- C:\Program Files\Downloaded Installers
[2011.11.12 19:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2011.11.12 19:41:50 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Roaming\Uniblue
[2011.11.12 19:36:22 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters
[2011.11.05 13:46:09 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Roaming\Malwarebytes
[2011.11.05 13:46:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.05 13:46:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.11.05 13:46:00 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.11.05 13:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.11.05 12:39:33 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Roaming\Babylon
[2011.11.05 12:39:33 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\Babylon
[2011.11.05 12:39:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2011.11.03 13:58:37 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\Akamai

========== Files - Modified Within 30 Days ==========

[2011.12.01 18:03:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\...\Desktop\OTL.exe
[2011.12.01 17:53:44 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2011.12.01 17:53:19 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.01 17:53:18 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.01 17:53:16 | 000,012,984 | ---- | M] () -- C:\Windows\System32\drivers\SWDUMon.sys
[2011.12.01 17:53:06 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.01 17:53:04 | 000,000,931 | ---- | M] () -- C:\Windows\System32\bscs.ini
[2011.12.01 17:52:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.01 17:52:53 | 3215,818,752 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.01 17:31:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.01 16:39:45 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{95CAA103-F894-4B4D-BE28-EF988682EB8E}.job
[2011.12.01 16:01:40 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.11.30 18:38:00 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.11.26 22:26:19 | 000,001,719 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011.11.26 22:26:19 | 000,001,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011.11.25 20:31:55 | 000,008,624 | ---- | M] () -- C:\Users\...\Desktop\Unbenannt 1.odt
[2011.11.23 20:44:51 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.11.18 14:25:55 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.11.18 14:25:55 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.11.18 14:25:55 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.11.18 14:25:55 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.11.17 14:55:22 | 000,232,512 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011.11.16 22:49:45 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2011.11.16 22:49:45 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2011.11.12 21:28:20 | 000,004,280 | ---- | M] () -- C:\Users\...\Documents\cc_20111112_212817.reg
[2011.11.11 14:17:06 | 000,008,856 | ---- | M] () -- C:\Users\...\Documents\cc_20111111_141701.reg
[2011.11.05 12:40:00 | 000,000,000 | ---- | M] () -- C:\ProgramData\d67c7db6ee4d2398a7a563f3dd3bc17a_c
[2011.11.03 20:05:18 | 000,016,109 | ---- | M] () -- C:\Users\...\Documents\English.odt

========== Files Created - No Company Name ==========

[2011.11.30 18:38:00 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.11.25 20:31:52 | 000,008,624 | ---- | C] () -- C:\Users\...\Desktop\Unbenannt 1.odt
[2011.11.23 20:44:36 | 000,001,717 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011.11.23 20:44:35 | 000,001,719 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011.11.16 22:50:35 | 000,001,203 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2011.11.12 21:28:18 | 000,004,280 | ---- | C] () -- C:\Users\...\Documents\cc_20111112_212817.reg
[2011.11.12 19:46:01 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2011.11.12 19:45:58 | 000,012,984 | ---- | C] () -- C:\Windows\System32\drivers\SWDUMon.sys
[2011.11.11 14:17:03 | 000,008,856 | ---- | C] () -- C:\Users\...\Documents\cc_20111111_141701.reg
[2011.11.05 12:40:00 | 000,000,000 | ---- | C] () -- C:\ProgramData\d67c7db6ee4d2398a7a563f3dd3bc17a_c
[2011.11.02 18:26:05 | 000,016,109 | ---- | C] () -- C:\Users\...\Documents\English.odt
[2011.10.24 18:56:55 | 000,000,000 | ---- | C] () -- C:\ProgramData\1b540ac4237e780608d7331feefcf345_c
[2011.10.14 20:00:38 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll
[2011.09.02 20:17:03 | 000,002,018 | ---- | C] () -- C:\Windows\System32\SHORTCUT.INI
[2011.09.02 20:16:34 | 000,000,091 | ---- | C] () -- C:\Windows\System32\REMOTEDEVICE.INI
[2011.09.02 20:14:31 | 000,005,063 | ---- | C] () -- C:\Windows\System32\LOCALSERVICE.INI
[2011.09.02 20:14:30 | 000,000,104 | ---- | C] () -- C:\Windows\System32\LOCALDEVICE.INI
[2011.09.02 20:06:16 | 000,000,000 | ---- | C] () -- C:\Windows\System32\BSPRINT.INI
[2011.08.29 19:41:48 | 015,749,581 | ---- | C] () -- C:\Users\...\AppData\Roaming\SMRBackup210.dat
[2011.08.18 15:22:59 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.08.18 15:22:59 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.08.16 16:18:14 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini
[2011.07.26 17:50:43 | 000,000,011 | ---- | C] () -- C:\Users\...\AppData\Roaming\urhtps.dat
[2011.07.23 11:46:47 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2011.07.23 11:46:47 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2011.07.23 11:46:47 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2011.07.15 12:47:12 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011.04.15 14:54:12 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.03.26 11:20:54 | 000,000,552 | ---- | C] () -- C:\Users\...\AppData\Local\d3d8caps.dat
[2010.12.24 14:52:25 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010.12.04 15:05:45 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2010.11.30 19:51:39 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2010.09.01 20:07:02 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.09.01 19:46:10 | 000,044,193 | ---- | C] () -- C:\Users\...\AppData\Roaming\DSC03248.JPG
[2010.08.21 10:17:50 | 002,445,312 | ---- | C] () -- C:\Windows\System32\Anpfiff2010.exe
[2010.08.21 10:17:50 | 001,396,736 | ---- | C] () -- C:\Windows\System32\Anpfiff-Editor.exe
[2010.08.21 10:17:50 | 000,000,513 | ---- | C] () -- C:\Windows\System32\BlitzCase.com.url
[2010.08.21 10:17:44 | 001,323,008 | ---- | C] () -- C:\Windows\System32\BlitzUpdate.exe
[2010.08.21 10:17:44 | 000,012,800 | ---- | C] () -- C:\Windows\System32\blitzsys.dll
[2010.07.30 10:54:34 | 000,284,160 | ---- | C] () -- C:\Windows\unin0407.exe
[2010.07.29 13:00:04 | 000,000,331 | ---- | C] () -- C:\Windows\SIERRA.INI
[2010.06.19 18:31:51 | 000,001,356 | ---- | C] () -- C:\Users\...\AppData\Local\d3d9caps.dat
[2010.06.09 19:04:27 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.03.13 08:18:18 | 005,652,144 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2010.03.12 21:46:59 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010.03.06 14:58:20 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010.03.06 13:48:34 | 000,000,558 | ---- | C] () -- C:\Windows\eReg.dat
[2010.01.27 03:09:02 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2009.12.11 15:12:03 | 000,138,056 | ---- | C] () -- C:\Users\...\AppData\Roaming\PnkBstrK.sys
[2009.12.04 11:24:23 | 000,000,083 | ---- | C] () -- C:\Users\...\AppData\Local\X-Plane Installer.prf
[2009.10.29 19:30:44 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2009.10.29 19:30:44 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2009.10.29 19:30:44 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2009.10.29 19:30:44 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2009.10.29 19:30:44 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2009.10.29 19:30:44 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2009.10.29 19:30:44 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2009.10.29 19:30:44 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2009.10.29 19:30:44 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2009.10.29 19:30:44 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2009.10.29 19:30:44 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2009.10.29 19:30:44 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2009.10.29 19:30:44 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2009.10.29 19:30:44 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2009.10.29 19:30:44 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2009.10.29 19:30:44 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat

Moderator informieren

sgalex77
Gast

Re: Windows Vista: Könnte mal jemand meinen HijackThis Log überprüfen?

« Antwort #25 am: 01.12.11, 19:48:59 »

[2009.10.29 19:30:44 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2009.10.29 19:30:44 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2009.10.29 19:30:44 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009.10.29 16:32:52 | 000,000,027 | ---- | C] () -- C:\Windows\CDE DX4400DEFGIPS.ini
[2009.10.21 15:17:13 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.10.20 13:31:34 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.10.20 13:31:34 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.10.10 16:40:53 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.10.10 16:40:44 | 000,008,180 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2009.10.10 16:19:54 | 000,058,880 | ---- | C] () -- C:\Users\...\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.10.10 13:40:30 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009.10.10 13:40:29 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys[2009.09.07 14:42:42 | 000,000,931 | ---- | C] () -- C:\Windows\System32\bscs.ini
[2009.09.02 08:39:46 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BsMobileCSps.dll
[2009.08.19 19:35:52 | 000,004,184 | ---- | C] () -- C:\Windows\System32\drivers\CDConfig.bin
[2009.08.19 11:12:14 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini
[2009.06.17 13:02:46 | 000,029,192 | ---- | C] () -- C:\Windows\System32\drivers\btnetBus.sys
[2009.03.26 02:15:57 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.03.26 02:15:57 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.03.26 02:15:57 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.03.26 02:15:57 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.03.25 18:50:36 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009.03.25 17:38:23 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.03.04 20:35:58 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2009.03.04 20:35:58 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2009.03.04 20:35:53 | 000,000,060 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2009.03.04 20:35:53 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll

[2007.04.27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,378,968 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
========== LOP Check ==========

[2011.08.13 17:46:59 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\.minecraft
[2011.09.03 08:54:58 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\.spoutcraft
[2011.07.26 11:04:27 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\5021
[2011.01.30 20:23:27 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Advatl
[2010.03.06 15:16:22 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Atari
[2011.11.05 12:39:33 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Babylon
[2011.07.21 16:11:30 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\DAEMON Tools Lite
[2011.11.17 15:09:24 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\DAEMON Tools Pro
[2010.03.13 08:18:50 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\dBpoweramp
[2010.03.07 13:37:14 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\DreamDale
[2011.10.14 19:17:57 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\DriverCure
[2011.08.27 19:53:02 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\DVDVideoSoft
[2011.08.27 19:52:26 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.01.15 18:57:30 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\egamestoolbar
[2009.11.25 20:16:31 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\FileZilla
[2009.12.04 11:15:23 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\flightgear.org
[2011.11.05 12:53:44 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\FrostWire
[2011.07.02 11:02:25 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\GamesCafe
[2011.01.15 12:15:08 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\GetRightToGo
[2011.08.08 19:44:26 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\gtk-2.0
[2011.11.30 20:42:54 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\ICQ
[2011.10.14 20:02:48 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\iolo
[2009.12.25 09:15:56 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Jane s Hotel Family Hero
[2009.11.01 19:18:16 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Klett
[2011.07.26 11:04:10 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\kock
[2011.07.26 09:17:02 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Leadertech
[2010.03.07 13:37:01 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\MagicBall4
[2011.01.15 20:37:33 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\MAGIX
[2010.08.07 10:24:10 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\MB4
[2009.12.22 22:50:29 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\MobMapUpdater
[2010.12.22 09:54:12 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Mysteryville2
[2011.08.16 16:49:11 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Notepad++
[2011.06.27 17:32:06 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\OpenCandy
[2009.11.20 18:25:42 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\OpenOffice.org
[2011.01.23 13:13:02 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Opera
[2009.10.10 11:38:15 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Packard Bell
[2011.10.14 19:17:57 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\ParetoLogic
[2011.01.10 19:44:51 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\PhotoScape
[2011.07.14 13:18:38 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\PlayFirst
[2010.02.05 11:07:24 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Playrix Entertainment
[2011.02.26 23:40:23 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Power Sound Editor Free
[2011.10.25 15:43:49 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Pro Cycling Manager 2009
[2009.12.03 12:14:46 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\ProtectDisc
[2010.08.07 10:23:45 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\SmashFrenzy4
[2011.08.16 16:55:33 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Software Informer
[2010.01.15 14:02:00 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\SpinTop
[2011.08.17 14:26:10 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Tific
[2011.06.10 15:14:11 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\TS3Client
[2011.10.14 19:40:35 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\TuneUp Software
[2011.08.10 18:58:17 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\UAs
[2009.10.10 13:46:09 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Ubisoft
[2011.01.02 20:26:02 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Ulead Systems
[2011.11.12 19:41:50 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Uniblue
[2010.02.04 11:13:39 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\UNOUndercover
[2011.07.31 18:58:37 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\VDownloader
[2011.08.11 19:38:29 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\xmldm
[2011.07.02 11:02:15 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Zylom
[2011.12.01 17:51:13 | 000,032,536 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.12.01 17:53:44 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\SlimDrivers Startup.job
[2011.12.01 16:39:45 | 000,000,426 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{95CAA103-F894-4B4D-BE28-EF988682EB8E}.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:453190EC
@Alternate Data Stream - 94 bytes -> C:\ProgramData\Temp:A18D1A5B
@Alternate Data Stream - 241 bytes -> C:\ProgramData\Temp:E5F8E280
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:00F7B10F
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:E6E9EB6C
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:A696643D
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:700B9342
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:0E22C5DB
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:52B72A7C
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:AFFC859A
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:3447AB86
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:9547F1DB
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:DDEB08FD

< End of report >

Moderator informieren

sgalex77
Gast

Re: Windows Vista: Könnte mal jemand meinen HijackThis Log überprüfen?

« Antwort #26 am: 01.12.11, 19:52:14 »

OTL Extras logfile created on: 01.12.2011 18:03:53 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\...\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,99 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 61,85% Memory free
3,87 Gb Paging File | 2,75 Gb Available in Paging File | 71,02% Paging File free
Paging file location(s): c:\pagefile.sys 1000 1500 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 263,09 Gb Free Space | 57,70% Space Free | Partition Type: NTFS
Drive D: | 770,19 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: ...-PC | User Name: ... | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Moderator informieren

sgalex77
Gast

Re: Windows Vista: Könnte mal jemand meinen HijackThis Log überprüfen?

« Antwort #27 am: 01.12.11, 19:52:27 »

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{26F417C7-69DE-48B4-B6E9-5B8E4196844E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{43CCC414-C02C-4006-82B8-9A8C07B0F01D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{58CDE8F2-AC4D-443E-92F5-103DB9492FBC}" = lport=139 | protocol=6 | dir=in | app=system |
"{66C7D8C7-41AB-4769-A1B2-F3AC15AB9A5D}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{724DD36E-AC47-4C95-B169-803F68FF24D9}" = rport=139 | protocol=6 | dir=out | app=system |
"{8E639A87-E552-4289-A993-35C3B4472F34}" = lport=138 | protocol=17 | dir=in | app=system |
"{96E29C94-5C3F-451E-A643-63880A4F6C6F}" = lport=49161 | protocol=6 | dir=in | name=akamai netsession interface |
"{B196B804-32EA-434C-BC79-DB43ECE92E30}" = rport=445 | protocol=6 | dir=out | app=system |
"{CDE51955-160A-455A-9F7A-BABF2DC7FC18}" = rport=137 | protocol=17 | dir=out | app=system |
"{D2025EC5-6735-41C3-8146-D9E161667391}" = rport=138 | protocol=17 | dir=out | app=system |
"{D59EE12F-F0F1-49F6-B21A-BECED9E0C95D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D75781E7-E92D-4B35-98CA-CE35C896783F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{E4E796E9-2FD0-4ED1-B532-E9A00B184054}" = lport=137 | protocol=17 | dir=in | app=system |
"{FEDFA7D3-8E45-43F3-BB07-AFB791B0432C}" = lport=445 | protocol=6 | dir=in | app=system |

Moderator informieren

sgalex77
Gast

Re: Windows Vista: Könnte mal jemand meinen HijackThis Log überprüfen?

« Antwort #28 am: 01.12.11, 19:53:46 »

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0517719E-3432-4629-ABC9-3F25C430360B}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{0A2E9B3E-CB60-4C22-9F15-203D1E142781}" = protocol=6 | dir=in | app=c:\users\...\downloads\sweetimsetup.exe |
"{0A779F57-DFF8-4253-B770-913D5334CE41}" = protocol=17 | dir=in | app=c:\program files\windows ilivid toolbar\datamngr\toolbar\dtuser.exe |
"{0F48FFD9-DABB-4317-953C-C968F71233DA}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{10E3E72D-ACD5-4735-8F49-056A8734E003}" = protocol=17 | dir=in | app=c:\program files\cyanide\tour de france 2009 - der offizielle radsport-manager\pcm.exe |
"{122212C3-994B-416A-B1E8-B90BCE223B2C}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{15852943-3B6A-4A2A-8D0C-3A132F650663}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{2EDA82AF-A0E3-41EE-92D3-E16E28028D47}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{326DEC69-F708-4C96-9FC1-744717904AC3}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{398DC2FD-A54A-4742-BF55-FC64A3149AAE}" = protocol=1 | dir=in | [email protected],-28543 |
"{3E77A9E0-FCF1-4F85-B502-7E687A69A8B6}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{3EC54D7D-0F14-4805-B414-91E745C18624}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{49EBA5B9-631A-420B-9D17-331358435936}" = protocol=17 | dir=in | app=c:\users\...\appdata\local\temp\sweetimreinstall\sweetimsetup.exe |
"{4A73B785-2D91-4F8C-89BC-873FD262BE07}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{4B9AA1D6-9D67-46CE-B5C5-99869EB1765A}" = protocol=1 | dir=out | [email protected],-28544 |
"{5807517D-7F89-45CD-8913-75DDBCB73865}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{5C6C6A44-C22B-4AF1-9541-B92FE480EDC5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{5DC7070B-352B-489F-AB24-9CA3B7D48972}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"{6F34F5BD-FA89-4935-A653-36546AAE6BD1}" = protocol=6 | dir=in | app=c:\program files\windows ilivid toolbar\datamngr\toolbar\dtuser.exe |
"{7983B89F-175F-4F23-855F-0D7504306068}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe |
"{7D80F4AE-C8F1-45FD-A597-2E219F9B14FB}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe |
"{82A2D654-7180-4E45-8D49-3A1D655C0E2F}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{8583FB70-6366-4580-B741-9EAE90B6DCA7}" = protocol=6 | dir=in | app=c:\program files\cyanide\tour de france 2009 - der offizielle radsport-manager\autorun\exe\autorun.exe |
"{883B6F97-2E1F-40C7-9B62-21F388B66D31}" = protocol=58 | dir=out | [email protected],-28546 |
"{8DA67BB7-93C3-453D-AFA5-52EDF1A4D3C3}" = protocol=6 | dir=in | app=c:\users\...\appdata\local\temp\sweetimreinstall\sweetimsetup.exe |
"{8E210974-59F3-41FE-BADC-202230C6C5C3}" = protocol=17 | dir=in | app=c:\program files\cyanide\tour de france 2009 - der offizielle radsport-manager\autorun\exe\autorun.exe |
"{9656A844-F6B1-495E-9B68-3D21B79998BA}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{A270E796-F507-4862-AC49-258190B9E4BE}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{A35C2E5F-8870-48FF-995C-DA5AC248BE7F}" = protocol=17 | dir=in | app=c:\users\...\downloads\sweetimsetup.exe |
"{A391719F-1923-4445-8136-EC7DA4CDCD25}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{AAE0DB3F-E3F4-498A-9078-E363CC6E7D58}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{AD455D68-330A-4AB0-ADBD-10DA23A151C0}" = protocol=58 | dir=in | [email protected],-28545 |
"{B57F7408-FF58-431C-B9CA-8D79C96CE9BF}" = protocol=6 | dir=in | app=c:\program files\cyanide\gamecenter\gamecenter.exe |
"{C038256D-A95E-44C6-B595-8C5EB73E777B}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C3FFAD35-EAE6-40F3-A6A6-99E94BD59792}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{CA39321A-320A-48B2-8A9B-092B4700A972}" = dir=in | app=c:\program files\cyberlink\powerdvd8\powerdvd8.exe |
"{DEAEC75C-BC22-49CF-AB66-07F1D8E4D93D}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{E59722EB-7740-4E34-9226-871E31D45B8D}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{E9D8F56E-B8CA-4616-8E8D-D58EF6F3F87D}" = protocol=17 | dir=in | app=c:\program files\cyanide\gamecenter\gamecenter.exe |
"{F57A648D-63E3-47FA-A323-F8BC06057CDA}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{F60158A2-2C44-4612-B63B-6F78A9398F45}" = protocol=6 | dir=in | app=c:\program files\cyanide\tour de france 2009 - der offizielle radsport-manager\pcm.exe |
"{F7B1058A-3F5A-4D63-B856-75E84C5F4B5B}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{FA0AFB2D-E5D2-444B-AAB3-BA0C59060B8F}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"{FB9D6DD8-7B3F-46DC-9E14-529F6D3B1C09}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |

Moderator informieren

sgalex77
Gast

Re: Windows Vista: Könnte mal jemand meinen HijackThis Log überprüfen?

« Antwort #29 am: 01.12.11, 19:54:13 »

"TCP Query User{0713D554-7289-4F42-96CD-C3C891398F4E}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"TCP Query User{09455EC2-F668-44C6-B19E-0FD4361EF4E1}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{1AC9B3AA-3CBB-4BD3-AF2B-146EE966230A}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{2FF9AF62-62AC-47BC-B476-F4C947AF9F6B}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{35F0A994-2C02-49BF-B3BA-D53D084E60B0}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{39ECDE12-799F-402E-B278-07DD31379302}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{4612C280-0A59-4E6B-9E8B-AA895455429E}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{4645DE69-BF54-4CC2-AF9A-5AA99E7F65A8}C:\program files\ea games\battlefield 1942 singleplayer demo\bf1942.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 1942 singleplayer demo\bf1942.exe |
"TCP Query User{4BA42F53-7656-4413-A6A8-D4D2328611C8}C:\users\...\documents\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\...\documents\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe |
"TCP Query User{519D6ABA-2F05-4AD0-80F7-91C4AE4D4BE2}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{51B06794-6145-4DA8-A87C-EA14F45799D8}C:\program files\icq7.0\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"TCP Query User{58AC5D95-5FE0-47B7-BD4F-98D315C667CD}C:\program files\ea sports\fussball manager 11\manager11.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fussball manager 11\manager11.exe |
"TCP Query User{5F55A02F-CBEE-4D4D-895D-F6958E872797}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{63F3F105-462C-4088-9E17-E6D5D2DD40DC}C:\users\...\documents\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\...\documents\world of warcraft\launcher.exe |
"TCP Query User{6B895909-52F5-4C05-A05A-744ED301D26D}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{6C38D8C0-D1DD-4B5E-856F-27D5EDE46739}C:\program files\ea games\battlefield 1942 singleplayer demo\bf1942.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 1942 singleplayer demo\bf1942.exe |
"TCP Query User{785AF56E-6B2F-41E5-9D04-5474A1095482}C:\program files\microsoft games\age of empires\empiresx.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires\empiresx.exe |
"TCP Query User{7C5F3946-C57F-4A37-9383-B03826BE1CE9}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"TCP Query User{81AA2475-D89F-4546-8D15-29D39221CC46}C:\users\...\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\...\appdata\local\akamai\netsession_win.exe |
"TCP Query User{8DA5B05D-4B29-4A5C-AFBF-C275243A6997}C:\program files\ea sports\fifa 11 demo\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fifa 11 demo\game\fifa.exe |
"TCP Query User{9E19CF05-C612-48DF-B1FA-552BD1F5943D}C:\users\...\documents\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\...\documents\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe |
"TCP Query User{AFA28A8C-3EA8-4917-9ACE-6866F4D99A5C}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{B3890DF5-1B43-4B74-A227-DC90F3814226}C:\users\...\documents\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\...\documents\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-dede-downloader.exe |
"TCP Query User{B5C8AE28-F490-4D98-B0CB-94A0EA1C9B54}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{B8357AB0-0293-4701-B4BE-2782DBFA63A1}C:\program files\cyanide\tour de france 2009 - der offizielle radsport-manager\pcm.exe" = protocol=6 | dir=in | app=c:\program files\cyanide\tour de france 2009 - der offizielle radsport-manager\pcm.exe |
"TCP Query User{BD468039-7CFB-4B83-BCBB-DB55AD60B4F7}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"TCP Query User{CFDE3FFF-980C-42FD-AFFD-870D0A98A13C}C:\users\...\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\...\appdata\local\akamai\netsession_win.exe |
"TCP Query User{EBA67E9B-EB88-41E0-9FFE-AFB2B07F5EF7}C:\aeriagames\wolfteam-de\wolfteam.bin" = protocol=6 | dir=in | app=c:\aeriagames\wolfteam-de\wolfteam.bin |
"TCP Query User{ECA97D3C-0C0C-47EC-BFA3-2D03FAAFE016}C:\users\...\documents\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\...\documents\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe |
"TCP Query User{F1058546-93E5-4D7D-A339-2AF19E5A80DD}C:\users\...\desktop\spiele\empire earth\empire earth.exe" = protocol=6 | dir=in | app=c:\users\...\desktop\spiele\empire earth\empire earth.exe |
"TCP Query User{F6985C39-D41B-41DA-ABAE-BA3945E43928}C:\users\...\documents\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\...\documents\world of warcraft\backgrounddownloader.exe |
"TCP Query User{F9E36500-1031-4326-8040-26654C9B13A0}C:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"UDP Query User{03F565FA-CD09-4184-A220-C023D159DB43}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{0501A626-C3DD-4E02-91D1-3C8BA8653FA2}C:\program files\cyanide\tour de france 2009 - der offizielle radsport-manager\pcm.exe" = protocol=17 | dir=in | app=c:\program files\cyanide\tour de france 2009 - der offizielle radsport-manager\pcm.exe |
"UDP Query User{10C4DE74-93A1-4FAC-B168-308780BC7391}C:\users\...\documents\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\...\documents\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-dede-downloader.exe |
"UDP Query User{14CCB8D4-3707-4AEB-8913-EE3959923112}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{15FF3C3E-18F8-4554-A647-81F4D451A5A7}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{18F4AD67-E1D8-4D01-80F5-D29B34CAB776}C:\program files\icq7.0\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"UDP Query User{1FDDD551-3326-4FBA-8DE9-E869F5BE116A}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{2B49C70E-668D-4435-9DF8-3333DDE8C44B}C:\program files\ea games\battlefield 1942 singleplayer demo\bf1942.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 1942 singleplayer demo\bf1942.exe |
"UDP Query User{2E07EC7C-E42B-4899-B19A-9528ED3C1708}C:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"UDP Query User{316EDA0D-5114-49CE-94DA-1C01F1F3D207}C:\program files\ea games\battlefield 1942 singleplayer demo\bf1942.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 1942 singleplayer demo\bf1942.exe |
"UDP Query User{37521634-51C3-4914-B6AA-067452230BE6}C:\users\...\documents\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\...\documents\world of warcraft\backgrounddownloader.exe |
"UDP Query User{3BEF6788-0A9E-4FF8-97C3-21D414302818}C:\users\...\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\...\appdata\local\akamai\netsession_win.exe |
"UDP Query User{414737BA-50C7-4024-8FBB-C2FCA236D5BA}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{5836C31D-4E6F-48C1-A3A0-F483FEDE3563}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{595C4909-55A0-4B4D-904B-06FBE8822111}C:\users\...\documents\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\...\documents\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe |
"UDP Query User{68DF4993-E3EC-44CB-8177-EFDA462513B9}C:\users\...\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\...\appdata\local\akamai\netsession_win.exe |
"UDP Query User{776F90AE-3140-4B1D-B37C-371E7EFE07C1}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{7850CB5C-84B2-4F17-A803-F43DC7473E79}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{841F2061-572D-4766-AB80-69724231413F}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{9133A15C-389A-4680-8881-352CE6E81FCC}C:\program files\ea sports\fussball manager 11\manager11.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fussball manager 11\manager11.exe |
"UDP Query User{92FBFC5E-2BF0-40B6-9F49-2E25D6C95B1A}C:\users\...\documents\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\...\documents\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe |
"UDP Query User{A27AB750-6C84-42CC-8CD0-C248BAD9E6E5}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{A4132798-AC28-40D8-B5BC-147B81675ECA}C:\aeriagames\wolfteam-de\wolfteam.bin" = protocol=17 | dir=in | app=c:\aeriagames\wolfteam-de\wolfteam.bin |
"UDP Query User{AC78D564-8F68-4B7F-BDA3-84DFECA89515}C:\users\...\documents\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\...\documents\world of warcraft\launcher.exe |
"UDP Query User{B9166D41-421C-4B47-A6C9-E5C082907F4B}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"UDP Query User{BABE32E6-33CB-4775-90FC-612FDADCE432}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{BE9A2FF4-BD48-458E-8813-888FEED8AFE4}C:\program files\ea sports\fifa 11 demo\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fifa 11 demo\game\fifa.exe |
"UDP Query User{C438C9E9-BCC2-46DE-B622-801F9170F610}C:\users\...\desktop\spiele\empire earth\empire earth.exe" = protocol=17 | dir=in | app=c:\users\...\desktop\spiele\empire earth\empire earth.exe |
"UDP Query User{CA77470C-272A-4D4B-90A7-9EB69D73E4DA}C:\program files\microsoft games\age of empires\empiresx.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires\empiresx.exe |
"UDP Query User{DE9ED2EE-6635-432F-B693-C882A7E7F87A}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{ECCAB259-B508-485C-BF56-20F6BD3BB421}C:\users\...\documents\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\...\documents\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe |
"UDP Query User{EED2E5A6-CBAD-4FA2-8871-1EF81DC3F4BD}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |

Moderator informieren

« netzwerksicherheit		ebay Server wird nicht gefunden, Seite nicht geöffnet »

Re: Windows Vista: Könnte mal jemand meinen HijackThis Log überprüfen?

Mehr zu Windows Vista: Könnte mal jemand meinen HijackThis Log überprüfen?