HijackThis Log - Bitte einmal überprüfen |
||
---|---|---|
#0
| ||
08.11.2010, 16:24
Member
Beiträge: 13 |
||
|
||
09.11.2010, 18:47
Moderator
Beiträge: 5694 |
#2
Hallo und herzlich Willkommen auf Protecus.de
Um ein infiziertes System zu bereinigen bedarf es neben Zeit auch die Beachtung folgender Punkte: • Halte Dich an die Anweisungen des jeweiligen Helfers. • Falls Du externen Speichermedien (USB Sticks, Festplatten) hast, dann schliesse die vor der Reinigung an. • Während der Reinigung solltest Du weder Programme installieren noch deinstallieren, welche nicht ausdrücklich verlangt werden. • Bitte arbeite jeden Schritt der Reihe nach ab. • Falls bei einem Schritt Probleme auftauchen, poste was du bereits hast und melde Dich mit dem Problembeschreiben. • Die Bereinigung ist erst beendet wenn der jeweilige Helfer das OK gibt. • Wenn die Kiste wieder flott läuft heisst das nicht, dass das Sytem auch sauber ist. • Bei geschäftlich genutzten Rechner sollte der zuständige IT Verantwortliche beigezogen werden. • Ein Support unsererseits kann unter Umständen bei einem Firmenrechner abgelehnt werden. • Bei illegaler Software besteht die Möglichkeit, dass der Support eingestellt wird. • Jegliche Cracks oder Keygens werden weder gefördert noch akzeptiert. • Bei stark infizierten Systemen vorallem wenn Backdoors oder Rootkits involviert sind kann es vorkommen, dass ein Helfer zum Neuaufsetzen rät. • In letzter Instanz ist dann immer der User welcher entscheidet. Vista und Win7 User: Alle Programme und Tools, die wir anordnen, immer mit Rechtsklick und Als Administrator ausführen. Schritt 1 Bereinigung mit Malwarebytes' Anti-Malware (Vollständiger Suchlauf) Lade Malwarebytes Anti-Malware (ca. 2 MB) von diesem Downloadspiegel herunter: Malwarebytes * Anwendbar auf Windows 2000, XP, Vista und Windows 7. * Installiere das Programm in den vorgegebenen Pfad. * Denke daran, bei Vista das Programm als Admin zu starten, ansonsten per Doppelklick starten. * Lasse es online updaten (Reiter Updates), sofern sich das Programm bereits auf dem Rechner befand. * Aktiviere "Komplett Scan durchführen" => Scan. * Wähle alle verfügbaren Laufwerke aus und starte den Scan. * Wenn der Scan beendet ist, klicke auf "Zeige Resultate". * Bei Funden in C:\System Volume Information den Haken entfernen. Ansonsten wird dieser Systemwiederherstellungspunkt nicht mehr funktionieren. Er könnte jedoch trotz Malware noch gebraucht werden. * Versichere Dich, dass ansonsten alle Funde markiert sind und drücke "Löschen". * Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread. * Nachträglich kannst du den Bericht unter "Scan-Berichte" finden. * Berichte, wie der Rechner nun läuft. Schritt 2 CustomScan mit OTL Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop • Starte bitte die OTL.exe. Vista und Win7 User mit Rechtsklick "als Administrator starten" • Kopiere nun den Inhalt in die Textbox. Code netsvcs• Schliesse bitte nun alle Programme. (Wichtig) • Klicke nun bitte auf den Quick Scan Button. • Klick auf . • Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread |
|
|
||
09.11.2010, 23:52
Member
Themenstarter Beiträge: 13 |
#3
Hier das Log von Malewarebytes':
Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 5084 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 09.11.2010 22:23:42 mbam-log-2010-11-09 (22-23-42).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|G:\|H:\|I:\|J:\|) Durchsuchte Objekte: 367351 Laufzeit: 1 Stunde(n), 44 Minute(n), 4 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) und die zwei von OTL: OTL logfile created on: 09.11.2010 23:14:10 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Chris\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 62,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451,30 Gb Total Space | 260,54 Gb Free Space | 57,73% Space Free | Partition Type: NTFS Drive D: | 14,46 Gb Total Space | 1,99 Gb Free Space | 13,74% Space Free | Partition Type: NTFS Drive E: | 439,89 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010.11.09 23:09:49 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Downloads\OTL.exe PRC - [2010.11.05 01:54:57 | 000,928,496 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2010.11.05 01:54:56 | 001,375,992 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe PRC - [2010.09.06 17:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe PRC - [2010.08.13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010.04.03 15:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010.01.15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2009.08.22 08:21:19 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe PRC - [2009.08.05 10:17:31 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2009.06.09 18:50:30 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2009.03.02 11:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2009.01.26 14:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe PRC - [2009.01.09 19:14:48 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2009.01.09 19:14:42 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2008.10.17 16:57:18 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe PRC - [2008.10.17 16:56:54 | 001,152,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe PRC - [2008.09.26 02:36:40 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe PRC - [2007.04.18 16:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010.11.09 23:09:49 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Downloads\OTL.exe MOD - [2010.08.31 16:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\ezsvc7.dll -- (ezSharedSvc) SRV:64bit: - [2008.12.01 16:45:18 | 000,932,864 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility) SRV - [2010.11.05 01:54:56 | 001,375,992 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2010.09.06 17:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2010.08.13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010.04.03 15:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009.08.22 08:21:19 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe -- (Norton Internet Security) SRV - [2009.08.05 10:17:31 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009.06.09 18:50:30 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2008.07.27 19:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.02.03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\SYMREDRV.SYS -- (SYMREDRV) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\SYMDNS.SYS -- (SYMDNS) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp) DRV:64bit: - [2010.09.23 08:46:09 | 000,069,152 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\Lbd.sys -- (Lbd) DRV:64bit: - [2010.04.19 19:47:42 | 000,050,688 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010.02.04 23:22:28 | 000,583,296 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1008000.029\ccHPx64.sys -- (ccHP) DRV:64bit: - [2009.12.07 22:55:19 | 000,074,880 | ---- | M] () [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt) DRV:64bit: - [2009.09.10 23:51:06 | 000,172,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:64bit: - [2009.08.22 08:21:19 | 000,476,720 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1008000.029\SRTSP64.SYS -- (SRTSP) DRV:64bit: - [2009.08.22 08:21:19 | 000,402,992 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1008000.029\SYMEFA64.SYS -- (SymEFA) DRV:64bit: - [2009.08.22 08:21:19 | 000,334,384 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1008000.029\BHDrvx64.sys -- (BHDrvx64) DRV:64bit: - [2009.08.22 08:21:19 | 000,278,576 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1008000.029\SYMTDI.SYS -- (SYMTDI) DRV:64bit: - [2009.08.22 08:21:19 | 000,120,880 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1008000.029\SYMFW.SYS -- (SYMFW) DRV:64bit: - [2009.08.22 08:21:19 | 000,056,880 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1008000.029\SYMNDISV.SYS -- (SYMNDISV) DRV:64bit: - [2009.08.22 08:21:19 | 000,032,304 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008000.029\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV:64bit: - [2009.08.22 08:21:19 | 000,031,280 | R--- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\SymIMv.sys -- (SymIM) DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2008.12.01 18:15:04 | 005,000,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag) DRV:64bit: - [2008.08.06 17:26:08 | 000,174,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169) DRV:64bit: - [2006.09.18 22:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs) DRV - [2010.11.05 01:55:19 | 000,017,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys -- (Lavasoft Kernexplorer) DRV - [2010.10.28 18:16:10 | 001,804,336 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101109.002\EX64.SYS -- (NAVEX15) DRV - [2010.10.28 18:16:10 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2010.10.28 18:16:10 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2010.10.28 18:16:10 | 000,117,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101109.002\ENG64.SYS -- (NAVENG) DRV - [2010.10.19 21:36:20 | 000,476,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20101108.002\IDSviA64.sys -- (IDSVia64) DRV - [2008.09.26 02:36:34 | 000,027,632 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49}) DRV - [2008.09.10 02:19:36 | 000,025,888 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Programme\PC-Doctor for Windows\pcd5srvc_x64.pkms -- (PCD5SRVC{8AAF211B-043E02A9-05040000}) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "http://start.icq.com/" FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6 FF - prefs.js..extensions.enabledItems: dvscontextmenuy@dvdvideosoft.com:1.0 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.4 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010.04.27 16:30:17 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\program files (x86)\Mozilla Firefox\components [2010.10.29 14:38:36 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\program files (x86)\Mozilla Firefox\plugins [2010.10.29 14:38:36 | 000,000,000 | ---D | M] [2009.04.20 17:31:52 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions [2010.11.08 23:58:35 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\a5fw8v0c.default\extensions [2010.05.27 16:13:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\a5fw8v0c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.10.29 21:38:46 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\a5fw8v0c.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2010.10.30 00:32:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\a5fw8v0c.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.10.29 21:38:34 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\a5fw8v0c.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010.04.30 16:17:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\a5fw8v0c.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.04.30 16:17:12 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\a5fw8v0c.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} [2010.04.30 19:19:44 | 000,000,873 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\a5fw8v0c.default\searchplugins\conduit.xml [2010.11.09 22:12:25 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\a5fw8v0c.default\searchplugins\icqplugin-1.xml [2010.02.20 12:46:09 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\a5fw8v0c.default\searchplugins\icqplugin-10.xml [2010.04.03 23:35:00 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\a5fw8v0c.default\searchplugins\icqplugin-11.xml [2010.11.03 22:53:39 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\a5fw8v0c.default\searchplugins\icqplugin-12.xml [2009.04.28 21:56:33 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\a5fw8v0c.default\searchplugins\icqplugin-2.xml [2009.06.13 06:11:30 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\a5fw8v0c.default\searchplugins\icqplugin-3.xml [2009.07.23 01:34:58 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\a5fw8v0c.default\searchplugins\icqplugin-4.xml [2009.08.05 16:07:22 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\a5fw8v0c.default\searchplugins\icqplugin-5.xml [2009.09.13 12:12:27 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\a5fw8v0c.default\searchplugins\icqplugin-6.xml [2009.10.29 18:33:37 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\a5fw8v0c.default\searchplugins\icqplugin-7.xml [2009.12.17 03:16:57 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\a5fw8v0c.default\searchplugins\icqplugin-8.xml [2010.01.08 17:07:21 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\a5fw8v0c.default\searchplugins\icqplugin-9.xml [2010.06.21 15:35:24 | 000,001,042 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\a5fw8v0c.default\searchplugins\icqplugin.xml [2010.11.09 15:47:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2009.04.21 00:56:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.04.03 22:07:10 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.10.18 15:17:51 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.10.18 15:17:51 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.10.18 15:17:51 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.10.18 15:17:51 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.10.18 15:17:51 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL (Symantec Corporation) O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O4:64bit: - HKLM..\Run: [SmartMenu] C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [DVDAgent] c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE File not found O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TSMAgent] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKCU..\Run: [EPSON SX410 Series] C:\Windows\SysWow64\spool\DRIVERS\x64\3\E_IATIFCE.EXE File not found O4 - HKCU..\Run: [IcqUpdater] File not found O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () O4 - Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O8:64bit: - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-DE\local\search.html () O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.) O8:64bit: - Extra context menu item: Save YouTube Video as MP3 - C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam) O8 - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-DE\local\search.html () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.) O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll (Symantec Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2001.02.27 19:09:05 | 000,000,193 | RH-- | M] () - E:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{36341037-2b7f-11de-866f-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{36341037-2b7f-11de-866f-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2001.02.28 22:15:51 | 000,488,864 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{36341037-2b7f-11de-866f-806e6f6e6963}\Shell\configure\command - "" = E:\SETUP.EXE -- [2001.02.28 22:15:51 | 000,488,864 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{36341037-2b7f-11de-866f-806e6f6e6963}\Shell\install\command - "" = E:\SETUP.EXE -- [2001.02.28 22:15:51 | 000,488,864 | R--- | M] (Microsoft Corporation) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) Drivers32:64bit: aux - wdmaud.drv () Drivers32:64bit: aux1 - wdmaud.drv () Drivers32:64bit: midi - wdmaud.drv () Drivers32:64bit: midi1 - wdmaud.drv () Drivers32:64bit: midimapper - midimap.dll () Drivers32:64bit: mixer - wdmaud.drv () Drivers32:64bit: mixer1 - wdmaud.drv () Drivers32:64bit: msacm.imaadpcm - imaadp32.acm () Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm () Drivers32:64bit: msacm.msadpcm - msadp32.acm () Drivers32:64bit: msacm.msg711 - msg711.acm () Drivers32:64bit: msacm.msgsm610 - msgsm32.acm () Drivers32:64bit: vidc.i420 - iyuv_32.dll () Drivers32:64bit: vidc.iyuv - iyuv_32.dll () Drivers32:64bit: vidc.mrle - msrle32.dll () Drivers32:64bit: vidc.msvc - msvidc32.dll () Drivers32:64bit: vidc.uyvy - msyuv.dll () Drivers32:64bit: vidc.yuy2 - msyuv.dll () Drivers32:64bit: vidc.yvu9 - tsbyuv.dll () Drivers32:64bit: vidc.yvyu - msyuv.dll () Drivers32:64bit: wave - wdmaud.drv () Drivers32:64bit: wave1 - wdmaud.drv () Drivers32:64bit: wavemapper - msacm32.drv () Drivers32: aux - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation) Drivers32: aux1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation) Drivers32: midi - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation) Drivers32: midi1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation) Drivers32: midimapper - C:\Windows\SysWow64\midimap.dll (Microsoft Corporation) Drivers32: mixer - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation) Drivers32: mixer1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation) Drivers32: msacm.imaadpcm - C:\Windows\SysWow64\imaadp32.acm (Microsoft Corporation) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation) Drivers32: msacm.msadpcm - C:\Windows\SysWow64\msadp32.acm (Microsoft Corporation) Drivers32: msacm.msg711 - C:\Windows\SysWow64\msg711.acm (Microsoft Corporation) Drivers32: msacm.msgsm610 - C:\Windows\SysWow64\msgsm32.acm (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.i420 - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation) Drivers32: vidc.iyuv - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation) Drivers32: vidc.mrle - C:\Windows\SysWow64\msrle32.dll (Microsoft Corporation) Drivers32: vidc.msvc - C:\Windows\SysWow64\msvidc32.dll (Microsoft Corporation) Drivers32: vidc.uyvy - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation) Drivers32: vidc.yuy2 - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation) Drivers32: vidc.yvu9 - C:\Windows\SysWow64\tsbyuv.dll (Microsoft Corporation) Drivers32: vidc.yvyu - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation) Drivers32: wave - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation) Drivers32: wave1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation) Drivers32: wavemapper - C:\Windows\SysWow64\msacm32.drv (Microsoft Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010.11.07 18:36:02 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\WWWWWT [2010.11.07 18:01:25 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Lebenslauf [2010.11.02 01:30:44 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Sunbelt Software [2010.11.02 01:29:59 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E961CE1B-C3EA-4882-9F67-F859B555D097} [2010.11.02 01:29:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2010.11.02 01:29:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft [2010.11.01 23:10:15 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Malwarebytes [2010.11.01 23:09:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.11.01 23:09:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.11.01 23:09:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.10.30 00:29:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2 [2010.10.29 15:26:41 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan [2010.10.29 15:26:40 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2010.10.29 15:26:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan [2010.10.29 14:43:10 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\Symantec [2010.10.23 04:21:24 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\KUNSTPP [2010.10.21 01:49:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Designer [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010.11.09 22:52:01 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.11.09 21:47:37 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.11.09 21:47:37 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.11.09 15:49:26 | 000,034,901 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010.11.09 15:49:26 | 000,034,901 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010.11.09 15:49:07 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.11.09 15:48:56 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2010.11.09 15:47:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.11.09 15:47:26 | 3219,316,736 | -HS- | M] () -- C:\hiberfil.sys [2010.11.08 17:53:00 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010.11.06 18:24:58 | 001,445,310 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.11.06 18:24:58 | 000,628,504 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.11.06 18:24:58 | 000,595,798 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.11.06 18:24:58 | 000,126,248 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.11.06 18:24:58 | 000,103,872 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.11.05 01:55:19 | 000,049,752 | ---- | M] () -- C:\Windows\SysNative\drivers\SBREDrv.sys [2010.11.02 01:29:57 | 000,001,059 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk [2010.11.01 23:09:41 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.10.31 16:07:01 | 000,001,771 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2010.10.31 16:07:00 | 000,001,773 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2010.10.30 00:32:47 | 000,001,665 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.2.lnk [2010.10.29 18:00:25 | 000,000,456 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job [2010.10.27 17:58:17 | 000,000,817 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk [2010.10.21 14:26:52 | 000,337,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.10.21 01:51:43 | 000,000,400 | ---- | M] () -- C:\Windows\ODBC.INI [2010.10.21 01:49:56 | 000,001,912 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010.11.08 15:52:09 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2010.11.05 14:07:26 | 000,015,880 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe [2010.11.05 01:55:26 | 000,049,752 | ---- | C] () -- C:\Windows\SysNative\drivers\SBREDrv.sys [2010.11.02 01:39:56 | 000,069,152 | ---- | C] () -- C:\Windows\SysNative\drivers\Lbd.sys [2010.11.02 01:29:57 | 000,001,059 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk [2010.11.01 23:09:41 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.11.01 23:09:25 | 000,024,664 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys [2010.10.30 00:32:47 | 000,001,665 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.2.lnk [2010.10.29 15:26:36 | 000,001,773 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2010.10.29 15:26:36 | 000,001,771 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2010.10.27 16:07:35 | 004,240,384 | ---- | C] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll [2010.10.27 16:07:35 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\Apphlpdm.dll [2010.10.21 01:51:43 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2010.10.21 01:49:56 | 000,001,912 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2010.10.14 02:15:55 | 000,316,416 | ---- | C] () -- C:\Windows\SysNative\msshsq.dll [2010.10.13 16:19:56 | 001,923,584 | ---- | C] () -- C:\Windows\SysNative\ole32.dll [2010.10.13 16:19:36 | 013,425,152 | ---- | C] () -- C:\Windows\SysNative\wmp.dll [2010.10.13 16:19:23 | 008,147,968 | ---- | C] () -- C:\Windows\SysNative\wmploc.DLL [2010.10.13 16:17:43 | 000,189,952 | ---- | C] () -- C:\Windows\SysNative\t2embed.dll [2010.10.13 16:17:37 | 000,633,856 | ---- | C] () -- C:\Windows\SysNative\comctl32.dll [2010.10.13 16:17:19 | 002,751,488 | ---- | C] () -- C:\Windows\SysNative\win32k.sys [2010.10.13 16:16:58 | 007,015,424 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll [2010.10.13 16:16:56 | 005,692,928 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll [2010.10.13 16:16:51 | 000,590,848 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll [2010.10.13 16:16:45 | 000,758,784 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll [2010.10.13 16:16:40 | 001,426,944 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll [2010.10.13 16:16:39 | 001,032,704 | ---- | C] () -- C:\Windows\SysNative\wininet.dll [2010.10.13 16:16:37 | 001,129,984 | ---- | C] () -- C:\Windows\SysNative\mstime.dll [2010.10.13 16:16:36 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll [2010.10.13 16:16:35 | 000,485,376 | ---- | C] () -- C:\Windows\SysNative\html.iec [2010.10.13 16:16:34 | 000,249,856 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll [2010.10.13 16:16:33 | 000,480,256 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll [2010.10.13 16:16:30 | 000,375,296 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll [2010.10.13 16:16:30 | 000,208,896 | ---- | C] () -- C:\Windows\SysNative\occache.dll [2010.10.13 16:16:29 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\ieencode.dll [2010.10.13 16:16:29 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll [2010.10.13 16:16:28 | 001,383,424 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb [2010.10.13 16:16:27 | 000,422,400 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll [2010.10.13 16:15:56 | 000,461,824 | ---- | C] () -- C:\Windows\SysNative\drivers\srv.sys [2010.10.13 16:15:56 | 000,179,712 | ---- | C] () -- C:\Windows\SysNative\srvsvc.dll [2010.10.13 16:15:56 | 000,144,896 | ---- | C] () -- C:\Windows\SysNative\drivers\srvnet.sys [2010.10.13 16:15:55 | 000,175,104 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys [2010.10.13 16:15:53 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\sscore.dll [2010.10.13 16:15:52 | 000,017,920 | ---- | C] () -- C:\Windows\SysNative\netevent.dll [2010.10.13 16:14:41 | 000,343,040 | ---- | C] () -- C:\Windows\SysNative\schannel.dll [2010.10.13 16:14:02 | 001,090,048 | ---- | C] () -- C:\Windows\SysNative\wmpmde.dll [2010.05.30 16:52:46 | 000,034,901 | ---- | C] () -- C:\ProgramData\nvModes.001 [2010.05.30 16:52:22 | 000,034,901 | ---- | C] () -- C:\ProgramData\nvModes.dat [2010.01.01 23:04:21 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini [2009.12.21 20:47:49 | 000,172,032 | ---- | C] () -- C:\Windows\WsBtn.dll [2009.07.15 07:16:18 | 000,008,192 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.04.22 02:03:06 | 000,243,346 | ---- | C] () -- C:\Users\Chris\AppData\Local\tmpWOWSCRNSHOT_042209_014616.0 [2009.04.22 02:03:06 | 000,179,017 | ---- | C] () -- C:\Users\Chris\AppData\Local\tmpWOWSCRNSHOT_042209_014616.JPG [2009.04.20 17:56:54 | 000,419,090 | ---- | C] () -- C:\Users\Chris\AppData\Local\dd_vcredistMSI7B5D.txt [2009.04.20 17:56:54 | 000,017,306 | ---- | C] () -- C:\Users\Chris\AppData\Local\dd_vcredistUI7B5D.txt [2009.04.17 19:49:20 | 000,000,680 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat [2009.04.17 19:46:13 | 000,000,732 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d9caps64.dat [2009.02.10 22:42:41 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll [2009.02.10 22:42:41 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll [2008.01.21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2008.01.21 03:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [color=#E56717]========== LOP Check ==========[/color] [2009.04.20 20:09:10 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Acreon [2010.01.16 09:44:54 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Command & Conquer 3 Tiberium Wars [2010.04.30 16:17:11 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers [2010.08.19 16:45:48 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\EPSON [2010.02.08 19:51:37 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\FOG Downloader [2010.07.01 19:24:17 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\gtk-2.0 [2010.11.09 01:22:34 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\ICQ [2010.07.01 19:00:03 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\IrfanView [2010.05.16 01:05:05 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\LolClient [2009.04.20 18:18:29 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\OpenOffice.org [2010.08.08 19:02:07 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\SlideRocketPlayer.62C1F915F5A6BA2BA0761B85080AA90D2A2F76E2.1 [2010.03.29 20:35:35 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\TS3Client [2010.11.09 15:48:56 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job [2010.10.29 18:00:25 | 000,000,456 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job [2010.11.09 01:23:22 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2010.11.09 15:47:19 | 000,001,340 | ---- | M] () -- C:\aaw7boot.log [2008.01.21 03:50:15 | 000,333,203 | RHS- | M] () -- C:\bootmgr [2009.02.11 06:39:27 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2010.11.09 15:47:26 | 3219,316,736 | -HS- | M] () -- C:\hiberfil.sys [2005.09.23 00:39:38 | 000,894,976 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll [2010.11.09 15:47:24 | 3533,062,144 | -HS- | M] () -- C:\pagefile.sys [2009.02.10 23:17:21 | 000,000,361 | ---- | M] () -- C:\updatedatfix.log [color=#A23BEC]< %systemroot%\system32\*.wt >[/color] [color=#A23BEC]< %systemroot%\system32\*.ruy >[/color] [color=#A23BEC]< %systemroot%\Fonts\*.com >[/color] [2006.11.02 16:06:41 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont [2006.11.02 16:06:41 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont [2006.11.02 16:06:41 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont [2006.11.02 16:06:41 | 000,030,808 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont [color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color] [color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color] [2006.09.18 22:35:48 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini [color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color] [color=#A23BEC]< %systemroot%\system32\spool\prtprocs\w32x86\*.* >[/color] [color=#A23BEC]< %systemroot%\REPAIR\*.bak1 >[/color] [color=#A23BEC]< %systemroot%\REPAIR\*.ini >[/color] [color=#A23BEC]< %systemroot%\system32\*.jpg >[/color] [color=#A23BEC]< %systemroot%\*.scr >[/color] [color=#A23BEC]< %systemroot%\*._sy >[/color] [color=#A23BEC]< %APPDATA%\Adobe\Update\*.* >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Favorites\*.* >[/color] [color=#A23BEC]< %APPDATA%\Microsoft\*.* >[/color] [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color] [2008.01.21 04:21:59 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini [color=#A23BEC]< %APPDATA%\Update\*.* >[/color] [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color] [color=#A23BEC]< %systemroot%\system32\user32.dll /md5 >[/color] [2008.01.21 03:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\SysWOW64\user32.dll [color=#A23BEC]< %systemroot%\system32\ws2_32.dll /md5 >[/color] [2008.01.21 03:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SysWOW64\ws2_32.dll [color=#A23BEC]< %systemroot%\system32\ws2help.dll /md5 >[/color] [2006.11.02 10:44:30 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=17C0671BF57057108A6D949510EE42C8 -- C:\Windows\SysWOW64\ws2help.dll [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\SysWOW64\explorer.exe [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\SysWOW64\explorer.exe [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe [2008.10.29 07:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe [2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe [2009.04.11 08:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe [2008.10.28 03:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe [2008.10.29 07:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\explorer.exe [2008.10.29 07:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe [2008.10.30 06:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe [2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe [2008.01.21 03:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe [2008.01.21 03:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe [color=#A23BEC]< MD5 for: WININIT.EXE >[/color] [2008.01.21 03:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\SysWOW64\wininit.exe [2008.01.21 03:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\SysWOW64\wininit.exe [2008.01.21 03:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe [2008.01.21 03:50:23 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009.04.11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe [2008.01.21 03:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008.01.21 03:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SysWOW64\winlogon.exe [2008.01.21 03:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SysWOW64\winlogon.exe [2008.01.21 03:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color] [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color] < End of report > OTL Extras logfile created on: 09.11.2010 23:14:10 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Chris\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 62,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451,30 Gb Total Space | 260,54 Gb Free Space | 57,73% Space Free | Partition Type: NTFS Drive D: | 14,46 Gb Total Space | 1,99 Gb Free Space | 13,74% Space Free | Partition Type: NTFS Drive E: | 439,89 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\program files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" () piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l () scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1E4298CB-C761-445A-A417-49474FE73371}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher | "{22985D2A-0F08-437D-B378-B2C3AF66AE33}" = lport=8377 | protocol=6 | dir=in | name=league of legends launcher | "{2A0C7D68-4D43-452E-BE7F-D8DDB3397311}" = lport=6891 | protocol=17 | dir=in | name=league of legends launcher | "{3A05DB7B-9B43-4EA9-A369-C494F9FF2283}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher | "{3B9CE292-C83E-4DE7-AFE7-46E48A5734B9}" = lport=6891 | protocol=6 | dir=in | name=league of legends launcher | "{9619EFBB-68E4-4E24-84E0-7B2192C883C8}" = lport=8378 | protocol=17 | dir=in | name=league of legends launcher | "{99FCABE0-571A-428E-83E4-8AD37E82C537}" = lport=8378 | protocol=6 | dir=in | name=league of legends launcher | "{CD64ECFA-4767-4062-A16C-7BDA915A642C}" = lport=8377 | protocol=17 | dir=in | name=league of legends launcher | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02D52A55-9959-46CA-A547-512CA5689113}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10048-to-0.2.0.10072-dede-downloader.exe | "{0504D2C9-2F36-46AB-8283-C38F72F44410}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | "{0A7E1AD8-6CFF-4594-A32B-FB875D64996D}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | "{0EF98C30-2D66-4249-8A97-BDBADF6BA1A9}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe | "{10E60938-79F6-4866-858C-48131311787D}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\air\client.exe | "{1172923C-D5C5-4EC6-9900-E3AFF44BCF75}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10048-to-0.2.0.10072-dede-downloader.exe | "{1294767B-65D1-4D6F-B8FF-2BE791BFFADA}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{1398670A-E2D7-428C-B911-CFB3D24FCA7B}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | "{15C8FC63-F429-450C-9F72-AD37EA68164A}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft public test\launcher.patch.exe | "{16045E56-9483-48F7-AADA-503E84321830}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{17FFAB2A-681A-4691-A09E-EE2B56C61EB3}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe | "{19570F5D-C4E4-442D-BB61-36AFFA4DDFEF}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{1DC00560-00DE-47CD-9F8E-06F03EC074CD}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{1F6D1F6A-E074-4B62-9AC1-76F1974D4DCC}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | "{1FD8249F-AD74-45BD-9E7D-55E7F8E58501}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.2.10257-dede-ptr-downloader.exe | "{2453BCFA-2272-4155-8A0B-6CB1D1591215}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe | "{26ECDC0F-C6F6-45AD-8A0D-DCE42F7F4248}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe | "{2960FB65-3E39-4F87-804E-3D2A639C2E1E}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe | "{2CA3DCDD-5552-4210-B7AE-E70C63C85C31}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe | "{31D15ADB-99B5-40B9-96A2-B980F53B1A50}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.3.0.10522-to-0.3.0.10554-dede-ptr-downloader.exe | "{36E9FFD4-C77E-41C0-B741-D78A59DCD20C}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe | "{3BEC80D5-56C5-4507-ACF6-23C6A51704F9}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe | "{3D0D8102-C7E9-4635-8404-543E844F1E64}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{3EE5EF01-C154-42CA-9714-D9109C5B3A53}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10072-to-0.2.0.10083-dede-downloader.exe | "{41E62B89-8A1D-464A-8978-BA70D38772F2}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.3.0.10571-to-0.3.0.10596-dede-ptr-downloader.exe | "{44316D2C-74E3-4D3A-ADBC-4B54D116EEC1}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.3.0.10522-dede-ptr-downloader.exe | "{49856E35-EFA1-4083-8146-4E2A85332F71}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{55FFA4E6-A9CA-4C80-BC9D-1F6AF13B05C7}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe | "{6883D6D9-D8C0-4A4C-8939-26E5EFDCC014}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{6C6272BE-B691-49B7-88E7-57402D5FAEF9}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe | "{6ECAAA07-1A58-40B7-9476-71C7B6B93C47}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.3.0.10571-to-0.3.0.10596-dede-ptr-downloader.exe | "{6F331DDF-D587-464B-AFFB-1C19435DD5DE}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | "{7313A8CB-C2DD-40B6-9632-8A8F95C5A9B9}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.3.0.10554-to-0.3.0.10571-dede-ptr-downloader.exe | "{77659CA2-C544-4927-999A-78104E4018F5}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\game\league of legends.exe | "{85ECDE26-0754-47CE-A024-82FF03706B4B}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe | "{86C93215-693C-47F4-8993-AAE80C04F980}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\client.exe | "{875E53D9-D2EA-4754-BC6B-5E587A3B4FA2}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{89E57DCA-339E-4F2C-AD6F-A022A4261A01}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | "{9078C546-E32A-4FA5-B987-75851A00A66D}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe | "{9377212C-D565-45F8-81F8-13E4B32BE9F0}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft public test\launcher.patch.exe | "{994A49C4-049E-4064-A44D-F98CB437AC92}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.2.10257-dede-ptr-downloader.exe | "{9AB3D316-804E-4F55-BBAD-5B06C8417A32}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10083-to-0.2.0.10116-dede-downloader.exe | "{A9D2F026-AA7C-4D6D-8F55-817A27BF5C48}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe | "{AC678B75-980B-4218-A854-91253EB8F838}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe | "{B263996A-01F1-4B18-BA94-070840C1E050}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe | "{B2991EE7-547C-49FA-AB88-B62124F06821}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe | "{B4193936-4873-4B37-9F97-A24BCFDDFC5A}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe | "{B4E7C931-82F9-4F41-9C61-581D4C2705FC}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe | "{BB6C5927-8EDE-4479-901B-6297EC26BFDB}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\client.exe | "{BF34E106-E9EF-4938-B31A-E9E4000BC9BB}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | "{C7CD15BA-D8D5-4EA5-BE71-A9C125C5DAA0}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe | "{CAFD2249-C76F-4217-97A4-23A9D17DAB04}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\air\client.exe | "{CCE1A447-25F3-49EE-A7D9-77AC65E5E9D8}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe | "{CE9D4BFE-6309-47A7-A77D-C69D8A0726D6}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{D1472DEA-57FF-484E-8D3C-0E5B9FEE0DF3}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe | "{D42EEC35-3083-46A4-BF83-1D933463FA0F}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | "{D675C4D2-3273-470E-8001-47F0F2B95C19}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe | "{D8DFE438-D1B5-48E7-9668-517B29B8E3C8}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.3.0.10522-dede-ptr-downloader.exe | "{D8FDF1A6-E573-4FF5-BCC8-DCC7E45475B6}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe | "{D91646AB-CD1A-4B28-A7E6-7A90001004AB}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10083-to-0.2.0.10116-dede-downloader.exe | "{DE70A69F-78C7-4FD3-B7E5-98F4B13E28AF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{E2CDD62A-3730-4827-8FA0-63D31FEA2D90}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.3.0.10522-to-0.3.0.10554-dede-ptr-downloader.exe | "{EB0DFAF4-7A72-4BB7-9C2F-D7028385256A}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | "{EBFCFD51-206F-428A-AFB4-4BCE43AF8E3C}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.3.0.10554-to-0.3.0.10571-dede-ptr-downloader.exe | "{F91C4B4C-3D8E-40FD-9652-FD8FBF054E55}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.2.0.10072-to-0.2.0.10083-dede-downloader.exe | "{F991816D-581C-441F-99D8-75EFACE14C6E}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{FD682628-AA9E-4463-A247-97EE409893AE}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\game\league of legends.exe | "TCP Query User{0BAC2C02-9380-47D9-B407-AEC6827F688A}C:\users\public\games\world of warcraft public test\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft public test\launcher.exe | "TCP Query User{0F4B7B0B-5320-43C8-AD2A-31F526A2163C}C:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe | "TCP Query User{1020FBFE-A504-4CDE-8BCB-D0571C8DF84F}C:\program files (x86)\starcraft ii\versions\base16561\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16561\sc2.exe | "TCP Query User{1D0A9D54-DCF8-43DB-AA93-DB5C51832E3F}C:\users\chris\desktop\blblabla test\world of warcraft public test\launcher.exe" = protocol=6 | dir=in | app=c:\users\chris\desktop\blblabla test\world of warcraft public test\launcher.exe | "TCP Query User{1DAA4D8E-B42D-4F26-AD89-39B92A6CBAC9}C:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe | "TCP Query User{20B02C25-C384-41DD-976E-2B77203AF6B5}C:\program files (x86)\starcraft ii\versions\base16605\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16605\sc2.exe | "TCP Query User{453DF02D-816F-4857-827F-DD72CB7670FD}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | "TCP Query User{4F599CB6-B4C4-4C13-AE73-A2AE02EE4AEE}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe | "TCP Query User{552CAE13-37C9-4F92-92E8-56E5B36BC14A}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe | "TCP Query User{5697A5B2-80BD-45C7-BBAB-7907BAE5CB5F}C:\users\chris\downloads\ptr-installer-4.0.0.12824-dede-downloader(2).exe" = protocol=6 | dir=in | app=c:\users\chris\downloads\ptr-installer-4.0.0.12824-dede-downloader(2).exe | "TCP Query User{60B65A55-033D-4926-857B-85D4515565D6}C:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe | "TCP Query User{678F25A6-79C4-42AB-B59F-4C1ED2BA3E75}C:\users\chris\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe" = protocol=6 | dir=in | app=c:\users\chris\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe | "TCP Query User{72440EE1-08D2-4E67-BE5E-E02136CFA750}C:\users\public\games\world of warcraft public test\blizzard downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft public test\blizzard downloader.exe | "TCP Query User{790EF8E1-3B70-4483-86AD-B9F3153728C4}C:\users\chris\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(4).exe" = protocol=6 | dir=in | app=c:\users\chris\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(4).exe | "TCP Query User{7DE9A4F7-BB17-4278-9447-6EDE5047CA58}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe | "TCP Query User{7F6C6369-1911-4F1E-9F3B-1B2AC292B25F}C:\users\public\games\world of warcraft\blizzard downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\blizzard downloader.exe | "TCP Query User{8269A9FF-2E36-4E4A-8590-4FF0B456951C}C:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe | "TCP Query User{8C384E0C-2DA4-4FED-BC06-6AE355B3780B}C:\users\chris\downloads\ptr-installer-4.0.0.12824-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\chris\downloads\ptr-installer-4.0.0.12824-dede-downloader.exe | "TCP Query User{8F24A78A-A262-4996-9863-1F95967872B6}C:\users\chris\downloads\eudownloader.exe" = protocol=6 | dir=in | app=c:\users\chris\downloads\eudownloader.exe | "TCP Query User{8FE7B9ED-7201-42CE-B10A-90BB710F06AB}C:\users\chris\downloads\fogdownloader-rom_2_1_0_1871.exe" = protocol=6 | dir=in | app=c:\users\chris\downloads\fogdownloader-rom_2_1_0_1871.exe | "TCP Query User{A514D244-0106-4C20-A3AE-A1571FA7C688}C:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe | "TCP Query User{AEAD091C-0A54-4F47-828C-380C50B22217}C:\users\public\games\world of warcraft\repair.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\repair.exe | "TCP Query User{B3CF5669-7BCE-4BB0-B212-32CC0BF53298}C:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe | "TCP Query User{BB283EE0-E15F-45D6-910D-26DE5C7C4891}C:\program files (x86)\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe | "TCP Query User{BF41017F-C110-43EC-9C70-63A8F5574758}C:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe | "TCP Query User{C658F950-4D80-4B4F-BEF5-EEDF724FC381}C:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe | "TCP Query User{E0E69DE4-1506-4A6F-8A1E-6BE12CC6BDE2}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "TCP Query User{E83E242C-8C68-45B4-8F42-50EB1B1FA772}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | "TCP Query User{E8D389F3-809E-4535-B5E4-7BB22FF2C8B5}C:\users\chris\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(5).exe" = protocol=6 | dir=in | app=c:\users\chris\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(5).exe | "TCP Query User{F6E94BFB-76CA-4E74-AC7F-7E0A836CFCA0}C:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-dede-downloader.exe | "UDP Query User{14D362A3-5122-4242-B85E-8EF8B0E46134}C:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe | "UDP Query User{1BA7FE32-47D8-492F-94D4-B2FCFB8A389F}C:\users\public\games\world of warcraft\repair.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\repair.exe | "UDP Query User{1D8C8683-69CA-4469-821E-DFF1A8CF3827}C:\users\chris\downloads\ptr-installer-4.0.0.12824-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\chris\downloads\ptr-installer-4.0.0.12824-dede-downloader.exe | "UDP Query User{1DA65870-A520-4702-9759-F0866B122842}C:\users\chris\downloads\ptr-installer-4.0.0.12824-dede-downloader(2).exe" = protocol=17 | dir=in | app=c:\users\chris\downloads\ptr-installer-4.0.0.12824-dede-downloader(2).exe | "UDP Query User{3F819643-43D1-4DDD-9C2C-E9E52351F3BE}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "UDP Query User{441ECFDA-E6AE-44B5-9E1D-9A2FC2E43578}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe | "UDP Query User{58982497-7B3E-4F00-8650-4F6DE1D9B12F}C:\program files (x86)\starcraft ii\versions\base16605\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16605\sc2.exe | "UDP Query User{5F1E876D-40C6-4A84-BC7D-5F3616A46490}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | "UDP Query User{6BDF5305-DAE7-418C-B47E-1CC04325E858}C:\users\chris\desktop\blblabla test\world of warcraft public test\launcher.exe" = protocol=17 | dir=in | app=c:\users\chris\desktop\blblabla test\world of warcraft public test\launcher.exe | "UDP Query User{77ABE7CC-49C9-457E-9E4E-0B76D71AFD6D}C:\users\chris\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe" = protocol=17 | dir=in | app=c:\users\chris\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe | "UDP Query User{7890439F-7A90-4035-B926-3BF2C16575F6}C:\users\chris\downloads\fogdownloader-rom_2_1_0_1871.exe" = protocol=17 | dir=in | app=c:\users\chris\downloads\fogdownloader-rom_2_1_0_1871.exe | "UDP Query User{7A4735F6-EDAC-41B8-9050-19E1487EF5A9}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe | "UDP Query User{861BD36A-492B-4069-AEDF-312999D91E39}C:\users\public\games\world of warcraft\blizzard downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\blizzard downloader.exe | "UDP Query User{94145F77-C322-4FE7-BF12-AEEA650E17D9}C:\users\chris\downloads\eudownloader.exe" = protocol=17 | dir=in | app=c:\users\chris\downloads\eudownloader.exe | "UDP Query User{94500B41-D0E2-4F29-B4BA-B9B51DDE5256}C:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-dede-downloader.exe | "UDP Query User{A0EECB01-BE6C-43E1-8FEF-B16A9EA09303}C:\program files (x86)\starcraft ii\versions\base16561\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16561\sc2.exe | "UDP Query User{A603B3AC-EA45-46E6-89DC-A677F108679D}C:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.10958-to-3.3.0.11159-dede-downloader.exe | "UDP Query User{AF1B3F20-9F73-4944-9134-F45C7BAA6A15}C:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe | "UDP Query User{AFC85383-86DE-4612-9697-87D0190B2478}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | "UDP Query User{B21E90C5-9011-48FB-A432-BF8E769CD945}C:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.1987-enus-tools-downloader.exe | "UDP Query User{B48B3275-BEDE-41C6-83F7-2BB36E630BFB}C:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-dede-downloader.exe | "UDP Query User{BAF230E5-FB5F-4109-87F8-1BB24D8859C9}C:\users\public\games\world of warcraft public test\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft public test\launcher.exe | "UDP Query User{D6610F76-77FD-4148-AF8F-EABB8FC9F05F}C:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-dede-downloader.exe | "UDP Query User{DF0B1B12-04AA-4B38-980F-031BCB856F1A}C:\program files (x86)\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe | "UDP Query User{E5340E1B-60CE-41BB-B518-D417D4D92F91}C:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe | "UDP Query User{E881C993-4D9E-46AB-B1CE-15D93A60E842}C:\users\chris\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(4).exe" = protocol=17 | dir=in | app=c:\users\chris\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(4).exe | "UDP Query User{EE0C30D3-83A7-4D51-B0A6-43A647ECFB3C}C:\users\public\games\world of warcraft public test\blizzard downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft public test\blizzard downloader.exe | "UDP Query User{F0A69E21-E2D1-46C3-8D87-9F6D15D8C322}C:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe | "UDP Query User{FCA5EFFF-302E-4E6F-A513-925751270719}C:\users\chris\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(5).exe" = protocol=17 | dir=in | app=c:\users\chris\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(5).exe | "UDP Query User{FD60D248-914A-4CA9-B467-D2E4552B9060}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes "{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour "{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 "{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64) "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{A78488FA-7375-6587-86C3-559337D9B4FF}" = ATI Catalyst Install Manager "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D2F7994F-661E-46D1-A1DF-67F2887AAA7E}" = HP MediaSmart SmartMenu "{E1388CF2-54B0-E3E4-4CEB-A9895BA4EA27}" = ccc-utility64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "EPSON SX410 Series" = EPSON SX410 Series Printer Uninstall "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "OfficeTrial" = Testversion von Microsoft Office Home and Student 2007 "PC-Doctor for Windows" = Hardware Diagnose Tools "WinRAR archiver" = WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03BF5CB1-B72E-4CA6-A278-F65680F05420}" = HP Picasso Media Center Add-In "{08853961-8B12-DB95-7608-F4636C4CFE12}" = CCC Help Korean "{122EF51E-D828-4A14-7217-EC46B6A2E701}" = CCC Help Finnish "{14807B66-F422-9958-2CC0-CCB4DADFCEE3}" = Catalyst Control Center Localization French "{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor "{1605A118-BEDF-1187-B1CF-CDFCE31B3A78}" = CCC Help Dutch "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{18FEDE6B-FE28-D727-3DC1-6C77F8B0272C}" = Catalyst Control Center Localization Norwegian "{19506BDB-4EA7-491F-E8AB-E97109FDB296}" = muvee Reveal "{1AA2AD55-9430-B2B5-6181-68A4231EEB91}" = Catalyst Control Center Localization Czech "{1C896BC6-9AAA-B01F-196F-547028218416}" = CCC Help Italian "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "{1FD0609F-5FD1-7DE4-1BB1-825819C39620}" = Catalyst Control Center Localization Polish "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13 "{2C33926E-9468-A9DD-0739-1708BF2A4070}" = Catalyst Control Center InstallProxy "{307B9721-1061-7D2E-0B46-1CAAEE98DB0A}" = CCC Help Chinese Traditional "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{3309D316-FDE0-E139-CCCB-3F1619F423ED}" = CCC Help Russian "{370946F6-D031-4C53-5847-9DE9FE2C0B68}" = CCC Help Swedish "{37FA68A4-2EB2-FE54-8F4F-54F7DE0C3F41}" = CCC Help German "{38058455-8C21-4C2F-B2F6-14ED166039CB}" = HP Total Care Setup "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works "{3BF431FD-5F29-2032-D876-02768D1008D6}" = CCC Help Turkish "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective "{4A05A1F3-BFF4-5483-CA74-E5F0E147DD2D}" = CCC Help Norwegian "{4AA5B387-BE2F-2D23-469C-F8EC64D491F1}" = CCC Help Danish "{4AFE4879-30B6-C774-CF1B-30EDEE253E3C}" = CCC Help Chinese Standard "{5297431A-FA6F-3FD5-93EA-33544C7A718E}" = ccc-core-static "{55FE3A90-D74E-6BA3-351A-D0072AFF9A16}" = CCC Help French "{58831810-F382-B7A5-07B2-080423355BB5}" = CCC Help Japanese "{64B9E2F5-558E-4C56-B419-A1679518F6E7}" = HP Customer Experience Enhancements "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{66EAC32B-2722-30A9-D516-F920319466B6}" = CCC Help Thai "{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2 "{6DBD8102-4CFB-CE2B-E618-FFBF0E926312}" = Catalyst Control Center Localization Portuguese "{6F38F4AC-6EB8-3243-6BB9-645A6175E3F3}" = Catalyst Control Center Localization Chinese Standard "{70AF9C60-3DB7-C02A-122C-047DBA2A9FE5}" = CCC Help Czech "{713B8EE5-F20D-8D0B-16E9-AE741D4659BF}" = Catalyst Control Center Localization Swedish "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2 "{745670AF-84D3-A0CA-D037-557E00373014}" = CCC Help Polish "{75F7B30D-A1B9-332B-6C4C-CA7B39A69211}" = CCC Help Portuguese "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762 "{779B73C4-4160-27AB-3D43-83B6F339CCBE}" = CCC Help Hungarian "{79E63B87-F29F-066E-7013-8F0769614549}" = Catalyst Control Center Graphics Full New "{7D09765B-DF77-203D-5358-0C97C0A5898B}" = Catalyst Control Center Graphics Previews Vista "{7EC19307-7C22-47A8-922B-3FA965291260}" = OpenOffice.org 3.0 "{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}" = Epson Easy Photo Print 2 "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{92E028EF-6CCD-CD95-125B-1BBA5AA57A33}" = Catalyst Control Center Localization Dutch "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{95C5F81D-0779-4932-BE83-32AAF814F4B9}" = League of Legends "{95CE37C8-0D35-1EE6-33AA-EDBA28B0F3E9}" = Catalyst Control Center Localization Chinese Traditional "{97ABD26A-3249-46CB-B2E2-F66E64B2E480}" = HP Demo "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{99BD7651-9E95-9542-41B7-41B99CA3DD48}" = CCC Help English "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9D16B1EB-2F03-9302-97D6-C9D622F8FC5C}" = Catalyst Control Center Core Implementation "{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS "{A08BA9AA-6F28-5E55-60C2-EE0B096C3B7C}" = Catalyst Control Center Localization Hungarian "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A93848B3-3940-822A-DE0B-7F8A60AE5FB5}" = Catalyst Control Center Localization Spanish "{ACEE96E7-7EA5-19C3-77ED-1FDCFDB02A3A}" = Catalyst Control Center Localization Greek "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B904626A-310C-C6BF-7D6F-238A3038AE7A}" = Catalyst Control Center Graphics Previews Common "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C73C1DD5-AC29-EAF0-F96E-D41D60FB30D5}" = CCC Help Spanish "{C7C3D205-6D44-AB3B-6D38-0ECEC166A924}" = Catalyst Control Center Localization Thai "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D1123A5E-4E88-5966-907E-AF485812D999}" = SlideRocket Player "{D18F60EA-D4D8-8D3D-BB73-F5B0AFF4D8AC}" = Catalyst Control Center Localization Danish "{DA9DAC64-C947-47BA-B411-8A1959B177CF}" = LightScribe System Software 1.14.25.1 "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support "{DAF7BA5A-5281-7BE9-8328-FA715326DF22}" = Catalyst Control Center Localization Korean "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3 "{DDFCFD50-08CF-BC9A-01EA-F3EFE679F32E}" = Catalyst Control Center Localization Finnish "{DE79C60C-95A0-D037-7A6F-960BEEF8E700}" = Catalyst Control Center Localization Russian "{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime "{E79945AB-C672-48F3-8BC3-E57FE021DFF9}" = Catalyst Control Center - Branding "{E7EC48FF-82A9-1AAD-B418-B54C55EF65B4}" = Catalyst Control Center Localization German "{E829578C-7019-C5F3-D7E6-8A898DD092A1}" = Catalyst Control Center Graphics Light "{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition "{ED216124-3A28-AD73-A62E-D8B03C6C9FA3}" = CCC Help Greek "{EF6E6BB2-8729-113C-86EF-3FBF199EBF23}" = Skins "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F250533B-50C9-2A5D-E5BF-070E361A7139}" = Catalyst Control Center Localization Turkish "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{FA7F121D-6D96-339D-DC77-734C3CEEBDB0}" = Catalyst Control Center Localization Italian "{FC04653D-D1B5-E01F-5175-1B1A3D0B17C6}" = Catalyst Control Center Localization Japanese "{FCA14396-813A-37AD-E417-31DC93A4849B}" = Catalyst Control Center Graphics Full Existing "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Ad-Aware" = Ad-Aware "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AOL Toolbar" = AOL Toolbar 5.0 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar "EPSON Scanner" = EPSON Scan "Epson Stylus SX210_SX410_TX210_TX410 Benutzerhandbuch" = Epson Stylus SX210_SX410_TX210_TX410 Handbuch "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8 "Google Chrome" = Google Chrome "ICQToolbar" = ICQ Toolbar "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "IrfanView" = IrfanView (remove only) "League of Legends_is1" = League of Legends "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "McAfee Security Scan" = McAfee Security Scan Plus "Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12) "NIS" = Norton Internet Security "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "SlideRocketPlayer.62C1F915F5A6BA2BA0761B85080AA90D2A2F76E2.1" = SlideRocket Player "StarCraft II" = StarCraft II "SystemRequirementsLab" = System Requirements Lab "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamSpeak 3 Client" = TeamSpeak 3 Client "Uninstall_is1" = Uninstall 1.0.0.1 "Warcraft III" = Warcraft III "WildTangent hp Master Uninstall" = My HP Games "WinGimp-2.0_is1" = GIMP 2.6.9 "World of Warcraft" = World of Warcraft "World of Warcraft Public Test" = World of Warcraft Public Test "XnView_is1" = XnView 1.97.4 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "090215de958f1060" = Curse Client "538e2a4af313161a" = FasterPing "Warcraft III" = Warcraft III: All Products [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 29.10.2010 13:43:31 | Computer Name = Chris-PC | Source = Perflib | ID = 1008 Description = Error - 29.10.2010 13:43:31 | Computer Name = Chris-PC | Source = Perflib | ID = 1010 Description = Error - 29.10.2010 13:43:31 | Computer Name = Chris-PC | Source = Perflib | ID = 1008 Description = Error - 29.10.2010 13:43:31 | Computer Name = Chris-PC | Source = Perflib | ID = 1008 Description = Error - 29.10.2010 13:43:31 | Computer Name = Chris-PC | Source = Perflib | ID = 1008 Description = Error - 29.10.2010 13:43:32 | Computer Name = Chris-PC | Source = Perflib | ID = 1008 Description = Error - 29.10.2010 13:43:32 | Computer Name = Chris-PC | Source = Perflib | ID = 1005 Description = Error - 29.10.2010 13:43:32 | Computer Name = Chris-PC | Source = Perflib | ID = 1018 Description = Error - 29.10.2010 13:43:33 | Computer Name = Chris-PC | Source = Perflib | ID = 1008 Description = Error - 30.10.2010 10:09:54 | Computer Name = Chris-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 08.11.2010 08:18:53 | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7016 Description = Error - 08.11.2010 10:49:19 | Computer Name = Chris-PC | Source = nvlddmkm | ID = 11141134 Description = Error - 08.11.2010 10:49:28 | Computer Name = Chris-PC | Source = HTTP | ID = 15016 Description = Error - 08.11.2010 10:50:07 | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7026 Description = Error - 08.11.2010 11:06:15 | Computer Name = Chris-PC | Source = BROWSER | ID = 8032 Description = Error - 09.11.2010 10:47:29 | Computer Name = Chris-PC | Source = nvlddmkm | ID = 11141134 Description = Error - 09.11.2010 10:47:38 | Computer Name = Chris-PC | Source = HTTP | ID = 15016 Description = Error - 09.11.2010 10:47:58 | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7026 Description = Error - 09.11.2010 10:52:43 | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7022 Description = Error - 09.11.2010 11:04:09 | Computer Name = Chris-PC | Source = BROWSER | ID = 8032 Description = < End of report > |
|
|
||
10.11.2010, 18:57
Moderator
Beiträge: 5694 |
#4
Schritt 1
Teatimer abstellen Mit laufendem TeaTimer von Spybot Search&Destroy lässt sich keine Reinigung durchführen, da er alle gelöschten Einträge wiederherstellt. Der Teatimer muss also während der Reinigungsarbeiten abgestellt werden (lasse den Teatimer so lange ausgeschaltet, bis wir mit der Reinigung fertig sind): Starte Spybot S&D => stelle im Menü "Modus" den "Erweiterten Modus" ein => klicke dann links unten auf "Werkzeuge" => klicke auf "Resident" => das Häkchen entfernen bei Resident "TeaTimer" (Schutz aller Systemeinstellungen) => Spybot Search&Destroy schließen => Rechner neu starten. Bebilderte Anleitung. Schritt 2 Deine Javaversion ist veraltet. Da einige Schädlinge (z. B. Vundo) über Java-Exploits in das System eindringen, muss Java aktualisiert werden und alte Versionen müssen vom System entfernt werden, da die alten Versionen ein Sicherheitsrisiko darstellen. Lade JavaRa von prm753 herunter und entpacke es auf den Desktop. JavaRA ist geeignet für Windows 9x, 2k, XP und Vista (mit deaktivierter Benuterkontensteuerung). • Schließe alle Browserfenster. • Doppelklicke die JavaRa.exe, um das Programm zu starten. • Die Sprache auswählen, nimm Englisch und klicke "Select". • Klicke auf Additional Task, mache Haken bei Remove Useless JRE Files und Remove Sun Download Manager[b].• Klicke auf [b]Go und jeweils auf Ok und schließe das Fenster "Additional Tasks" wieder.• Klicke auf Remove Older Versions, um alte Java-Versionen, die auf dem Rechner installiert sind, zu entfernen. • Klicke auf Yes wenn es verlangt wird. Wenn JavaRa fertig, erscheint eine Notiz, dass ein Logfile erstellt wurde, klicke OK. • Das Logfile wird im Editor geöffnet, bitte speichern und später hier posten. • Kontrolliere in Systemsteuerung => Programme, ob noch Java-Versionen vorhanden sind und deinstalliere diese.• Rechner neu starten.Downloade nun Java (Java Runtime Environment (JRE) 6 Update 22) von Oracle und installiere es. Vor dem Download musst Du die Lizenzbedingungen akzeptieren, indem Du "Accept License Agreement" aktivierst. Erweiterte Optionen anhaken, Sponsoren-Programm (Toolbar oder ähnliches) ggfs. abwählen. Schritt 3 Fixen mit OTL • Starte die OTL.exe. • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen. • Kopiere folgendes Skript: Code :OTL• und füge es hier ein: • Schließe alle Programme. • Klicke auf den Fix Button. • Klick auf . • OTL verlangt einen Neustart. Bitte zulassen. • Nach dem Neustart findest Du ein Textdokument. Kopiere den Inhalt hier in Code-Tags in Deinen Thread. Schritt 4 ESET Online Scanner Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten. Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt als Administrator starten. • Dein Anti-Virus-Programm während des Scans deaktivieren. • Button drücken.Firefox-User: Bitte esetsmartinstaller_enu.exe downloaden.Das Firefox-Addon auf dem Desktop speichern und dann installieren. • IE-User: müssen das Installieren eines ActiveX Elements erlauben. • Setze den einen Hacken bei Yes, i accept the Terms of Use. • Drücke den Button. • Warte bis die Komponenten herunter geladen wurden. • Setze einen Haken bei "Remove found threads" und "Scan archives".• drücken. • Die Signaturen werden herunter geladen.Der Scan beginnt automatisch. Wenn der Scan beendet wurde • Klicke Finish.• Browser schließen. • Explorer öffnen. • C:\Programme\Eset\EsetOnlineScanner\log.txt suchen und mit Deinem Editor öffnen. • Logfile hier posten. |
|
|
||
11.11.2010, 03:37
Member
Themenstarter Beiträge: 13 |
#5
Java Log:
Code JavaRa 1.16 Removal Log.(Java Runtime Environment (JRE) 6 Update 22) lässt sich allerdings nicht installieren, weil eine "DLL" nicht ausgeführt werden kann. OTL: Code All processes killedESET: Code ESETSmartInstaller@High as downloader log: |
|
|
||
11.11.2010, 18:49
Moderator
Beiträge: 5694 |
||
|
||
11.11.2010, 21:32
Member
Themenstarter Beiträge: 13 |
#7
Zuerst die Online Version, nachdem diese nicht funktionierte hab ichs mit der Offline Version versucht.
|
|
|
||
12.11.2010, 13:24
Moderator
Beiträge: 5694 |
#8
Welche Fehlermeldung kommt genuau?
|
|
|
||
12.11.2010, 14:05
Member
Themenstarter Beiträge: 13 |
#9
Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden sie sich an das Supportpersonal oder den Hersteller des Pakets.
|
|
|
||
12.11.2010, 14:32
Moderator
Beiträge: 5694 |
#10
Schau mal ob Du alle altene Java Versionen entfernt hast aus der Software.
|
|
|
||
12.11.2010, 17:46
Member
Themenstarter Beiträge: 13 |
#11
Müsste eigentlich alles runter sein, jedenfalls finde weder ich noch JavaRa ältere Versionen. Habs JavaRa auch mehrmals suchen lassen und den TeaTimer von Spybot S&D dabei ausgeschaltet.
Ich kann allerdings noch Youtube-Videos ansehen, heißt das, ich hab doch etwas übersehen, oder hängt das damit nicht zusammen? |
|
|
||
12.11.2010, 18:08
Moderator
Beiträge: 5694 |
#12
Nein hängt es nicht
Hmmm..... Was wird hier angezeigt: http://www.java.com/de/download/installed.jsp |
|
|
||
12.11.2010, 22:54
Member
Themenstarter Beiträge: 13 |
#13
Zitat Dieser Artikel gilt für: |
|
|
||
13.11.2010, 14:34
Moderator
Beiträge: 5694 |
#14
Und hast Du das gemacht was dort steht?
|
|
|
||
13.11.2010, 16:22
Member
Themenstarter Beiträge: 13 |
#15
Ich habs versucht, bin aber nich wirklich weitergekommen.
1. Aktivieren von Java über den Web-Browser. Zitat Sonstige Web-Browser Firefox 0.8 und höherIch benutze Mozilla Firefox, nachdem ich zu "Einstellungen" gelangt bin, gibt es keinen Dialog "Optionen" 2. Aktivieren von Java über das Control Panel des Java Plug-ins. Zitat Öffnen Sie in Windows zunächst die Systemsteuerung, um zu prüfen, ob Ihr Browser Java Runtime Environment (JRE) unterstützt. Wählen Sie im Startmenü Einstellungen und dann Systemsteuerung aus, um die Systemsteuerung zu öffnen. In der Systemsteuerung sollte das Java-Logo mit der Kaffeetasse angezeigt werden.Ich habe ein weißes Blatt, woneben dann "Java" steht. Diese Anwendung kann allerdings nicht ausgeführt werden, wenn ich draufklicke. 3. Leeren des Web-Browser-Caches Hier gibt es nur Anweisungen für Internet Explorer 4.x und höher, Netscape 4.x und höher, Mozilla 1.x und höher, Opera, AOL 3.x und höher. |
|
|
||
ich bin vor nicht langer Zeit einem Keylogger zum Opfer gefallen und habe den Verdacht, dass mein PC virenverseucht ist. Meine üblichen Virenschutzprogramme (Avira, Spybot und Norton) haben nichts gefunden und auch andere, zusätzlich gedownloadete Programme konnten keine Klarheit verschaffen.
Das Problem ist, dass ich mein Passwort auf keiner befremdlichen Seite eingegeben habe, ein Passwortraub also theoretisch nur über einen Virus stattfinden konnte (der nun nicht zu finden ist). Da ich mich mit solchen Themen nicht sonderlich gut auskenne, habe ich mir von einem Freund dieses Programm ans Herz legen lassen und bitte euch hiermit, mal mein folgendes Log zu überprüfen.
Danke im Vorraus.
Liebe Grüße.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:13:42, on 08.11.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18527)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
c:\Users\Chris\Downloads\HiJackThis204.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [EPSON SX410 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU "C:\Windows\TEMP\E_S6B09.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [IcqUpdater] "C:\Users\Chris\AppData\Local\Temp\IcqUpdater.exe" update 4024 Global\MMutexLib_Global_AppInstance_YzpccHJvZ3JhfjJcaWNxNy4yXGljcS5leGU "C:\Program Files (x86)\ICQ7.2\updates\downloaded" "C:\PROGRA~2\ICQ7.2\ICQ.exe noupdate=1" autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Startup: CurseClientStartup.ccip
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-DE\local\search.html
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate1ca49528372a5f) (gupdate1ca49528372a5f) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14179 bytes