![]() |
|
Plagegeister aller Art und deren Bekämpfung: gvu 2.07 Befall entfernen Windows 7. aber wie?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
![]() | #1 |
![]() | ![]() gvu 2.07 Befall entfernen Windows 7. aber wie? Hallo Forum, Ziert einmal super das es eine solche Page mit Hilfe gibt und zum zweiten, sorry für die Rechtschreibung, Nähe alles grade von Handy. Also mein Problem ist, ich hatte heute den gvu Befall, wohl die neuste Version wegen dem videofenster. Habe mir über den anderen pc Kaspersky rescue geladen und gestartet, da allerdings keine Funde bei un Dr Eingabe von disabletaskmgr gefunden wurde, war das Problem noch da. Habe dann den letzen systemwiederherstellungspunkt gewählt und war wieder im Rennen. Dann noch anti marlware, cccleaner, spybot, Java Update und noskript durchlaufen lassen, ohne einen fund. Denke aber das wie bei jeder Art von Virus noch Reste drauf sind. Wie bekomme ich es nun weg?? Bin momentan arbeiten un kann erst morgen früh mit Pech erst Freitag etwas Posten ... Danke und Gruß So, ich hab mal schnell vorm schlafen gehen OTL durchlaufen lassen ...OTL Logfile: Code:
ATTFilter OTL logfile created on: 26.07.2012 06:52:29 - Run 1 OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\****\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,98 Gb Total Physical Memory | 5,80 Gb Available Physical Memory | 72,62% Memory free 15,96 Gb Paging File | 13,61 Gb Available in Paging File | 85,26% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 59,70 Gb Total Space | 9,77 Gb Free Space | 16,36% Space Free | Partition Type: NTFS Drive D: | 390,97 Gb Total Space | 302,32 Gb Free Space | 77,33% Space Free | Partition Type: NTFS Drive E: | 596,17 Gb Total Space | 293,26 Gb Free Space | 49,19% Space Free | Partition Type: NTFS Computer Name: SIR_KITTY | User Name: **** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Marthell Schiller\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia) PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia) PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) PRC - C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Group) PRC - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Acer Incorporated) PRC - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files (x86)\CyberLink\Shared Files\brs.exe (cyberlink) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\09557e6c5a83a1cb68c7c50a841c8064\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia) SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.) SRV - (Sony Ericsson PCCompanion) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) SRV - (ePowerSvc) -- C:\Programme\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Acer Incorporated) SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation) SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (GameConsoleService) -- C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe (WildTangent, Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (Updater Service) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Group) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (GREGService) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Acer Incorporated) SRV - (AdobeActiveFileMonitor8.0) -- c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf.sys (Secunia) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\drivers\ggsemc.sys (Sony Ericsson Mobile Communications) DRV:64bit: - (ggflt) -- C:\Windows\SysNative\drivers\ggflt.sys (Sony Ericsson Mobile Communications) DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia) DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia) DRV:64bit: - (nmwcdnsux64) -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys (Nokia) DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia) DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia) DRV:64bit: - (nmwcdnsucx64) -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys (Nokia) DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia) DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (PowerISO Computing, Inc.) DRV - (ISODrive) -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys (EZB Systems, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - ({B154377D-700F-42cc-9474-23858FBDF4BD}) -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl (CyberLink Corp.) DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Packardbell | MSN IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Packardbell | MSN IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Packardbell | MSN IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Packardbell | MSN IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Packardbell | MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Marthell Schiller\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Marthell Schiller\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.21 23:51:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.17 14:14:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.25 19:49:32 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.17 14:14:30 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.25 19:49:32 | 000,000,000 | ---D | M] [2011.09.25 17:34:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions [2012.07.25 19:51:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\r8xijsa3.default\extensions [2012.01.06 01:58:32 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\r8xijsa3.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.06.29 14:26:05 | 000,000,853 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\r8xijsa3.default\searchplugins\11-suche.xml [2012.06.29 14:26:05 | 000,002,209 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\r8xijsa3.default\searchplugins\englische-ergebnisse.xml [2012.06.29 14:26:05 | 000,010,506 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\r8xijsa3.default\searchplugins\gmx-suche.xml [2012.06.29 14:26:05 | 000,002,368 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\r8xijsa3.default\searchplugins\lastminute.xml [2012.06.29 14:26:05 | 000,005,489 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\r8xijsa3.default\searchplugins\webde-suche.xml [2012.05.16 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.05.16 21:03:42 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.07.25 19:51:40 | 000,525,861 | ---- | M] () (No name found) -- C:\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R8XIJSA3.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI [2012.06.29 14:26:04 | 000,578,962 | ---- | M] () (No name found) -- C:\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R8XIJSA3.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI [2012.06.17 14:14:30 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.03.03 12:45:24 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.03.03 12:45:24 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.03.03 12:45:24 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.03.03 12:45:24 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.03.03 12:45:24 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.03.03 12:45:24 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: Google CHR - plugin: Shockwave Flash (Enabled) = C:\Users\****\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\****\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\****\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Google Update (Enabled) = C:\Users\****\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Marthell Schiller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ CHR - Extension: Google Mail = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe (cyberlink) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [Instant File Name Search] C:\Program Files (x86)\Dateiesuche\App\ifns.exe () O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKCU..\Run: [Steam] D:\Steam (Games)\steam.exe (Valve Corporation) O4 - Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Marthell Schiller\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to DVD Converter - C:\Users\Marthell Schiller\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetodvdconverter.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Marthell Schiller\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to DVD Converter - C:\Users\****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetodvdconverter.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{359E4F5A-1A40-464B-BD4A-2AF301A56293}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA3282F3-E9E0-4A28-A1CD-104E4DB74E18}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{51d1741b-084b-11e1-a68b-1c7508d6c9de}\Shell - "" = AutoRun O33 - MountPoints2\{51d1741b-084b-11e1-a68b-1c7508d6c9de}\Shell\AutoRun\command - "" = I:\Startme.exe O33 - MountPoints2\{8e14c4d1-0dde-11e1-99e8-1c7508d6c9de}\Shell - "" = AutoRun O33 - MountPoints2\{8e14c4d1-0dde-11e1-99e8-1c7508d6c9de}\Shell\AutoRun\command - "" = I:\Startme.exe O33 - MountPoints2\{ad84065c-e5a8-11e0-a04e-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{ad84065c-e5a8-11e0-a04e-806e6f6e6963}\Shell\AutoRun\command - "" = "F:\Diablo III Setup.exe" O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\SETUP.EXE O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.07.26 06:55:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.07.26 06:49:40 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe [2012.07.25 19:53:17 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\Secunia PSI [2012.07.25 19:49:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle [2012.07.25 19:49:32 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.07.25 19:49:12 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.07.25 19:49:12 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.07.25 19:47:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.07.25 19:46:00 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Malwarebytes [2012.07.25 19:45:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.07.25 19:45:47 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.07.25 19:45:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.07.25 19:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia [2012.07.11 12:57:19 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.07.11 12:57:19 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.07.11 12:57:18 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.07.11 12:57:18 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.07.11 12:57:18 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.07.11 12:57:18 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.07.11 12:57:18 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.07.11 12:57:18 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.07.11 12:57:17 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.07.11 12:57:17 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.07.11 12:57:17 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.07.11 12:57:17 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.07.11 12:57:16 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.07.11 11:30:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012.07.11 11:30:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2012.07.11 11:30:01 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.07.11 11:29:33 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012.07.11 11:29:32 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2012.07.08 10:23:07 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012.07.08 10:23:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012.07.08 10:22:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2012.06.28 12:09:39 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012.06.27 13:54:32 | 000,000,000 | ---D | C] -- C:\Users\****\Desktop\w [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.07.26 06:55:40 | 000,001,006 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.07.26 06:55:30 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.26 06:55:30 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.26 06:50:09 | 000,001,168 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3617621715-2026822915-685455752-1001UA.job [2012.07.26 06:49:59 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe [2012.07.26 06:44:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.07.26 06:43:53 | 2133,217,279 | -HS- | M] () -- C:\hiberfil.sys [2012.07.25 19:47:48 | 000,001,081 | ---- | M] () -- C:\Users\****\Desktop\Secunia PSI.lnk [2012.07.25 19:47:21 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.25 19:45:18 | 000,001,118 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2012.07.25 19:34:36 | 004,503,728 | ---- | M] () -- C:\ProgramData\z7_0ytr.pad [2012.07.20 23:50:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3617621715-2026822915-685455752-1001Core.job [2012.07.11 21:53:45 | 000,312,176 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.07.05 22:06:48 | 000,227,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.07.05 22:06:30 | 000,772,544 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012.07.05 22:06:20 | 000,687,544 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.06.27 01:43:17 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.06.27 01:43:11 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.07.26 06:55:40 | 000,001,006 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.07.25 19:47:48 | 000,001,081 | ---- | C] () -- C:\Users\****\Desktop\Secunia PSI.lnk [2012.07.25 19:45:48 | 000,001,121 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.25 19:45:18 | 000,001,118 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2012.07.25 19:45:18 | 000,001,081 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk [2012.07.25 18:23:32 | 004,503,728 | ---- | C] () -- C:\ProgramData\z7_0ytr.pad [2012.03.09 06:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.03.09 06:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.01.31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.01.06 19:15:17 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011.11.05 15:10:12 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll [2011.11.05 15:10:12 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini [2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll [2011.09.26 08:48:28 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll [2011.09.26 08:19:01 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll [2011.09.25 17:34:44 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011.09.25 17:07:18 | 000,141,312 | ---- | C] () -- C:\Windows\SysWow64\drivers\sp_rsdrv2.sys [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011.03.02 20:51:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.03.02 20:35:17 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat [2010.12.07 16:46:03 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll [2010.10.05 01:59:32 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\StarOpen.sys < End of report > --------------------OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 26.07.2012 06:52:29 - Run 1 OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\****\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,98 Gb Total Physical Memory | 5,80 Gb Available Physical Memory | 72,62% Memory free 15,96 Gb Paging File | 13,61 Gb Available in Paging File | 85,26% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 59,70 Gb Total Space | 9,77 Gb Free Space | 16,36% Space Free | Partition Type: NTFS Drive D: | 390,97 Gb Total Space | 302,32 Gb Free Space | 77,33% Space Free | Partition Type: NTFS Drive E: | 596,17 Gb Total Space | 293,26 Gb Free Space | 49,19% Space Free | Partition Type: NTFS Computer Name: SIR_KITTY | User Name: Marthell Schiller | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl[@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" inffile [install] -- %SystemRoot%\SysWow64\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" inffile [install] -- %SystemRoot%\SysWow64\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{12790843-7874-40B4-AB5D-F4C688C4A8C9}" = rport=137 | protocol=17 | dir=out | app=system | "{33573061-9B8F-4473-8413-A7DBC94A0942}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{3A1A7E87-4F5F-42AD-8C0B-2FEF40275838}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4793D313-1F71-465F-A212-4A4F3B7A1745}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{4B7A3854-B133-4090-96EE-BF665508C71E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{55301C10-F217-4605-A1AF-82298229364D}" = lport=445 | protocol=6 | dir=in | app=system | "{57C4232F-57E4-485A-BB22-1ACF2B6D354C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{68F01B4F-313C-475A-9E6D-4215E8703011}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{6E7DF454-AE48-4B85-9F8A-B6C193957A6F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{7593DB02-A06D-4491-B37C-490A56296B76}" = rport=10243 | protocol=6 | dir=out | app=system | "{768F328D-D864-451A-9B4B-FC73AA3A1F16}" = rport=139 | protocol=6 | dir=out | app=system | "{76904722-9B08-4800-B81A-672201CDB473}" = lport=2869 | protocol=6 | dir=in | app=system | "{866D5A60-B530-4F00-B09C-5A2E502225B3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{9EFB961C-85FD-4A2F-9857-49CF0A1FD4FD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9F4AA85A-72D6-4A27-9AFE-46BB187CF789}" = lport=139 | protocol=6 | dir=in | app=system | "{A92139E6-DDCA-4AC8-9A21-337E1C3A6F85}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B5112FF8-44EF-477B-8A5F-DF36D888FE6C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{B87735A8-DB5C-4BCA-8534-20BB54D15B71}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{BAE27FAC-D133-430D-AFEE-5D5B8C8A2BFE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C0C19CE7-4171-4BFD-B759-1736C7F14A55}" = lport=137 | protocol=17 | dir=in | app=system | "{D6867225-0372-4F88-AED4-E69BB4ACFB31}" = rport=138 | protocol=17 | dir=out | app=system | "{D725A55C-7545-4AA9-A080-8967D1866111}" = lport=138 | protocol=17 | dir=in | app=system | "{EE445C88-A012-41FE-87CC-1F3CB4F4694A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F7D3366D-B132-430B-951C-AB27BD00659B}" = rport=445 | protocol=6 | dir=out | app=system | "{FB9A8BBF-277C-4DCE-ACAD-F65DF9508EDE}" = lport=10243 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00211A45-66C4-485B-81B1-D07F15ED9E73}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{033AE19E-B836-4938-97EB-56AACD1C2A75}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{084CB6C8-9F0E-4E74-BAF4-FBC5061F9367}" = protocol=17 | dir=in | app=c:\program files\opera next x64\pluginwrapper\opera_plugin_wrapper.exe | "{0C68B09B-5D09-4407-B2D4-06764267E0E6}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe | "{12959D3E-F29E-4346-90D2-07051EA7B3E8}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{14B502E9-8294-4F2D-88C2-8744D7E35DD4}" = protocol=6 | dir=in | app=c:\program files\opera next x64\pluginwrapper\opera_plugin_wrapper.exe | "{17BF77D8-C637-4D3A-B973-8CA1BAF07DBB}" = protocol=6 | dir=in | app=d:\online games\golfstar\golfstarpatcher.exe | "{1AFB73F5-B8E0-46F6-BB47-69DD34CBA4B1}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe | "{1B34F916-3E3E-43E6-8159-F59CD11D4828}" = protocol=17 | dir=in | app=c:\program files\opera next x64\pluginwrapper\opera_plugin_wrapper_32.exe | "{22F5902D-A4EB-484A-8DFF-6815B4262945}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{242306E7-4FAD-432C-B95B-37473C3392AC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{25567363-FA7B-4ECD-BC3A-35ECF11AF7F0}" = protocol=6 | dir=in | app=d:\steam (games)\steam.exe | "{259CA523-6E4B-4F8E-97DB-97867B32A13A}" = protocol=6 | dir=in | app=d:\online games\diablo iii beta\diablo iii.exe | "{28849D50-2D51-4EC6-95D1-D3BFD3D3B81B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{289DAC25-9296-46FD-A128-C7D1EFD7F768}" = protocol=6 | dir=in | app=d:\steam (games)\steamapps\common\rage\rage.exe | "{291FFFFF-EC3F-4D9A-B3E4-B9B8788BB475}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{31EB1A38-9BA2-45A0-80D2-F20D96F93DE0}" = protocol=17 | dir=in | app=d:\online games\golfstar\golfstar.exe | "{345CB328-CF7E-4666-B28C-D342B46DF6CF}" = protocol=6 | dir=in | app=d:\online games\golfstar\golfstar.exe | "{3A7E7F0A-381B-499F-A5B3-B433D244B2C2}" = protocol=17 | dir=in | app=d:\online games\golfstar\golfstarpatcher.exe | "{3DA8D594-7A03-4E8E-A9F7-7CE3F4201373}" = protocol=17 | dir=in | app=d:\online games\diablo iii\diablo iii.exe | "{40743B54-FC6F-4BF0-ACA6-ED5F7AEF06E7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{45027BC4-0130-42FF-BA25-487FDD1C2BFD}" = protocol=17 | dir=in | app=d:\online games\golfstar\golfstarpatcher.exe | "{46EAFCB4-2D9F-48D1-9465-EE715C02B8A2}" = protocol=6 | dir=in | app=c:\program files\opera next x64\opera.exe | "{488B9B9F-AD92-4604-9541-48300D536336}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | "{4AA4CD3F-98D0-4838-8B9D-608BE64AECE5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{4B2F0046-F203-41C1-B923-B1E0D3374640}" = protocol=17 | dir=in | app=d:\steam (games)\steam.exe | "{4C4A42E2-B70B-4E4E-B06B-76647F7E07B8}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{504C37FA-503D-498C-B4E1-18164C6D57D6}" = protocol=6 | dir=in | app=c:\program files\opera next x64\pluginwrapper\opera_plugin_wrapper_32.exe | "{55AA62AA-FD49-43B9-855C-2A9172F552A8}" = protocol=6 | dir=in | app=d:\steam (games)\steamapps\common\rusty hearts\clientlauncher.exe | "{5D08A7D0-00CC-4D22-B8D6-082706AF7776}" = protocol=17 | dir=in | app=d:\online games\golfstar\golfstarpatcher.exe | "{624D52DD-9801-40D1-92B2-48BF446347F2}" = protocol=17 | dir=in | app=c:\program files\opera next x64\opera.exe | "{6360719B-6693-4D75-9FE3-DCA67FE47C79}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{63D33849-035D-4417-848E-8EE790A75044}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | "{667FD851-107D-48F6-A867-5871E305D4A4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{66A6CC7D-E317-4B3F-B4FD-C4D137CAB374}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe | "{6D21D9A4-AD43-4F61-BB1E-B137C9F5F15B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{6FFB230C-DE51-4080-8472-8E4B4E273976}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{7119B577-C8BB-43B2-9436-7833BBF5D9BF}" = protocol=17 | dir=in | app=d:\online games\golfstar\golfstarpatcherloader.exe | "{72E8EFF7-615F-441F-8D02-4960E7D69E62}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{7966F76B-F8A6-43C8-A2A4-25F13EEA17DB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | "{81DE81A6-A779-4985-A7B0-AADFCC399EF1}" = protocol=6 | dir=in | app=d:\online games\golfstar\golfstarpatcherloader.exe | "{84DFEE87-376E-4020-8F08-E1F04DB1F0B3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{86F4239C-CBC2-4B8B-9798-C832EAB3D5DF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{87F7D9FE-332E-4022-81EB-DFB4253FCE69}" = protocol=17 | dir=in | app=d:\online games\golfstar\golfstarpatcherloader.exe | "{88EDB79A-7400-487F-B46A-954519E3BF26}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{89E57294-9CFD-45F3-8D77-09CDE0D9ACF5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{8CC3C4BE-6714-4F8F-B7C3-6B02A360CBF2}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{928AB83F-4A7E-4DC3-80F3-F913475B87F0}" = protocol=6 | dir=in | app=d:\online games\diablo iii\diablo iii.exe | "{96065D83-75D4-481F-9740-E63E18E73EC3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{97105091-C97A-4E4C-A50D-4170F23ED466}" = protocol=17 | dir=in | app=d:\steam (games)\steamapps\common\rusty hearts\clientlauncher.exe | "{97A97F33-7AD7-453B-BBC3-405191FC5EC8}" = protocol=17 | dir=in | app=d:\online games\golfstar\golfstarpatcherloader.exe | "{9CE868D1-1AB3-4005-95F6-940F8C249E9A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | "{9E1DA9F4-7F5D-4E53-A8B5-8601C921B991}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe | "{A36A10BB-684D-42AA-B7F4-A4BF73EE0076}" = protocol=6 | dir=in | app=d:\online games\golfstar\golfstarpatcherloader.exe | "{A6FCE71F-8843-4BEA-A476-14D177844CD6}" = dir=in | app=c:\program files (x86)\cyberlink\homemedia\homemedia.exe | "{B3F7A04E-BAF2-476F-8560-5A7174D57D7F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{B5955F51-51D5-46F7-BBA5-684D460AD4F8}" = protocol=6 | dir=in | app=d:\online games\golfstar\golfstarpatcher.exe | "{B6A56099-4814-4D26-B3F6-3799262C92EF}" = protocol=6 | dir=in | app=d:\online games\golfstar\golfstarpatcherloader.exe | "{CBCBE18D-41CC-4366-AB25-8BCBC242216B}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{CC479D7A-7C7C-492F-A94D-AE530376A74F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{CCAAB317-B6C0-4051-B34E-0B0682A1CAF5}" = protocol=17 | dir=in | app=d:\online games\golfstar\golfstar.exe | "{D0761D19-EDB9-482B-9730-827C3671EB10}" = protocol=17 | dir=in | app=d:\steam (games)\steamapps\common\rage\rage.exe | "{D14E4488-5A07-4315-B2DA-9F677F146727}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{D2DB3702-C022-4A09-A323-47C3623896F8}" = protocol=17 | dir=in | app=d:\online games\diablo iii beta\diablo iii.exe | "{D360150E-95BB-4381-A94A-752C07C9E1B7}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{DA8DAFBE-F236-4D5B-A4D1-EFEC8723CE1B}" = protocol=6 | dir=in | app=d:\online games\golfstar\golfstarpatcher.exe | "{DB2E1C5C-3F0C-43DF-BA4E-AD075C9649F0}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{DCD1C1BA-2665-443E-A653-8AEBE90C5C00}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{EDB7F7BA-66B6-4356-B229-716D27DCF83B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{F0ACCE4C-EB8B-4899-B3F1-4AC328817015}" = protocol=6 | dir=in | app=d:\online games\golfstar\golfstar.exe | "{FF4BA294-368E-4F86-91B9-42CFDCCAA319}" = protocol=6 | dir=out | app=system | "TCP Query User{03957DCA-A213-4C74-BCE7-DDC440F67AC0}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | "TCP Query User{053294A6-42FA-4CC4-A328-021C8B9C6798}E:\games\q3a\quake3.exe" = protocol=6 | dir=in | app=e:\games\q3a\quake3.exe | "TCP Query User{070990DB-8831-4EC7-A3B4-D6BD8818BF39}D:\online games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\online games\world_of_tanks\wotlauncher.exe | "TCP Query User{3172BDD8-AAE0-49FF-A17D-E5831715DD39}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | "TCP Query User{8290C9F1-226B-43C6-898C-516FE9AF7C1D}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | "TCP Query User{A7A3CA4F-11A7-44E2-A895-A7776D141E1F}D:\online games\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=d:\online games\diablo iii\diablo iii.exe | "TCP Query User{C1550033-79A8-44BD-A7DA-6DB9B6B5D4BE}E:\games\medal of honor - reloaded\binaries\moh.exe" = protocol=6 | dir=in | app=e:\games\medal of honor - reloaded\binaries\moh.exe | "TCP Query User{F662F23B-7EE9-45B4-A5AB-44173795FCC9}D:\online games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\online games\world_of_tanks\worldoftanks.exe | "UDP Query User{8D7B69F1-B3E3-4049-8712-6A99C73BF70C}D:\online games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\online games\world_of_tanks\worldoftanks.exe | "UDP Query User{99C63D99-9066-4005-990B-25519B43BE87}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | "UDP Query User{A5641CC9-DA3A-454E-80BD-5F2832F581C0}D:\online games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\online games\world_of_tanks\wotlauncher.exe | "UDP Query User{A8841741-D529-40C7-B0B3-06AA00102E0F}E:\games\medal of honor - reloaded\binaries\moh.exe" = protocol=17 | dir=in | app=e:\games\medal of honor - reloaded\binaries\moh.exe | "UDP Query User{C015688B-0C8A-432E-BB1B-71D5748D1A92}D:\online games\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=d:\online games\diablo iii\diablo iii.exe | "UDP Query User{D5D875A3-A468-4699-8F34-2117E5FFDBCA}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | "UDP Query User{F1DC8A96-CEC2-4569-89AC-14D63F46CB75}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | "UDP Query User{F9589E61-EED5-46BE-BAC5-BA6A85753CE1}E:\games\q3a\quake3.exe" = protocol=17 | dir=in | app=e:\games\q3a\quake3.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{0CB2E2BC-A312-5821-C5C7-A295A1BEFD08}" = AMD Catalyst Install Manager "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{4E021D2A-16ED-4FFF-87CB-774F4F62A1A1}" = ccc-utility64 "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10 "{572788F2-0AB7-FA0E-6E91-B98044F4B7E6}" = AMD Media Foundation Decoders "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2 "{85C76689-536B-4CD4-AD94-2F5D259C084B}" = Free Launch Bar 64-bit Edition "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EF15F75-3DA2-2167-CB03-D096BD1D96FE}" = AMD Accelerated Video Transcoding "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64 "{AFDF093E-7308-E1AD-DF23-7BE1B0382CF7}" = AMD AVIVO64 Codecs "{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 "{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DC0C2372-95DC-0BDF-D9F0-0183D60EDA7B}" = AMD Drag and Drop Transcoding "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit "CCleaner" = CCleaner "FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2 "Opera 12.00.1387" = Opera Next 12.00 beta build 1387 "SynTPDeinstKey" = Synaptics Pointing Device Driver "TeamSpeak 3 Client" = TeamSpeak 3 Client "WinRAR archiver" = WinRAR 4.01 (64-Bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Video Web Camera "{03148a20-37c5-4966-a0af-13cf1040e10f}" = Nero 9 Essentials "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{14DDF23F-414A-46DB-4762-56569080292C}" = CCC Help Russian "{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0 "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger "{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help "{21D6A73A-48E6-2195-C408-2158273A914E}" = Catalyst Control Center Localization All "{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help "{2596DB11-997F-FC5B-F5C2-737623D9D8B6}" = Catalyst Control Center "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 5 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{28904D9A-13A6-ECA2-48D8-21542759D998}" = CCC Help Polish "{2C8BBDA6-79A7-B2DE-3E5B-287E7F667C67}" = CCC Help Danish "{2E119961-E99B-C147-9AC3-A93683172DC1}" = CCC Help Swedish "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell Power Management "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM) "{44ED90A1-453B-5C9A-D9ED-80D8AB0258B8}" = CCC Help Thai "{45E00595-897E-64B6-28F9-5D0927EBA4A5}" = CCC Help Chinese Standard "{46DE5F4E-BA8B-AC9E-0EED-05B7D93AD215}" = CCC Help Spanish "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver "{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress "{5B04E832-4530-B8FF-F742-8BE25ADD43BD}" = CCC Help German "{5D58EACA-0317-4CFF-9E13-53CCD525DE32}" = Catalyst Control Center InstallProxy "{5ED93D68-5EAA-9343-9B74-B1E276217264}" = CCC Help Dutch "{5F499D33-546A-442B-B0F9-4C58F3B5B6E3}" = Cuttermaran 1.70 "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{6D185295-DE89-9C39-18E6-310C148836EB}" = CCC Help Chinese Traditional "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{71A8F958-D272-E262-7C9A-7B8F713EE0C3}" = CCC Help French "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7513D3F0-55BC-273C-7A53-488394EDBFCC}" = CCC Help Italian "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart "{79AA9BFA-F962-A1E9-71CE-D0887A92444C}" = CCC Help Portuguese "{7ACEF1BF-9306-5AD7-5F30-ECE72A81E924}" = CCC Help Finnish "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{99A37AC7-E724-4621-B167-500B5A52B69C}" = LastChaosGER "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C1EC871-05B9-03B7-96F6-9BD5C0D8F41D}" = Catalyst Control Center Graphics Previews Common "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9 "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = HomeMedia "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.49 (July 1st, 2011) Version v2011.build.49 "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C4129D57-5C83-3BF0-A11A-3798C008C6C7}" = CCC Help Greek "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade "{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D0BC4101-6C30-ECFF-F693-63408134F29B}" = CCC Help Czech "{D2402DAD-B180-A4A0-261D-4A8933BFBFEE}" = CCC Help Japanese "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DA7E8D81-2B14-415B-8FC5-02CE4CF9F839}" = CCC Help Hungarian "{DB3FBD3C-A061-34C9-0A2B-6CCDD8C96640}" = CCC Help Turkish "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DF95F1EE-9ECA-45C1-B02B-F56DDB8A3E83}" = PC Connectivity Solution "{E086E914-2928-48F9-364B-0C715DFF6A45}" = CCC Help Korean "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding "{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{E8F30BD6-ABAB-C24E-E9A7-BF67EB96152C}" = CCC Help Norwegian "{E9A5B6CD-7ABB-F295-2E11-F25BC322FF80}" = CCC Help English "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{EFCC79EC-7CC0-46D6-A3D1-015169B6C293}" = OpenOffice.org 3.1 "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.02.002 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool "{FCDDB05A-1B35-453B-47B5-AD75809BBBF9}" = PX Profile Update "Adobe AIR" = Adobe AIR "Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0 "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "ALDI NORD Bestellsoftware" = ALDI NORD Bestellsoftware 4.11.0 "Alien Breed 3: Descent_is1" = Alien Breed 3: Descent "Avira AntiVir Desktop" = Avira Free Antivirus "CS16 Full v32.1 Non-Steam" = CS16 Full v32.1 Non-Steam "Diablo III" = Diablo III "Diablo III Beta" = Diablo III Beta "DivX Setup" = DivX-Setup "FileZilla Client" = FileZilla Client 3.5.2 "FLV Player" = FLV Player 2.0 (build 25) "Fraps" = Fraps (remove only) "Free Audio Dub_is1" = Free Audio Dub version 1.7.9.908 "Free Image Convert and Resize_is1" = Free Image Convert and Resize version 2.1.15.221 "Free MP4 Video Converter_is1" = Free MP4 Video Converter version 5.0.6.221 "Free Screen Video Recorder_is1" = Free Screen Video Recorder version 2.5.20.221 "Free Video Dub_is1" = Free Video Dub version 2.0.5.221 "Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 2.0.2.221 "Free Video to JPG Converter_is1" = Free Video to JPG Converter version 5.0.6.221 "Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.6.221 "Free Video to Sony Phones Converter_is1" = Free Video to Sony Phones Converter version 5.0.6.221 "Free YouTube Download_is1" = Free YouTube Download version 3.1.22.319 "Free YouTube to DVD Converter_is1" = Free YouTube to DVD Converter version 3.0.9.221 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.17.319 "Free YouTube Uploader_is1" = Free YouTube Uploader version 3.3.27.221 "Homefront_is1" = Homefront "Identity Card" = Identity Card "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Video Web Camera "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks "InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9 "InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso "KLiteCodecPack_is1" = K-Lite Codec Pack 8.0.0 (Basic) "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300 "Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "MPE" = MyPhoneExplorer "NetObjects Fusion Essentials" = NetObjects Fusion Essentials "Packard Bell Game Console" = Packard Bell Game Console "Packard Bell Registration" = Packard Bell Registration "Packard Bell Screensaver" = Packard Bell ScreenSaver "Packard Bell Welcome Center" = Welcome Center "PotPlayer" = Daum PotPlayer 1.5.32007 "PowerISO" = PowerISO "Rossmann Fotowelt Software" = Rossmann Fotowelt Software 4.9 "Secunia PSI" = Secunia PSI (3.0.0.2004) "ShotOnline" = ShotOnline "Steam App 36630" = Rusty Hearts "Steam App 9200" = RAGE "UltraISO_is1" = UltraISO Premium V9.36 "VLC media player" = VLC media player 2.0.1 "WildTangent packardbell Master Uninstall" = Packard Bell Games "Winamp" = Winamp "WinLiveSuite" = Windows Live Essentials "Wise Disk Cleaner_is1" = Wise Disk Cleaner 6.15 "Wise Registry Cleaner_is1" = Wise Registry Cleaner 7.15 "WT088216" = Agatha Christie - Death on the Nile "WT088226" = Bejeweled 2 Deluxe "WT088228" = Build-a-lot 2 "WT088235" = Chuzzle Deluxe "WT088238" = Diner Dash 2 Restaurant Rescue "WT088260" = Farm Frenzy "WT088268" = Insaniquarium Deluxe "WT088269" = Jewel Quest Solitaire 2 "WT088283" = Plants vs. Zombies "WT088416" = FATE "WT088420" = Final Drive Nitro "WT088448" = John Deere Drive Green "WT088452" = Penguins! "WT088456" = Polar Bowler "WT088460" = Polar Golfer "WT088508" = Virtual Villagers 4 - The Tree of Life "WT088531" = Zuma's Revenge "XnView_is1" = XnView 1.99 "xp-AntiSpy" = xp-AntiSpy 3.96-8 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Episode 3" = Back to the Future The Game - Episode 3 "FoxTab PDF Converter" = FoxTab PDF Converter "Google Chrome" = Google Chrome ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 01.07.2012 07:02:52 | Computer Name = Sir_Kitty | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: ifns.exe, Version: 0.0.0.0, Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651, Zeitstempel: 0x4e211319 Ausnahmecode: 0x0eedface Fehleroffset: 0x0000b9bc ID des fehlerhaften Prozesses: 0xa14 Startzeit der fehlerhaften Anwendung: 0x01cd577902d6f0bc Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Dateiesuche\app\ifns.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: 4d4bf302-c36c-11e1-a7d0-1c7508d6c9de Error - 01.07.2012 13:17:43 | Computer Name = Sir_Kitty | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: ifns.exe, Version: 0.0.0.0, Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651, Zeitstempel: 0x4e211319 Ausnahmecode: 0x0eedface Fehleroffset: 0x0000b9bc ID des fehlerhaften Prozesses: 0xa84 Startzeit der fehlerhaften Anwendung: 0x01cd57ad62ca7cdb Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Dateiesuche\app\ifns.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: aab74d4d-c3a0-11e1-80da-1c7508d6c9de Error - 02.07.2012 04:59:56 | Computer Name = Sir_Kitty | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: ifns.exe, Version: 0.0.0.0, Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651, Zeitstempel: 0x4e211319 Ausnahmecode: 0x0eedface Fehleroffset: 0x0000b9bc ID des fehlerhaften Prozesses: 0xa60 Startzeit der fehlerhaften Anwendung: 0x01cd5830fddc9c5d Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Dateiesuche\app\ifns.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: 4b2e39fc-c424-11e1-9fe7-1c7508d6c9de Error - 02.07.2012 09:37:24 | Computer Name = Sir_Kitty | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: ifns.exe, Version: 0.0.0.0, Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651, Zeitstempel: 0x4e211319 Ausnahmecode: 0x0eedface Fehleroffset: 0x0000b9bc ID des fehlerhaften Prozesses: 0xa1c Startzeit der fehlerhaften Anwendung: 0x01cd5857c4989182 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Dateiesuche\app\ifns.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: 0dbeebc7-c44b-11e1-bc36-1c7508d6c9de Error - 03.07.2012 00:54:24 | Computer Name = Sir_Kitty | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: ifns.exe, Version: 0.0.0.0, Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651, Zeitstempel: 0x4e211319 Ausnahmecode: 0x0eedface Fehleroffset: 0x0000b9bc ID des fehlerhaften Prozesses: 0xa48 Startzeit der fehlerhaften Anwendung: 0x01cd58d7dea91619 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Dateiesuche\app\ifns.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: 28a7fde4-c4cb-11e1-b06e-1c7508d6c9de Error - 04.07.2012 00:52:21 | Computer Name = Sir_Kitty | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: ifns.exe, Version: 0.0.0.0, Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651, Zeitstempel: 0x4e211319 Ausnahmecode: 0x0eedface Fehleroffset: 0x0000b9bc ID des fehlerhaften Prozesses: 0xa60 Startzeit der fehlerhaften Anwendung: 0x01cd59a0bf16e517 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Dateiesuche\app\ifns.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: 09ad1b67-c594-11e1-b1a6-1c7508d6c9de Error - 04.07.2012 10:00:16 | Computer Name = Sir_Kitty | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: ifns.exe, Version: 0.0.0.0, Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651, Zeitstempel: 0x4e211319 Ausnahmecode: 0x0eedface Fehleroffset: 0x0000b9bc ID des fehlerhaften Prozesses: 0xa40 Startzeit der fehlerhaften Anwendung: 0x01cd59ed49c3584c Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Dateiesuche\app\ifns.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: 94820601-c5e0-11e1-935b-1c7508d6c9de Error - 05.07.2012 00:49:58 | Computer Name = Sir_Kitty | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: ifns.exe, Version: 0.0.0.0, Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651, Zeitstempel: 0x4e211319 Ausnahmecode: 0x0eedface Fehleroffset: 0x0000b9bc ID des fehlerhaften Prozesses: 0xa50 Startzeit der fehlerhaften Anwendung: 0x01cd5a699727b654 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Dateiesuche\app\ifns.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: dea98820-c65c-11e1-9346-1c7508d6c9de Error - 05.07.2012 07:19:04 | Computer Name = Sir_Kitty | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: ifns.exe, Version: 0.0.0.0, Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651, Zeitstempel: 0x4e211319 Ausnahmecode: 0x0eedface Fehleroffset: 0x0000b9bc ID des fehlerhaften Prozesses: 0xa4c Startzeit der fehlerhaften Anwendung: 0x01cd5a9ff0a3b3b3 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Dateiesuche\app\ifns.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: 3a17ef73-c693-11e1-aac8-1c7508d6c9de Error - 06.07.2012 10:34:43 | Computer Name = Sir_Kitty | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: ifns.exe, Version: 0.0.0.0, Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651, Zeitstempel: 0x4e211319 Ausnahmecode: 0x0eedface Fehleroffset: 0x0000b9bc ID des fehlerhaften Prozesses: 0x9f4 Startzeit der fehlerhaften Anwendung: 0x01cd5b847067c74c Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Dateiesuche\app\ifns.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: b9a41a88-c777-11e1-b926-1c7508d6c9de Error - 08.07.2012 04:07:49 | Computer Name = Sir_Kitty | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: ifns.exe, Version: 0.0.0.0, Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651, Zeitstempel: 0x4e211319 Ausnahmecode: 0x0eedface Fehleroffset: 0x0000b9bc ID des fehlerhaften Prozesses: 0xa6c Startzeit der fehlerhaften Anwendung: 0x01cd5ce0b9e9f83e Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Dateiesuche\app\ifns.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: 01bde1bd-c8d4-11e1-a2b1-1c7508d6c9de [ System Events ] Error - 25.07.2012 13:37:05 | Computer Name = Sir_Kitty | Source = DCOM | ID = 10005 Description = Error - 25.07.2012 13:39:14 | Computer Name = Sir_Kitty | Source = Microsoft-Windows-Kernel-General | ID = 5 Description = Error - 25.07.2012 13:41:24 | Computer Name = Sir_Kitty | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht. Error - 25.07.2012 13:41:24 | Computer Name = Sir_Kitty | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 25.07.2012 13:41:24 | Computer Name = Sir_Kitty | Source = DCOM | ID = 10005 Description = Error - 25.07.2012 13:43:33 | Computer Name = Sir_Kitty | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet: %%126 Error - 25.07.2012 13:46:04 | Computer Name = Sir_Kitty | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet: %%126 Error - 25.07.2012 13:46:26 | Computer Name = Sir_Kitty | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597 (Definition 1.131.548.0) Error - 26.07.2012 00:47:21 | Computer Name = Sir_Kitty | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht. Error - 26.07.2012 00:47:57 | Computer Name = Sir_Kitty | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet: %%126 < End of report > Ach ja ... der Log von Maleware Malwarebytes Anti-Malware 1.62.0.1300 Malwarebytes : Free Anti-Malware download Datenbank Version: v2012.07.25.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 **** :: SIR_KITTY [Administrator] 26.07.2012 07:15:43 mbam-log-2012-07-26 (07-15-43).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 190126 Laufzeit: 1 Minute(n), 41 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
Themen zu gvu 2.07 Befall entfernen Windows 7. aber wie? |
7-zip, anderen, anti, arbeiten, battle.net, befall, diner dash, eingabe, entfernen, entfernen gvu, forum, freitag, gestartet, heute, install.exe, java, java update, kaspersky, launch, morgen, neuste, online games, packard bell, pando media booster, plug-in, posten, poweriso, problem, registry cleaner, rescue, safer networking, searchscopes, secunia psi, spybot, super, tan, update, usb 2.0, usb 3.0, version, virus, windows, wrapper, wscript.exe |