| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Click to Continue by CouponDropDown bekomm ich nicht wegWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.03.2013, 22:22
| #1 |
| |  Click to Continue by CouponDropDown bekomm ich nicht weg Hallo erstmal, ich werde wahnsinnig.. Ich bekomme oben genannten Anhang nicht weg. Ich hatte mich schon druch eine Anleitung gehangelt http://www.trojaner-board.de/132368-...entfernen.html und erst sah alles super aus aber dann.. Erscheint bei dem Wort Partnerschaft wieder der Link und dann ein flirtfairnet Angebot.. Könnt ihr mir helfen? Lieben Gruß Doreen |
|
29.03.2013, 23:44
| #2 |
| /// Malwareteam / Visitor  | Click to Continue by CouponDropDown bekomm ich nicht weg Hallo Doreen ich bin smeenk und ich werde versuchen dir mit deinem Problem zu helfen
__________________ Ich möchte gerne einige Logfiles von dir empfangen  Schritt 1 Bitte lade dir ZOEK auf deinen Desktop und starte es. Falls ihre virenscanner reklamiert kannst du das ignorieren, unsere tools werden öfter falsch angezeigt.
Schritt 2 Lade dir bitte OTL (von Oldtimer) herunter und speichere es auf deinen Desktop.
Bitte poste in deiner nächsten Antwort:
Bitte alles nach Möglichkeit hier in CODE-Tags posten  |
|
30.03.2013, 08:51
| #3 |
| | Click to Continue by CouponDropDown bekomm ich nicht weg Guten Morgen, vielen Dank schon mal, ich versuchs mal:
__________________Code:
ATTFilter Zoek.exe Version 4.0.0.2 Updated 28-03-2013
Tool run by Dori on 29.03.2013 at 23:57:12,04.
Microsoft Windows 7 Starter 6.1.7600 x86
Running in: Normal Mode Internet Access Detected
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== FireFox Fix ======================
ProfilePath: C:\Users\Dori\AppData\Roaming\Mozilla\Firefox\Profiles\e9gmcuzb.default
user.js not found
---- Lines ask.com removed from prefs.js ----
user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
user_pref("extensions.wrc.SearchRules.ask.com.url", "^http(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
---- Lines ask.com modified from prefs.js ----
---- Lines Customized removed from prefs.js ----
---- Lines Customized modified from prefs.js ----
---- Lines yontoo removed from prefs.js ----
---- Lines yontoo modified from prefs.js ----
---- Lines Downloader.com removed from prefs.js ----
---- Lines Downloader.com modified from prefs.js ----
---- Lines imbooster removed from prefs.js ----
---- Lines imbooster modified from prefs.js ----
---- Lines Movie2KDownloader removed from prefs.js ----
---- Lines Movie2KDownloader modified from prefs.js ----
---- FireFox user.js and prefs.js backups ----
prefs__0007_.backup
==== Deleting Files \ Folders ======================
"C:\Users\Dori\AppData\Roaming\Mozilla\Firefox\Profiles\e9gmcuzb.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi" deleted
"C:\Users\Dori\AppData\Roaming\Mozilla\Firefox\Profiles\e9gmcuzb.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi" deleted
"C:\Users\Dori\AppData\Roaming\Mozilla\Firefox\Profiles\e9gmcuzb.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi" deleted
"C:\Program Files\Common Files\DVDVideoSoft\bin" deleted
"C:\Users\Dori\AppData\Roaming\Mozilla\Firefox\Profiles\e9gmcuzb.default\jetpack" deleted
==== Firefox Extensions ======================
ProfilePath: C:\Users\Dori\AppData\Roaming\Mozilla\Firefox\Profiles\e9gmcuzb.default
- Xmarks - %ProfilePath%\extensions\foxmarks@kei.com
- ReminderFox - %ProfilePath%\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
- DVDVideoSoft YouTube MP3 and Video Download - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Dori\AppData\Roaming\Mozilla\Firefox\Profiles\e9gmcuzb.default
05C4A7136F3012BB47107333B5D351D3 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U17
D4BD9F86123C87ECA570418B69326F99 - C:\windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.170.2
47299371607DC2FB234444EEACB1639E - C:\windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll - Shockwave Flash
E971E06DDE68684CB3957C5D0E133CB0 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
570A48F975661221A126FCFE3B38B7E1 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
B1BB8EDC9D83D8096EE873F04CEE600C - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
570A48F975661221A126FCFE3B38B7E1 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat
E0FF893763BA82BAABB869A351F0C455 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll - Google Update
A5C14075B571AF1C9592595BE724D9D2 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll - Silverlight Plug-In
A843FC35574ECFD9E7A41C5505A9921B - D:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\Dori\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin
15E298B5EC5B89C5994A59863969D9FF - C:\windows\system32\npmproxy.dll - Microsoft® Windows® Operating System
2AA3703D87E1327A2290C9D416D89A28 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll - Microsoft® Silverlight
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://asus.msn.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://asus.msn.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1526168792-399095308-251973578-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-1526168792-399095308-251973578-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-1526168792-399095308-251973578-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-1526168792-399095308-251973578-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dori\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Dori\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dori\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dori\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dori\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\users\Dori\AppData\Local\Mozilla\Firefox\Profiles\e9gmcuzb.default\Cache emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Dori\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Dori\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
Code:
ATTFilter OTL logfile created on: 30.03.2013 08:27:27 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dori\Desktop Starter Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1014,18 Mb Total Physical Memory | 145,01 Mb Available Physical Memory | 14,30% Memory free 1,99 Gb Paging File | 0,91 Gb Available in Paging File | 45,65% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 100,00 Gb Total Space | 60,03 Gb Free Space | 60,03% Space Free | Partition Type: NTFS Drive D: | 117,87 Gb Total Space | 114,49 Gb Free Space | 97,14% Space Free | Partition Type: NTFS Computer Name: DORI-PC | User Name: Dori | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.03.29 20:31:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dori\Desktop\OTL.exe PRC - [2013.03.13 14:09:03 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe PRC - [2013.03.07 15:29:07 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013.03.07 00:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2013.01.04 03:59:29 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.03.28 10:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE PRC - [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.09.30 13:00:28 | 000,253,264 | ---- | M] () -- D:\Program Files\1&1 Surf-Stick\AssistantServices.exe PRC - [2010.09.30 13:00:28 | 000,139,088 | ---- | M] () -- D:\Program Files\1&1 Surf-Stick\UIExec.exe PRC - [2010.03.19 11:30:34 | 000,116,008 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe PRC - [2010.03.19 07:56:12 | 000,146,808 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe PRC - [2010.03.19 07:55:52 | 000,167,408 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe PRC - [2010.03.19 07:55:04 | 000,628,848 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\AMSP_LogServer.exe PRC - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009.06.09 08:56:00 | 000,099,632 | ---- | M] () -- C:\Program Files\Stardock\MyColors\WBVista.exe PRC - [2009.06.09 08:55:58 | 000,230,704 | ---- | M] (Stardock Corporation) -- C:\Program Files\Stardock\MyColors\VistaSrv.exe PRC - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe PRC - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe ========== Modules (No Company Name) ========== MOD - [2013.03.21 13:35:10 | 012,433,920 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\05682429807d34d6ff05a77ea153935f\System.Windows.Forms.ni.dll MOD - [2013.03.21 13:34:33 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll MOD - [2013.03.21 13:34:12 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10aba2c167cc1119b80159fd9ac71ca8\System.Xml.ni.dll MOD - [2013.03.21 13:33:53 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\96a3b737db1e72adaf32d2b350e50c23\System.Configuration.ni.dll MOD - [2013.03.21 13:33:34 | 007,974,400 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll MOD - [2013.03.21 13:33:14 | 000,025,600 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\612bad9f3a4f378c9c09cbb7460e3a93\Accessibility.ni.dll MOD - [2013.03.21 13:33:00 | 011,490,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll MOD - [2013.03.13 14:09:02 | 014,717,144 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_6_602_180.dll MOD - [2013.03.07 15:29:21 | 003,069,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2010.09.30 13:00:28 | 000,139,088 | ---- | M] () -- D:\Program Files\1&1 Surf-Stick\UIExec.exe MOD - [2010.09.02 12:08:00 | 000,118,784 | ---- | M] () -- C:\PROGRA~1\ASUS\ASUSWE~1\3084~1.161\ASUSWS~1.DLL ========== Services (SafeList) ========== SRV - File not found [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp) SRV - [2013.03.19 21:12:16 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.03.13 14:09:03 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.04.01 10:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011.03.28 10:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort) SRV - [2010.09.30 13:00:28 | 000,253,264 | ---- | M] () [Auto | Running] -- D:\Program Files\1&1 Surf-Stick\AssistantServices.exe -- (UI Assistant Service) SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009.08.19 02:35:56 | 000,219,136 | ---- | M] () [Disabled | Stopped] -- C:\Windows\System32\AsusService.exe -- (AsusService) SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2009.06.09 08:55:58 | 000,230,704 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Stardock\MyColors\VistaSrv.exe -- (WindowBlinds) SRV - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service) SRV - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service) SRV - [2007.05.31 16:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007.05.31 16:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\btwrchid.sys -- (btwrchid) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwl2cap.sys -- (btwl2cap) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwhid.sys -- (btwhid) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\btwavdt.sys -- (btwavdt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btwaudio.sys -- (btwaudio) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio) DRV - [2013.03.20 14:07:08 | 000,083,872 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2013.03.20 14:07:08 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2013.03.07 00:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2013.03.07 00:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2013.03.07 00:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2013.03.07 00:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2013.03.07 00:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2013.03.07 00:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2013.03.07 00:33:23 | 000,060,656 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr) DRV - [2013.03.07 00:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011.08.19 12:02:42 | 000,032,872 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL2832UUSB.sys -- (RTL2832UUSB) DRV - [2011.08.19 12:02:42 | 000,031,872 | ---- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL2832U_IRHID.sys -- (RTL2832U_IRHID) DRV - [2011.08.19 12:02:41 | 000,188,392 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL2832UBDA.sys -- (RTL2832UBDA) DRV - [2011.06.27 01:37:12 | 002,191,872 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2011.02.09 14:03:00 | 000,011,832 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO) DRV - [2010.08.24 10:55:51 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) DRV - [2009.10.29 18:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - [2009.10.29 18:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - [2009.10.29 18:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - [2009.10.29 18:28:24 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter) DRV - [2009.07.20 10:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB) DRV - [2009.07.01 05:46:20 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt) DRV - [2007.06.24 21:56:54 | 000,038,920 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb) DRV - [2007.06.24 21:56:40 | 000,027,656 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio) DRV - [2007.06.24 21:56:34 | 000,034,312 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio) DRV - [2007.03.05 20:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT) DRV - [2007.03.05 20:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidMgr.sys -- (BTHidMgr) DRV - [2007.03.05 20:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\VBTEnum.sys -- (BTHidEnum) DRV - [2007.03.05 20:53:18 | 000,044,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VCommMgr.sys -- (VcommMgr) DRV - [2007.03.05 20:52:18 | 000,034,448 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VComm.sys -- (VComm) DRV - [2006.11.10 14:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\afc.sys -- (Afc) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1526168792-399095308-251973578-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com IE - HKU\S-1-5-21-1526168792-399095308-251973578-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com [binary data] IE - HKU\S-1-5-21-1526168792-399095308-251973578-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://eeepc.asus.com [binary data] IE - HKU\S-1-5-21-1526168792-399095308-251973578-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com IE - HKU\S-1-5-21-1526168792-399095308-251973578-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-1526168792-399095308-251973578-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE - HKU\S-1-5-21-1526168792-399095308-251973578-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} IE - HKU\S-1-5-21-1526168792-399095308-251973578-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7Bada4b710-8346-4b82-8199-5de2b400a6ae%7D:2.0.2 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Dori\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.18 20:54:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.21 19:44:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.19 21:12:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.08.20 09:08:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.08.19 02:20:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dori\AppData\Roaming\mozilla\Extensions [2013.03.30 00:08:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dori\AppData\Roaming\mozilla\Firefox\Profiles\e9gmcuzb.default\extensions [2013.03.21 22:24:57 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Users\Dori\AppData\Roaming\mozilla\Firefox\Profiles\e9gmcuzb.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2012.10.02 18:47:12 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Dori\AppData\Roaming\mozilla\Firefox\Profiles\e9gmcuzb.default\extensions\foxmarks@kei.com [2012.12.11 19:37:57 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Dori\AppData\Roaming\mozilla\firefox\profiles\e9gmcuzb.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2013.02.14 10:50:58 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Dori\AppData\Roaming\mozilla\firefox\profiles\e9gmcuzb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.03.21 19:44:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2013.03.07 15:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2013.03.07 16:45:15 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.03.07 16:45:15 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2013.03.07 16:45:15 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2013.03.07 16:45:15 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2013.03.07 16:45:15 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2013.03.07 16:45:15 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [UIExec] D:\Program Files\1&1 Surf-Stick\UIExec.exe () O4 - HKU\S-1-5-21-1526168792-399095308-251973578-1000..\Run: [EPSON Stylus D92 Series] C:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE (SEIKO EPSON CORPORATION) O4 - HKU\S-1-5-21-1526168792-399095308-251973578-1000..\Run: [Facebook Update] C:\Users\Dori\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-1526168792-399095308-251973578-1000..\Run: [Yontoo Desktop] "C:\Users\Dori\AppData\Roaming\Yontoo\YontooDesktop.exe" File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-1526168792-399095308-251973578-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Dori\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found O9 - Extra Button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.17.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{33EEBC20-062D-4EAD-BE92-F6AABD2C703F}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\System32\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{8b35b5aa-d00d-11e0-858d-bcaec53fd230}\Shell - "" = AutoRun O33 - MountPoints2\{8b35b5aa-d00d-11e0-858d-bcaec53fd230}\Shell\AutoRun\command - "" = E:\AUTOSTARTER.EXE O33 - MountPoints2\{be5cec81-5364-11e2-8d94-001167d3792b}\Shell - "" = AutoRun O33 - MountPoints2\{be5cec81-5364-11e2-8d94-001167d3792b}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2030.01.02 06:15:06 | 000,000,000 | -HSD | C] -- C:\Boot [2013.03.30 08:23:29 | 000,000,000 | ---D | C] -- C:\Users\Dori\AppData\Local\{B83A5BFA-EDBD-4897-964D-86847B36F57A} [2013.03.30 00:18:31 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.03.30 00:12:13 | 000,000,000 | ---D | C] -- C:\windows\Temp [2013.03.30 00:12:13 | 000,000,000 | ---D | C] -- C:\Users\Dori\AppData\Local\Temp [2013.03.29 20:31:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dori\Desktop\OTL.exe [2013.03.29 20:16:06 | 000,000,000 | ---D | C] -- C:\windows\ERUNT [2013.03.29 20:15:54 | 000,000,000 | ---D | C] -- C:\JRT [2013.03.29 20:13:04 | 000,550,069 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Dori\Desktop\JRT.exe [2013.03.28 20:18:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2013.03.22 18:14:06 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msls31.dll [2013.03.22 18:14:06 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe [2013.03.22 18:14:06 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2013.03.22 18:14:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2013.03.22 18:14:05 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msrating.dll [2013.03.22 18:14:05 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieakeng.dll [2013.03.22 18:14:05 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\IEAdvpack.dll [2013.03.22 18:14:05 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll [2013.03.22 18:14:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SetIEInstalledDate.exe [2013.03.22 18:14:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtmler.dll [2013.03.22 18:14:05 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll [2013.03.22 18:14:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe [2013.03.22 18:14:04 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec [2013.03.22 18:14:04 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtmsft.dll [2013.03.22 18:14:04 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtrans.dll [2013.03.22 18:14:03 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dat [2013.03.22 18:14:03 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dll [2013.03.22 18:14:03 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll [2013.03.22 18:14:03 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll [2013.03.22 18:14:03 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll [2013.03.22 18:14:03 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe [2013.03.22 18:14:03 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll [2013.03.22 18:14:02 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2013.03.22 18:14:02 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll [2013.03.22 18:14:02 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl [2013.03.22 18:14:02 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2013.03.22 18:14:02 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieaksie.dll [2013.03.22 18:14:02 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieakui.dll [2013.03.22 18:14:02 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wextract.exe [2013.03.22 18:14:02 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iexpress.exe [2013.03.22 18:14:02 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe [2013.03.22 18:14:02 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll [2013.03.22 18:14:02 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\admparse.dll [2013.03.22 18:14:02 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inseng.dll [2013.03.22 18:14:02 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\pngfilt.dll [2013.03.22 18:14:02 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\imgutil.dll [2013.03.22 18:14:02 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll [2013.03.22 18:06:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2013.03.22 17:55:59 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaws.exe [2013.03.22 17:55:20 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaw.exe [2013.03.22 17:55:20 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\System32\java.exe [2013.03.22 17:55:20 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll [2013.03.21 20:10:26 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview [2013.03.21 12:10:50 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usb8023.sys [2013.03.21 10:27:19 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll [2013.03.21 10:27:14 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll [2013.03.21 10:06:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2013.03.21 10:04:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow [2013.03.21 10:04:09 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow [2013.03.21 09:39:44 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\WdfLdr.sys [2013.03.21 09:39:42 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Wdfres.dll [2013.03.21 09:37:49 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WUDFPlatform.dll [2013.03.21 09:37:43 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WUDFCoinstaller.dll [2013.03.21 09:37:41 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WUDFx.dll [2013.03.21 09:19:51 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\synceng.dll [2013.03.21 09:19:42 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\System32\oflc-nz.rs [2013.03.21 09:19:41 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\System32\csrr.rs [2013.03.21 09:19:41 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\System32\cob-au.rs [2013.03.21 09:19:40 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\System32\fpb.rs [2013.03.21 09:19:40 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\System32\pegibbfc.rs [2013.03.21 09:19:40 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\System32\djctq.rs [2013.03.21 09:19:39 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\System32\usk.rs [2013.03.21 09:19:39 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\System32\grb.rs [2013.03.21 09:19:38 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi-pt.rs [2013.03.21 09:19:38 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi.rs [2013.03.21 09:19:36 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Wpc.dll [2013.03.21 09:19:34 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\gameux.dll [2013.03.21 09:19:30 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\System32\esrb.rs [2013.03.21 09:19:30 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\System32\oflc.rs [2013.03.21 09:19:30 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi-fi.rs [2013.03.21 09:19:29 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\System32\cero.rs [2013.03.21 09:15:44 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dpnet.dll [2013.03.21 09:15:29 | 003,957,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe [2013.03.21 09:15:28 | 003,902,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe [2013.03.21 09:15:13 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcorekmts.dll [2013.03.21 09:15:13 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpwsx.dll [2013.03.21 09:15:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdrmemptylst.exe [2013.03.21 09:15:08 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2013.03.21 09:15:02 | 000,187,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\FWPKCLNT.SYS [2013.03.21 09:14:54 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\browcli.dll [2013.03.21 09:14:48 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ncrypt.dll [2013.03.21 09:14:45 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\srcore.dll [2013.03.21 09:13:28 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10level9.dll [2013.03.21 09:13:18 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll [2013.03.21 09:13:17 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1core.dll [2013.03.21 09:13:16 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10warp.dll [2013.03.21 09:13:15 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d2d1.dll [2013.03.21 09:13:14 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1.dll [2013.03.21 08:42:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll [2013.03.21 08:40:03 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll [2013.03.21 08:40:01 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\conhost.exe [2013.03.21 08:40:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2013.03.21 08:39:51 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-1-0.dll [2013.03.21 08:39:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2013.03.21 08:39:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2013.03.21 08:39:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-1-0.dll [2013.03.21 08:39:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-string-l1-1-0.dll [2013.03.21 08:39:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2013.03.21 08:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.03.21 08:39:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-profile-l1-1-0.dll [2013.03.21 08:39:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-misc-l1-1-0.dll [2013.03.21 08:39:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2013.03.21 08:39:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2013.03.21 08:39:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2013.03.21 08:39:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-memory-l1-1-0.dll [2013.03.21 08:39:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-io-l1-1-0.dll [2013.03.21 08:39:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2013.03.21 08:39:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-heap-l1-1-0.dll [2013.03.21 08:39:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-handle-l1-1-0.dll [2013.03.21 08:39:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2013.03.21 08:39:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2013.03.21 08:39:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2013.03.21 08:39:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-debug-l1-1-0.dll [2013.03.21 08:39:43 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2013.03.21 08:39:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2013.03.21 08:39:42 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-security-base-l1-1-0.dll [2013.03.21 08:39:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-util-l1-1-0.dll [2013.03.21 08:39:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-1-0.dll [2013.03.21 08:39:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-console-l1-1-0.dll [2013.03.20 14:11:27 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_8.dll [2013.03.20 14:11:27 | 000,018,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\x3daudio1_2.dll [2013.03.20 14:11:26 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_34.dll [2013.03.20 14:11:26 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_34.dll [2013.03.20 14:11:25 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_34.dll [2013.03.20 14:11:25 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xinput1_3.dll [2013.03.20 14:11:24 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_7.dll [2013.03.20 14:11:23 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_33.dll [2013.03.20 14:11:23 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_33.dll [2013.03.20 14:11:22 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_33.dll [2013.03.20 14:11:21 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_6.dll [2013.03.20 14:11:21 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_5.dll [2013.03.20 14:11:20 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10.dll [2013.03.20 14:11:18 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_4.dll [2013.03.20 14:11:18 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\x3daudio1_1.dll [2013.03.20 14:11:17 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_31.dll [2013.03.20 14:11:16 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_3.dll [2013.03.20 14:11:15 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_2.dll [2013.03.20 14:11:15 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xinput1_2.dll [2013.03.20 14:11:14 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_1.dll [2013.03.20 14:11:14 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xinput1_1.dll [2013.03.20 14:10:42 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_30.dll [2013.03.20 14:10:40 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_0.dll [2013.03.20 14:10:39 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\x3daudio1_0.dll [2013.03.20 14:10:38 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_29.dll [2013.03.20 14:10:37 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_28.dll [2013.03.20 14:10:35 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_27.dll [2013.03.20 14:10:33 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_26.dll [2013.03.20 14:10:31 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_25.dll [2013.03.20 14:10:27 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_24.dll [2013.03.20 13:13:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver [2013.03.19 21:11:54 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox ========== Files - Modified Within 30 Days ========== [2013.03.30 08:18:26 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013.03.30 08:18:26 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2013.03.30 08:18:24 | 000,001,134 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1526168792-399095308-251973578-1000UA.job [2013.03.30 08:18:09 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2013.03.30 00:24:11 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.03.30 00:24:11 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.03.30 00:16:29 | 000,001,090 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013.03.30 00:16:07 | 797,581,312 | -HS- | M] () -- C:\hiberfil.sys [2013.03.29 23:56:45 | 000,024,064 | ---- | M] () -- C:\windows\zoek-delete.exe [2013.03.29 23:56:24 | 001,264,814 | ---- | M] () -- C:\Users\Dori\Desktop\zoek.exe [2013.03.29 20:31:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dori\Desktop\OTL.exe [2013.03.29 20:13:06 | 000,550,069 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Dori\Desktop\JRT.exe [2013.03.29 19:11:14 | 000,609,993 | ---- | M] () -- C:\Users\Dori\Desktop\adwcleaner.exe [2013.03.29 10:21:02 | 000,001,112 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1526168792-399095308-251973578-1000Core.job [2013.03.28 20:18:20 | 000,002,170 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk [2013.03.26 16:39:31 | 000,654,166 | ---- | M] () -- C:\windows\System32\perfh007.dat [2013.03.26 16:39:31 | 000,616,008 | ---- | M] () -- C:\windows\System32\perfh009.dat [2013.03.26 16:39:31 | 000,130,006 | ---- | M] () -- C:\windows\System32\perfc007.dat [2013.03.26 16:39:31 | 000,106,388 | ---- | M] () -- C:\windows\System32\perfc009.dat [2013.03.22 18:14:06 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msls31.dll [2013.03.22 18:14:06 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe [2013.03.22 18:14:06 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2013.03.22 18:14:05 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2013.03.22 18:14:05 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msrating.dll [2013.03.22 18:14:05 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieakeng.dll [2013.03.22 18:14:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\IEAdvpack.dll [2013.03.22 18:14:05 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll [2013.03.22 18:14:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\SetIEInstalledDate.exe [2013.03.22 18:14:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtmler.dll [2013.03.22 18:14:05 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll [2013.03.22 18:14:05 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe [2013.03.22 18:14:04 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\html.iec [2013.03.22 18:14:04 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dxtmsft.dll [2013.03.22 18:14:04 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dxtrans.dll [2013.03.22 18:14:03 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dat [2013.03.22 18:14:03 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl [2013.03.22 18:14:03 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dll [2013.03.22 18:14:03 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll [2013.03.22 18:14:03 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\url.dll [2013.03.22 18:14:03 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll [2013.03.22 18:14:03 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe [2013.03.22 18:14:03 | 000,072,822 | ---- | M] () -- C:\windows\System32\ieuinit.inf [2013.03.22 18:14:03 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll [2013.03.22 18:14:02 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2013.03.22 18:14:02 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll [2013.03.22 18:14:02 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2013.03.22 18:14:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieaksie.dll [2013.03.22 18:14:02 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieakui.dll [2013.03.22 18:14:02 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wextract.exe [2013.03.22 18:14:02 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iexpress.exe [2013.03.22 18:14:02 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe [2013.03.22 18:14:02 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll [2013.03.22 18:14:02 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\admparse.dll [2013.03.22 18:14:02 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\inseng.dll [2013.03.22 18:14:02 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\pngfilt.dll [2013.03.22 18:14:02 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\imgutil.dll [2013.03.22 18:14:02 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll [2013.03.22 18:06:27 | 000,000,743 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.03.22 18:03:24 | 000,000,775 | ---- | M] () -- C:\Users\Public\Desktop\IrfanView Thumbnails.lnk [2013.03.22 18:03:24 | 000,000,683 | ---- | M] () -- C:\Users\Public\Desktop\IrfanView.lnk [2013.03.22 17:54:54 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll [2013.03.22 17:54:45 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaws.exe [2013.03.22 17:54:45 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaw.exe [2013.03.22 17:54:44 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\System32\java.exe [2013.03.22 17:54:41 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\windows\System32\npDeployJava1.dll [2013.03.22 17:54:41 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\windows\System32\deployJava1.dll [2013.03.21 19:44:20 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.03.21 11:10:11 | 000,000,862 | ---- | M] () -- C:\windows\System32\InstallUtil.InstallLog [2013.03.21 10:52:34 | 000,289,672 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2013.03.21 09:58:44 | 000,000,800 | ---- | M] () -- C:\Users\Dori\Desktop\HDVidCodec.lnk [2013.03.20 14:08:22 | 000,001,004 | ---- | M] () -- C:\Users\Public\Desktop\Geheimakte Tunguska.lnk [2013.03.20 14:07:08 | 000,083,872 | ---- | M] () -- C:\windows\System32\drivers\atksgt.sys [2013.03.20 14:07:08 | 000,025,888 | ---- | M] () -- C:\windows\System32\drivers\lirsgt.sys [2013.03.18 20:54:39 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt [2013.03.13 14:09:03 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe [2013.03.13 14:09:03 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl [2013.03.07 00:33:24 | 000,765,736 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys [2013.03.07 00:33:24 | 000,368,176 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys [2013.03.07 00:33:24 | 000,164,736 | ---- | M] () -- C:\windows\System32\drivers\aswVmm.sys [2013.03.07 00:33:24 | 000,062,376 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys [2013.03.07 00:33:24 | 000,049,248 | ---- | M] () -- C:\windows\System32\drivers\aswRvrt.sys [2013.03.07 00:33:23 | 000,066,336 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswMonFlt.sys [2013.03.07 00:33:23 | 000,060,656 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswRdr2.sys [2013.03.07 00:33:22 | 000,029,816 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys [2013.03.07 00:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr [2013.03.07 00:32:42 | 000,228,600 | ---- | M] (AVAST Software) -- C:\windows\System32\aswBoot.exe ========== Files Created - No Company Name ========== [2030.01.02 06:15:07 | 000,383,562 | RHS- | C] () -- C:\bootmgr [2013.03.30 00:12:14 | 000,024,064 | ---- | C] () -- C:\windows\zoek-delete.exe [2013.03.29 19:10:55 | 000,609,993 | ---- | C] () -- C:\Users\Dori\Desktop\adwcleaner.exe [2013.03.28 20:18:20 | 000,002,170 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk [2013.03.22 18:14:03 | 000,072,822 | ---- | C] () -- C:\windows\System32\ieuinit.inf [2013.03.22 18:06:27 | 000,000,743 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.03.22 18:03:24 | 000,000,775 | ---- | C] () -- C:\Users\Public\Desktop\IrfanView Thumbnails.lnk [2013.03.22 18:03:24 | 000,000,683 | ---- | C] () -- C:\Users\Public\Desktop\IrfanView.lnk [2013.03.21 10:42:34 | 000,000,862 | ---- | C] () -- C:\windows\System32\InstallUtil.InstallLog [2013.03.21 10:04:36 | 000,079,360 | ---- | C] () -- C:\windows\System32\ff_vfw.dll [2013.03.21 09:58:44 | 000,000,800 | ---- | C] () -- C:\Users\Dori\Desktop\HDVidCodec.lnk [2013.03.21 09:39:53 | 000,000,003 | ---- | C] () -- C:\windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2013.03.21 09:37:41 | 000,000,003 | ---- | C] () -- C:\windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2013.03.20 14:08:22 | 000,001,004 | ---- | C] () -- C:\Users\Public\Desktop\Geheimakte Tunguska.lnk [2013.03.20 14:02:47 | 000,083,872 | ---- | C] () -- C:\windows\System32\drivers\atksgt.sys [2013.03.20 14:02:45 | 000,025,888 | ---- | C] () -- C:\windows\System32\drivers\lirsgt.sys [2013.03.19 00:00:10 | 001,264,814 | ---- | C] () -- C:\Users\Dori\Desktop\zoek.exe [2013.03.18 20:54:40 | 000,164,736 | ---- | C] () -- C:\windows\System32\drivers\aswVmm.sys [2013.03.18 20:54:39 | 000,049,248 | ---- | C] () -- C:\windows\System32\drivers\aswRvrt.sys [2012.08.28 09:04:34 | 000,081,920 | ---- | C] () -- C:\windows\System32\issacapi_bs-2.3.dll [2012.08.28 09:04:34 | 000,065,536 | ---- | C] () -- C:\windows\System32\issacapi_pe-2.3.dll [2012.08.28 09:04:34 | 000,057,344 | ---- | C] () -- C:\windows\System32\issacapi_se-2.3.dll [2012.08.28 09:04:32 | 000,974,848 | ---- | C] () -- C:\windows\System32\cis-2.4.dll [2011.09.12 08:05:25 | 000,006,656 | ---- | C] () -- C:\Users\Dori\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.08.28 08:37:43 | 000,000,395 | ---- | C] () -- C:\windows\MAXLINK.INI [2011.08.26 19:15:30 | 000,000,266 | ---- | C] () -- C:\windows\lgfwup.ini [2011.08.19 12:47:58 | 005,775,429 | ---- | C] ( ) -- C:\windows\System32\RTKISDBT.dll [2011.08.19 01:26:34 | 000,006,144 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS [2011.08.19 01:26:07 | 000,005,576 | ---- | C] () -- C:\windows\Language.ini [2011.08.19 01:20:16 | 000,004,692 | ---- | C] () -- C:\windows\System32\drivers\SamSfPa.dat [2011.08.19 01:20:16 | 000,000,008 | ---- | C] () -- C:\windows\System32\drivers\rtkhdaud.dat [2010.12.18 02:27:08 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2012.11.09 23:09:20 | 000,000,596 | ---- | M] () -- C:\Users\Dori\AppData\Roaming\Mozilla\Firefox\Profiles\e9gmcuzb.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}\defaults\printing\icons\@.png [2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > Code:
ATTFilter OTL Extras logfile created on: 30.03.2013 08:27:27 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dori\Desktop
Starter Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1014,18 Mb Total Physical Memory | 145,01 Mb Available Physical Memory | 14,30% Memory free
1,99 Gb Paging File | 0,91 Gb Available in Paging File | 45,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 60,03 Gb Free Space | 60,03% Space Free | Partition Type: NTFS
Drive D: | 117,87 Gb Total Space | 114,49 Gb Free Space | 97,14% Space Free | Partition Type: NTFS
Computer Name: DORI-PC | User Name: Dori | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\windows\System32\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\windows\System32\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\windows\System32\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\windows\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\windows\System32\CScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1526168792-399095308-251973578-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "D:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{7EFA847C-DB9E-439E-82BE-26BCDB6BEEE2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{96E0EB28-D673-4788-8721-A1C11800EF24}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05DC2B33-D260-4D57-8686-54446A75FEE6}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{078C9B2E-32C2-4192-AA2A-B422BEA79398}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1B81681C-F91C-4BC5-A03C-4708F86AA89D}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{219AF7D1-FFCC-409B-8E44-3047742A0D55}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2F78368F-8E6D-4F8E-965F-D52846DC8828}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{348CE1AD-7077-4E41-A590-B14960725F88}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3C4D834A-20FC-468F-A26D-E0B58B67BF8C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{49D337BF-6091-43B5-8E3E-CA128A0550F1}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{61A4F869-0580-4AA7-A185-20281D3C1886}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{69DEBF16-121C-4917-81E7-DC27D0684C33}" = protocol=17 | dir=in | app=c:\program files\arcsoft\totalmedia 3.5\totalmedia.exe |
"{70724D7D-AF11-4AD0-B900-95F2BB72FEB4}" = dir=in | app=c:\users\dori\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{7BE6B8A4-96FE-4782-8D49-C3E445BD713D}" = protocol=6 | dir=in | app=c:\program files\arcsoft\totalmedia 3.5\totalmedia.exe |
"{89966636-D641-4AD4-A69B-7742F22F72DF}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{8D35CE92-0F4D-44EA-9128-3A3A152FCEEA}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8FA50EF5-7D2E-460B-ACA0-73D86ADC7EAF}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{910906FF-B42F-4C86-9C0D-47C4CB561466}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9ED8B94A-4060-4950-A17B-B10C9296B867}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B5B27FAA-B953-48F5-8B81-E3AAE16B81B7}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{D3634DF4-5369-4C81-A6F4-3263A3177A11}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{ED5E81A9-7AE1-4390-8895-AEBE0ECF25C0}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{F606BE78-1E2D-4C38-B63E-845F2FD96882}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{F6E4B323-9AF7-4905-9B60-B4417B22F667}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"TCP Query User{B01A9FB7-2A42-4E73-A3E5-116A88D3C5D6}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{B06FACAA-4BF4-46CA-80E9-D078127E5002}C:\program files\secondlifeviewer\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\secondlifeviewer\slvoice.exe |
"UDP Query User{037B9D4B-D507-401F-A8F7-B987F9AC654F}C:\program files\secondlifeviewer\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\secondlifeviewer\slvoice.exe |
"UDP Query User{5CE212F8-C56C-4D3D-9C02-CCE28D2598F1}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{17780F99-A9DF-450B-81B3-6781B20A17A8}" = FontResizer
"{185AFA7A-F63E-450B-94AA-011CAC18090E}" = E-Cam
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{38E5A3B1-ADF1-47E0-8024-76310A30EB36}" = LiveUpdate
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3B11379A-9196-4228-981A-BB255E13109E}" = Autostart-Manager 2006
"{3B416FDA-CB3E-4514-9616-763E5B0D1140}" = Geheimakte Tunguska
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{47AB8413-346A-4745-BC24-8520877313C1}" = Windows Live Family Safety
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{491ADA37-04EE-2ECE-9F86-DDC0106047AC}" = Times Reader
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B1EDAFC-B0EB-465F-886C-24FAC1BED2AC}" = Windows Live Remote Client Resources
"{4B5092B6-F231-4D18-83BC-2618B729CA45}" = CapsHook
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5C46518A-F797-4973-A257-F3F60F2FC61E}" = LogonStudio
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{6333FC29-BFE5-4024-AC78-958A1A7555D1}" = EeeSplendid
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{6F7614CC-F33A-4877-8814-49856F441F3C}" = Stardock MyColors
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71C0E38E-09F2-4386-9977-404D4F6640CD}" = Hotkey Service
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{74292F90-895A-4FC6-A692-9641532B1B63}" = ArcSoft TotalMedia 3.5
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{8142D25E-028A-4563-86ED-5755783C8029}" = Messenger Companion
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{845E0BCB-8C8D-4FAB-8588-AD5FFD156C95}" = Windows Live Remote Service Resources
"{84C2B80B-64A2-4B22-93EC-F30C3D6BF7D8}" = Boingo Wi-Fi
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{859D40CF-8491-44AD-8FA8-7389CB418C64}" = 32 Bit HP CIO Components Installer
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F85CC2C-4B26-4CF6-B835-DC59BCEDD287}" = Bluesoleil2.7.0.13 VoIP Release 071227
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT2860 Wireless LAN Card
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C05B2CC-68D0-4B46-A9C8-40CC4BF10C33}" = Windows Live Family Safety
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = 1&1 Surf-Stick
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}" = Windows Live Remote Service Resources
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{AC0628FF-532F-4800-91EC-40903B04682F}" = Windows Live Remote Service Resources
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7DAD22D-29D4-438F-B986-03B9ED582EA4}" = Messenger Companion
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D44AA979-47C2-4BC0-A860-09A54224EA44}_is1" = Game Park Console
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D802DD00-16A8-4A58-AFC9-020C2380ECDA}" = EeeSplendid
"{DDBB7C89-1A09-441E-AA0F-6AA465755C17}" = REALTEK DTV USB DEVICE
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DDECEFE0-5669-4AC2-9EFC-DADE420556F5}" = ScanSoft OmniPage 16
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF33FDAF-22DE-4E3E-AFF7-A8648B473596}" = Windows Live Family Safety
"{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}" = Windows Live Remote Client Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0CCBE54-9132-44E9-82DF-CD364AD5C22D}" = Windows Live Remote Client Resources
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3D2DEDC-4732-4188-8A3A-1A3FFBD4D6C8}" = ebi.BookReader3J
"{F454FCC0-06AF-482C-AEBA-D2210449C0EE}_is1" = aOUTo Version 1.21
"{F58C1D44-4AC9-48E8-9049-7A6CDFCB415C}" = LocaleMe
"{F5A4F780-DF0C-444F-BA82-637CCF5C8052}" = Windows Live Family Safety
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"AudibleManager" = AudibleManager
"avast" = avast! Free Antivirus
"B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE" = Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403)
"B5C82F3814F82FB37F1513B3185399BD88892B08" = Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0)
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"BSW" = BrettspielWelt
"com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1" = Times Reader
"Eee Docking_is1" = Eee Docking 3.8.1
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"ffdshow_is1" = ffdshow v1.2.4422 [2012-04-09]
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.17.319
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}" = FontResizer
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"IrfanView" = IrfanView (remove only)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"Mozilla Thunderbird (6.0)" = Mozilla Thunderbird (6.0)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Stardock MyColors" = Stardock MyColors
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.5
"WinLiveSuite" = Windows Live Essentials
"YTdetect" = Yahoo! Detect
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1526168792-399095308-251973578-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.03.2013 16:50:29 | Computer Name = Dori-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ System Events ]
Error - 29.03.2013 16:52:41 | Computer Name = Dori-PC | Source = DCOM | ID = 10010
Description =
Error - 29.03.2013 19:16:33 | Computer Name = Dori-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
< End of report >
|
|
30.03.2013, 09:13
| #4 |
| /// Malwareteam / Visitor | Click to Continue by CouponDropDown bekomm ich nicht weg Nach meine Meinung sieht es gut aus  Noch Probleme mit CouponDropDown? Wenn nicht, dann ... Scan mit SecurityCheck Downloade Dir bitte SecurityCheck |
|
30.03.2013, 16:34
| #5 |
| | Click to Continue by CouponDropDown bekomm ich nicht weg Vielen Dank für deine Hilfe, so hier der Log: Code:
ATTFilter Results of screen317's Security Check version 0.99.59
Windows 7 x86 (UAC is enabled)
Out of date service pack!!
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Trend Micro Titanium
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
JavaFX 2.1.1
Java(TM) 6 Update 26
Java(TM) 6 Update 22
Java 7 Update 17
Java version out of Date!
Adobe Flash Player 11.6.602.180
Adobe Reader XI
Mozilla Firefox (19.0.2)
Mozilla Thunderbird (6.0). Thunderbird out of Date!
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
Trend Micro AMSP coreServiceShell.exe
Trend Micro AMSP AMSP_LogServer.exe
Trend Micro AMSP coreFrameworkHost.exe
Trend Micro UniClient UiFrmWrk UIWatchDog.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
|
|
30.03.2013, 17:23
| #6 |
| /// Malwareteam / Visitor | Click to Continue by CouponDropDown bekomm ich nicht weg Deine Windows ist nicht ganz aktuell. Du hast nicht Service Pack 1 für Windows 7 installiert Bitte hier lesen: Windows Update - Microsoft Windows Auch deine ThunderBird braucht eine update: Thunderbird Mail DE/wiki/Hauptseite Du hast noch ältere Versionen von Java auf Deinen PC: JavaFX 2.1.1 Java(TM) 6 Update 26 Java(TM) 6 Update 22 Die kannst du deinstallieren. Wie deinstalliere ich Programme bei Windows-7? wenn du dies durchgeführt hast, scan erneut mit SecurityCheck und Poste den Inhalt bitte hier |
|
31.03.2013, 12:49
| #7 |
| | Click to Continue by CouponDropDown bekomm ich nicht weg Ok, ich mach mich mal ans Löschen Thunderbird benutze ich gar nicht mehr Und das Servicepack bekomm ich nicht installiert habe ich schon zigmal versucht.. Frohe Ostern So, nach vielen Kämpfen.. Code:
ATTFilter Results of screen317's Security Check version 0.99.59
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Trend Micro Titanium
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 17
Java version out of Date!
Adobe Flash Player 11.6.602.180
Adobe Reader XI
Mozilla Firefox (19.0.2)
Mozilla Thunderbird (17.0.4)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
Trend Micro AMSP coreServiceShell.exe
Trend Micro AMSP AMSP_LogServer.exe
Trend Micro AMSP coreFrameworkHost.exe
Trend Micro UniClient UiFrmWrk UIWatchDog.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
|
|
02.04.2013, 21:47
| #8 |
| /// Malwareteam / Visitor | Click to Continue by CouponDropDown bekomm ich nicht weg Ich entschuldige mich für die Verspätung, ich war sehr beschäftigt in den letzten Tagen  Welche Updates bekommst Du noch angeboten, wenn Du auf Windows Update gehst? Gibt es einige Fehlermeldungen? Schon mal ein direkte download versucht? http://www.microsoft.com/de-de/downl...s.aspx?id=5842 Wahle windows6.1-KB976932-X86.exe steht ganz unten. Geändert von smeenk (02.04.2013 um 22:04 Uhr) |
|
| Themen zu Click to Continue by CouponDropDown bekomm ich nicht weg |
| .html, anhang, anleitung, click, continue, coupondropdown, leitung, link, partnerschaft, super |
Linear-Darstellung
