| |
| |||||||
Log-Analyse und Auswertung: Avira Antivir findet JAVA/Agent.LP, EXP/JAVA.Ternub.Gen und EXP/CVE-2012-0507.ARWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
20.01.2013, 02:49
| #1 |
| |  Avira Antivir findet JAVA/Agent.LP, EXP/JAVA.Ternub.Gen und EXP/CVE-2012-0507.AR Hallo liebes TB-Team, ich habe mir die folgenden 3 Viren eingefangen: JAVA/Agent.LP, EXP/JAVA.Ternub.Gen und EXP/CVE-2012-0507.AR Windows normal funktioniert nicht mehr. Zu sehen ist auf dem Desktop ein ähnliches Bild wie bei diesem Verschlüsselungs-Trojaner wo man aufgefordert wird Geld zu bezahlen. Taskmanager schließt sich sofort wieder und ansonsten kann ich nichts weiter machen. Habe im Abgesicherten Modus einen Scan (so wie in ähnlichen Threads beschrieben worden) mit Adwcleaner und Otl gemacht. Ich hoffe das ist hilfreich bzw. korrekt. Vielen Dank im voraus! Gruß adwcleaner: Code:
ATTFilter # AdwCleaner v2.106 - Datei am 20/01/2013 um 00:46:59 erstellt
# Aktualisiert am 17/01/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Querizz - QUERIZZ-PC
# Bootmodus : Abgesicherter Modus
# Ausgeführt unter : C:\Users\Querizz\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\Querizz\AppData\Roaming\Mozilla\Firefox\Profiles\ldwle5zd.Reizness\searchplugins\11-suche.xml
Ordner Gelöscht : C:\Program Files\Winamp Toolbar
Ordner Gelöscht : C:\ProgramData\Winamp Toolbar
Ordner Gelöscht : C:\Users\Querizz\AppData\Local\Winamp Toolbar
Ordner Gelöscht : C:\Users\Querizz\AppData\Roaming\Mozilla\Firefox\Profiles\ldwle5zd.Reizness\Conduit
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Schlüssel Gelöscht : HKCU\Software\Winamp Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinampTb.Downloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Schlüssel Gelöscht : HKLM\Software\Winamp Toolbar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.19393
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://toolbar.aol.com/browserpages/newtab-winamp-ie-en-us.html --> hxxp://www.google.com
-\\ Mozilla Firefox v17.0.1 (de)
Datei : C:\Users\Querizz\AppData\Roaming\Mozilla\Firefox\Profiles\ldwle5zd.Reizness\prefs.js
Gelöscht : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2269050.CTID", "CT2269050");
Gelöscht : user_pref("CT2269050.CurrentServerDate", "24-8-2010");
Gelöscht : user_pref("CT2269050.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2269050.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2269050.EMailNotifierPollDate", "Mon Aug 23 2010 23:51:47 GMT+0200");
Gelöscht : user_pref("CT2269050.FirstServerDate", "24-8-2010");
Gelöscht : user_pref("CT2269050.FirstTime", true);
Gelöscht : user_pref("CT2269050.FirstTimeFF3", true);
Gelöscht : user_pref("CT2269050.FirstTimeSettingsDone", true);
Gelöscht : user_pref("CT2269050.FixPageNotFoundErrors", true);
Gelöscht : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2269050.Initialize", true);
Gelöscht : user_pref("CT2269050.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2269050.InstallationAndCookieDataSentCount", 1);
Gelöscht : user_pref("CT2269050.InstallationType", "UnknownIntegration");
Gelöscht : user_pref("CT2269050.InstalledDate", "Mon Aug 23 2010 23:51:47 GMT+0200");
Gelöscht : user_pref("CT2269050.InvalidateCache", false);
Gelöscht : user_pref("CT2269050.IsGrouping", false);
Gelöscht : user_pref("CT2269050.IsMulticommunity", false);
Gelöscht : user_pref("CT2269050.IsOpenThankYouPage", false);
Gelöscht : user_pref("CT2269050.IsOpenUninstallPage", false);
Gelöscht : user_pref("CT2269050.LanguagePackLastCheckTime", "Mon Aug 23 2010 23:51:52 GMT+0200");
Gelöscht : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2269050.LastLogin_2.7.2.0", "Mon Aug 23 2010 23:51:49 GMT+0200");
Gelöscht : user_pref("CT2269050.LatestVersion", "2.7.2.0");
Gelöscht : user_pref("CT2269050.Locale", "en");
Gelöscht : user_pref("CT2269050.LoginCache", 4);
Gelöscht : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2269050.RadioIsPodcast", false);
Gelöscht : user_pref("CT2269050.RadioLastCheckTime", "Mon Aug 23 2010 23:51:50 GMT+0200");
Gelöscht : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Gelöscht : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Gelöscht : user_pref("CT2269050.RadioMediaID", "12473383");
Gelöscht : user_pref("CT2269050.RadioMediaType", "Media Player");
Gelöscht : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Gelöscht : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Gelöscht : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Gelöscht : user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gelöscht : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Gelöscht : user_pref("CT2269050.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Mon Aug 23 2010 23:51:49 GMT+0200");
Gelöscht : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2269050.SettingsCheckIntervalMin", 120);
Gelöscht : user_pref("CT2269050.SettingsLastCheckTime", "Mon Aug 23 2010 23:51:46 GMT+0200");
Gelöscht : user_pref("CT2269050.SettingsLastUpdate", "1282122280");
Gelöscht : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Mon Aug 23 2010 23:51:46 GMT+0200");
Gelöscht : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246790578");
Gelöscht : user_pref("CT2269050.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Gelöscht : user_pref("CT2269050.Uninstall", true);
Gelöscht : user_pref("CT2269050.UserID", "UN43767250370694891");
Gelöscht : user_pref("CT2269050.WeatherNetwork", "");
Gelöscht : user_pref("CT2269050.WeatherPollDate", "Mon Aug 23 2010 23:51:51 GMT+0200");
Gelöscht : user_pref("CT2269050.WeatherUnit", "C");
Gelöscht : user_pref("CT2269050.alertChannelId", "666138");
Gelöscht : user_pref("CT2269050.clientLogIsEnabled", false);
Gelöscht : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Gelöscht : user_pref("CT2269050.myStuffEnabled", true);
Gelöscht : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Gelöscht : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2438727.CTID", "CT2438727");
Gelöscht : user_pref("CT2438727.CurrentServerDate", "1-12-2010");
Gelöscht : user_pref("CT2438727.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2438727.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2438727.FirstServerDate", "11-11-2010");
Gelöscht : user_pref("CT2438727.FirstTime", true);
Gelöscht : user_pref("CT2438727.FirstTimeFF3", true);
Gelöscht : user_pref("CT2438727.FirstTimeSettingsDone", true);
Gelöscht : user_pref("CT2438727.FixPageNotFoundErrors", true);
Gelöscht : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2438727.Initialize", true);
Gelöscht : user_pref("CT2438727.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2438727.InstallationAndCookieDataSentCount", 3);
Gelöscht : user_pref("CT2438727.InstalledDate", "Thu Nov 11 2010 01:00:58 GMT+0100");
Gelöscht : user_pref("CT2438727.IsGrouping", false);
Gelöscht : user_pref("CT2438727.IsMulticommunity", false);
Gelöscht : user_pref("CT2438727.IsOpenThankYouPage", true);
Gelöscht : user_pref("CT2438727.IsOpenUninstallPage", true);
Gelöscht : user_pref("CT2438727.LanguagePackLastCheckTime", "Tue Nov 30 2010 22:03:50 GMT+0100");
Gelöscht : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2438727.LastLogin_2.7.1.3", "Tue Nov 30 2010 22:03:48 GMT+0100");
Gelöscht : user_pref("CT2438727.LatestVersion", "2.7.1.3");
Gelöscht : user_pref("CT2438727.Locale", "en");
Gelöscht : user_pref("CT2438727.LoginCache", 4);
Gelöscht : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gelöscht : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Gelöscht : user_pref("CT2438727.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Tue Nov 30 2010 21:31:57 GMT+0100");
Gelöscht : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2438727.SearchInNewTabUserEnabled", false);
Gelöscht : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Gelöscht : user_pref("CT2438727.SettingsLastCheckTime", "Tue Nov 30 2010 21:31:57 GMT+0100");
Gelöscht : user_pref("CT2438727.SettingsLastUpdate", "1287517459");
Gelöscht : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Thu Nov 11 2010 01:00:52 GMT+0100");
Gelöscht : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1246790578");
Gelöscht : user_pref("CT2438727.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Gelöscht : user_pref("CT2438727.UserID", "UN52526885417487839");
Gelöscht : user_pref("CT2438727.ValidationData_Toolbar", 2);
Gelöscht : user_pref("CT2438727.alertChannelId", "832836");
Gelöscht : user_pref("CT2438727.clientLogIsEnabled", false);
Gelöscht : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Gelöscht : user_pref("CT2438727.myStuffEnabled", true);
Gelöscht : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2269050,CT2438727");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050,CT2438727");
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 720);
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Nov 30 2010 21:31:57 GMT+0100");
Gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
Gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Nov 30 2010 21:31:57 GMT+0100");
Gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1283688156");
Gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Gelöscht : user_pref("CommunityToolbar.alert.userId", "{de011303-204c-4d74-9fcb-0855077aaea1}");
Gelöscht : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Aug 23 2010 23:51:50 GMT+0200");
*************************
AdwCleaner[S1].txt - [16536 octets] - [20/01/2013 00:46:59]
########## EOF - C:\AdwCleaner[S1].txt - [16597 octets] ##########
Code:
ATTFilter OTL logfile created on: 20.01.2013 00:53:31 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Querizz\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19393) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 2,82 Gb Available Physical Memory | 86,76% Memory free 10,23 Gb Paging File | 10,00 Gb Available in Paging File | 97,80% Paging File free Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 90,08 Gb Total Space | 5,24 Gb Free Space | 5,82% Space Free | Partition Type: NTFS Drive D: | 208,01 Gb Total Space | 20,74 Gb Free Space | 9,97% Space Free | Partition Type: NTFS Drive E: | 699,00 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: QUERIZZ-PC | User Name: Querizz | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Querizz\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\explorer.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - C:\Program Files\WinRAR\RarExt.dll () ========== Services (SafeList) ========== SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (AVM WLAN Connection Service) -- C:\Program Files\avmwlanstick\WLanNetService.exe (AVM Berlin) ========== Driver Services (SafeList) ========== DRV - (PID_0928) -- system32\DRIVERS\LV561AV.SYS File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (EIO) -- system32\DRIVERS\EIO.sys File not found DRV - (cpuz130) -- C:\Users\Querizz\AppData\Local\Temp\cpuz130\cpuz_x32.sys File not found DRV - (atkdisplf) -- system32\drivers\ATKDispLowFilter.sys File not found DRV - (asusgsb) -- system32\drivers\asusgsb.sys File not found DRV - (amrhppkt) -- File not found DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications) DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications) DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys () DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (Point32) -- C:\Windows\System32\drivers\point32k.sys (Microsoft Corporation) DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (LGII2CDevice) -- C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys () DRV - (LGDDCDevice) -- C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys () DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation) DRV - (AmdLLD) -- C:\Windows\System32\drivers\AmdLLD.sys (AMD, Inc.) DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation) DRV - (c65013264) -- C:\Windows\System32\drivers\c6501.sys (C-Media Inc) DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH) DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin) DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys () DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys () DRV - (tap0801) -- C:\Windows\System32\drivers\tap0801.sys (The OpenVPN Project) DRV - (lvmvdrv) -- C:\Windows\System32\drivers\LVMVdrv.sys () DRV - (LVPrcMon) -- C:\Windows\System32\drivers\LVPrcMon.sys () DRV - (Lvckap) -- C:\Windows\System32\drivers\Lvckap.sys () DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1648288272-387162003-2992708448-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-1648288272-387162003-2992708448-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-1648288272-387162003-2992708448-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 99 F1 28 97 57 E1 CD 01 [binary data] IE - HKU\S-1-5-21-1648288272-387162003-2992708448-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1648288272-387162003-2992708448-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1648288272-387162003-2992708448-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-1648288272-387162003-2992708448-1000\..\SearchScopes\{63362555-FBBA-4E04-9A86-C8FC799D3D42}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms} IE - HKU\S-1-5-21-1648288272-387162003-2992708448-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1648288272-387162003-2992708448-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback> IE - HKU\S-1-5-21-1648288272-387162003-2992708448-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49326;https=127.0.0.1:49326; ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=0.9.9: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.05 15:09:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.27 14:29:15 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{378AD136-6923-4357-A16D-63782F1DC3D9}: C:\Users\Querizz\AppData\Local\{378AD136-6923-4357-A16D-63782F1DC3D9} [2011.02.12 00:14:10 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.05 15:09:05 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.27 14:29:15 | 000,000,000 | ---D | M] [2010.05.21 18:27:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Querizz\AppData\Roaming\mozilla\Extensions [2012.12.12 13:14:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Querizz\AppData\Roaming\mozilla\Firefox\Profiles\ldwle5zd.Reizness\extensions [2010.05.23 03:27:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Querizz\AppData\Roaming\mozilla\Firefox\Profiles\ldwle5zd.Reizness\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.08.10 16:48:10 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Querizz\AppData\Roaming\mozilla\Firefox\Profiles\ldwle5zd.Reizness\extensions\DeviceDetection@logitech.com [2012.12.12 13:14:42 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Querizz\AppData\Roaming\mozilla\firefox\profiles\ldwle5zd.Reizness\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012.11.23 19:31:08 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Querizz\AppData\Roaming\mozilla\firefox\profiles\ldwle5zd.Reizness\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.03.30 23:30:31 | 000,685,019 | ---- | M] () (No name found) -- C:\Users\Querizz\AppData\Roaming\mozilla\firefox\profiles\ldwle5zd.Reizness\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi [2012.10.27 14:29:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012.10.27 14:29:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2013.01.10 20:19:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions [2013.01.10 20:19:46 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013.01.10 20:19:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2012.12.05 15:09:04 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.06.18 13:03:09 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.30 21:48:48 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.06.18 13:03:09 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.06.18 13:03:09 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.18 13:03:09 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.18 13:03:09 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CamWizard] C:\Program Files\Common Files\Logitech\QCDRV\BIN\CamWizard.exe File not found O4 - HKLM..\Run: [LVCOMSX] C:\Windows\System32\LVCOMSX.EXE (Logitech Inc.) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1648288272-387162003-2992708448-1000..\Run: [Steam] D:\Games\Steam\Steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-1648288272-387162003-2992708448-1000..\Run: [svñhîst] C:\Users\Querizz\wgsdgsdgdsgsd.exe (Softspecialists) O4 - HKU\S-1-5-21-1648288272-387162003-2992708448-1000..\RunOnce: [Report] C:\AdwCleaner[S1].txt () O4 - Startup: C:\Users\Querizz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Querizz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStartupSound = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1 O7 - HKU\S-1-5-21-1648288272-387162003-2992708448-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1 O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html File not found O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Free YouTube Download - C:\Users\Querizz\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Querizz\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{776DD74C-FC77-458E-8A62-01D20DB2232B}: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: D:\Bilderz\FUSION 2012\IMG_1638.JPG O24 - Desktop BackupWallPaper: D:\Bilderz\FUSION 2012\IMG_1638.JPG O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{1b526577-e0bb-11de-bc25-001a4f4871f3}\Shell - "" = AutoRun O33 - MountPoints2\{1b526577-e0bb-11de-bc25-001a4f4871f3}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O33 - MountPoints2\{2c012c03-152c-11de-af54-001d608f7aec}\Shell - "" = AutoRun O33 - MountPoints2\{2c012c03-152c-11de-af54-001d608f7aec}\Shell\AutoRun\command - "" = H:\pushinst.exe O33 - MountPoints2\{6ca20237-3999-11df-a7f2-001a4f4871f3}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe DELL.vbs O33 - MountPoints2\{748cd581-3489-11de-810d-001a4f4871f3}\Shell - "" = AutoRun O33 - MountPoints2\{748cd581-3489-11de-810d-001a4f4871f3}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{e0a38556-dc01-11de-8af8-001a4f4871f3}\Shell\AutoRun\command - "" = atjwfy.exe O33 - MountPoints2\{e0a38556-dc01-11de-8af8-001a4f4871f3}\Shell\explore\Command - "" = atjwfy.exe O33 - MountPoints2\{e0a38556-dc01-11de-8af8-001a4f4871f3}\Shell\open\Command - "" = atjwfy.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\pushinst.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.01.20 00:41:27 | 000,000,000 | ---D | C] -- C:\Users\Querizz\Desktop\DESKTOP [2013.01.20 00:40:56 | 000,895,904 | ---- | C] (Oracle Corporation) -- C:\Users\Querizz\Desktop\jxpiinstall.exe [2013.01.20 00:40:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Querizz\Desktop\OTL.exe [2013.01.11 08:04:17 | 000,032,256 | RHS- | C] (Softspecialists) -- C:\Users\Querizz\wgsdgsdgdsgsd.exe [2013.01.09 14:52:14 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.01.09 14:51:48 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2012.12.21 03:01:07 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012.12.21 03:01:07 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.01.20 00:52:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.20 00:49:22 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.20 00:49:22 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.20 00:39:32 | 000,670,676 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.01.20 00:39:32 | 000,631,742 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.01.20 00:39:32 | 000,144,214 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.01.20 00:39:32 | 000,118,368 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.01.19 19:56:40 | 000,001,356 | ---- | M] () -- C:\Users\Querizz\AppData\Local\d3d9caps.dat [2013.01.19 18:13:34 | 000,895,904 | ---- | M] (Oracle Corporation) -- C:\Users\Querizz\Desktop\jxpiinstall.exe [2013.01.19 18:13:26 | 013,462,931 | ---- | M] () -- C:\Users\Querizz\Desktop\mbar-1.01.0.1016.zip [2013.01.19 18:11:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Querizz\Desktop\OTL.exe [2013.01.19 18:11:24 | 000,574,677 | ---- | M] () -- C:\Users\Querizz\Desktop\adwcleaner.exe [2013.01.11 08:04:17 | 000,032,256 | RHS- | M] (Softspecialists) -- C:\Users\Querizz\wgsdgsdgdsgsd.exe [2013.01.09 18:15:09 | 001,721,392 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.12.29 04:56:26 | 000,000,953 | ---- | M] () -- C:\Users\Querizz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.12.23 00:04:06 | 000,007,168 | ---- | M] () -- C:\Users\Querizz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.12.21 19:47:18 | 217,136,483 | ---- | M] () -- C:\Windows\MEMORY.DMP [5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.01.20 00:40:55 | 000,574,677 | ---- | C] () -- C:\Users\Querizz\Desktop\adwcleaner.exe [2013.01.20 00:40:54 | 013,462,931 | ---- | C] () -- C:\Users\Querizz\Desktop\mbar-1.01.0.1016.zip [2012.11.15 12:25:47 | 003,130,440 | ---- | C] () -- C:\Windows\System32\pbsvc_blr.exe [2012.08.09 15:21:10 | 000,008,071 | ---- | C] () -- C:\Users\Querizz\Template o2.html [2012.05.07 16:49:08 | 000,000,600 | ---- | C] () -- C:\Users\Querizz\AppData\Roaming\winscp.rnd [2012.05.07 16:06:25 | 000,000,368 | ---- | C] () -- C:\Users\Querizz\index.html [2012.03.28 09:14:24 | 000,007,168 | ---- | C] () -- C:\Users\Querizz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.03.28 08:17:33 | 000,001,356 | ---- | C] () -- C:\Users\Querizz\AppData\Local\d3d9caps.dat [2012.02.20 16:16:39 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2012.02.20 16:16:39 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2011.05.28 01:40:53 | 000,000,719 | R--- | C] () -- C:\Windows\System32\InstExec.ini [2011.05.12 17:23:39 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2010.04.12 14:06:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009.10.17 10:12:54 | 000,008,452 | ---- | C] () -- C:\Users\Querizz\AppData\Roaming\PStrip.bk! [2009.10.08 14:45:20 | 000,009,650 | ---- | C] () -- C:\Users\Querizz\AppData\Roaming\PStrip.ini [2009.09.27 15:29:31 | 000,000,387 | ---- | C] () -- C:\Users\Querizz\AppData\Roaming\de.bundesrat.f.games.xml [2009.03.23 13:24:12 | 000,138,056 | ---- | C] () -- C:\Users\Querizz\AppData\Roaming\PnkBstrK.sys ========== ZeroAccess Check ========== [2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2009.06.02 09:27:44 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\Alarmstufe Rot 3 Der Aufstand [2009.10.18 12:43:11 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\Ashampoo [2010.04.28 11:21:57 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\Auslogics [2012.01.14 16:39:40 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\Canneverbe Limited [2009.05.26 08:01:36 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\Canon [2009.07.14 14:53:39 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\DAEMON Tools Lite [2009.07.14 14:28:57 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\DAEMON Tools Pro [2011.10.17 20:12:39 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\Day 1 Studios [2009.03.21 17:04:28 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\DisplayTune [2013.01.11 18:45:09 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\Dropbox [2011.12.28 17:39:43 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\DVDVideoSoft [2011.04.22 12:45:10 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\DVDVideoSoftIEHelpers [2009.06.15 20:43:18 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\GARMIN [2010.08.24 13:20:05 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\GrabPro [2010.11.26 22:58:05 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\Leadertech [2010.11.05 22:20:25 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\Orbit [2010.08.24 07:49:20 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\ProgSense [2009.03.27 14:08:53 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\Red Alert 3 [2012.03.26 19:22:11 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\Samsung [2009.03.31 13:29:07 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\SPORE [2010.08.01 02:37:57 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\Tropico 3 [2011.07.12 15:08:15 | 000,000,000 | ---D | M] -- C:\Users\Querizz\AppData\Roaming\Windows Live Writer ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 20.01.2013 00:53:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Querizz\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19393)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 2,82 Gb Available Physical Memory | 86,76% Memory free
10,23 Gb Paging File | 10,00 Gb Available in Paging File | 97,80% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 90,08 Gb Total Space | 5,24 Gb Free Space | 5,82% Space Free | Partition Type: NTFS
Drive D: | 208,01 Gb Total Space | 20,74 Gb Free Space | 9,97% Space Free | Partition Type: NTFS
Drive E: | 699,00 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: QUERIZZ-PC | User Name: Querizz | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1648288272-387162003-2992708448-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Orbitdownloader\orbitdm.exe" = C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files\Orbitdownloader\orbitnet.exe" = C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E75FDFF-F07E-4AE5-8C49-9E10F152C119}" = lport=67 | protocol=17 | dir=in | name=hamachi |
"{11E3855B-6C63-4E84-8347-C95250824C75}" = lport=137 | protocol=17 | dir=in | app=system |
"{1944F786-E0AD-4678-8BC1-0DEE46EA6CFB}" = lport=139 | protocol=6 | dir=in | app=system |
"{472DCCF4-133E-43E9-A4AC-E801DF3025F2}" = rport=138 | protocol=17 | dir=out | app=system |
"{4C2432C4-359B-4CA3-97F3-BD9F3EEB4C29}" = lport=445 | protocol=6 | dir=in | app=system |
"{67E3988A-CDDB-4C74-8B04-1C2214E2FCC7}" = rport=137 | protocol=17 | dir=out | app=system |
"{7E9731B4-2A63-4983-B048-A75A77A92860}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{881A9A3F-C524-415E-8A0E-30AF67811B9F}" = lport=138 | protocol=17 | dir=in | app=system |
"{BD812C00-C822-426A-843B-8CBB63C3A4F6}" = lport=68 | protocol=17 | dir=in | name=hamachi |
"{D5D8CE00-6C3E-4CF9-8DB7-C8663AE970A9}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D84C20ED-0831-4808-AD44-7F2C216C6584}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E0FED6B7-4DCA-4EE3-BDCE-D55F1496B083}" = rport=445 | protocol=6 | dir=out | app=system |
"{EDDAE351-54DE-425F-B21A-10FF721473CC}" = rport=139 | protocol=6 | dir=out | app=system |
"{FFCBA2E6-01AC-45F9-8352-7235CDABC3B8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0564E5D4-8D01-4046-9B8E-AF1205686238}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{0D2529A1-0A19-4071-BDA6-1790D10CE3D2}" = protocol=6 | dir=in | app=d:\games\mass effect 3\binaries\win32\masseffect3.exe |
"{0F0EA197-28DB-4F75-8944-1D0A6D11D541}" = protocol=17 | dir=in | app=d:\games\ubisoft\far cry 2\bin\fc2editor.exe |
"{12D3AD15-4DB9-4BD6-8706-58636B623158}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\metro 2033\metro2033.exe |
"{18EE0440-F98E-4FC0-A00B-72A9BF9BEDB3}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\blacklightretribution\blacklight retribution.exe |
"{1B263300-643D-403B-A9FA-FA43C7720F19}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2059F681-ED17-42F2-8436-251AACEF47BB}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\fear2\fear2.exe |
"{2E02900F-17A4-459A-9081-5D7F00B48477}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{2E93B4E5-6D27-40FD-B11F-1622E7CC5551}" = protocol=17 | dir=in | app=d:\games\electronic arts\mass effect 2\binaries\masseffect2.exe |
"{32DE3DB5-77F4-4B69-9EFA-EA7F42A9C55B}" = protocol=17 | dir=in | app=d:\games\steam\steam.exe |
"{39FB0F29-FC2B-426A-BA0A-BB22ED5BD4D4}" = protocol=17 | dir=in | app=d:\games\mass effect 3\binaries\win32\masseffect3.exe |
"{3D9CF8B2-AFB4-41BA-AB28-E5DCC2EE0D1D}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{3E93593B-DA67-4ED0-AD19-602721C1AA3C}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{4187143D-6A26-47FB-8051-4146D3450753}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{42DADA32-52D8-40B0-87A5-20BE3C34326C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{459B1FDE-0F73-4A31-954D-E192B5BF278E}" = protocol=6 | dir=in | app=d:\games\ubisoft\far cry 2\bin\fc2editor.exe |
"{45FDBE74-8FFC-45A2-865C-121CBB7DC3A4}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{46497780-CC72-4986-836A-D0D74E553974}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\metro 2033\metro2033.exe |
"{4953B1B6-55DA-43E4-8741-35EF34850EE7}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\f.e.a.r. 3\f.e.a.r. 3.exe |
"{56FDAF41-A6D8-496E-8034-DF4A2202A750}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\f.e.a.r. 3\f.e.a.r. 3.exe |
"{581BD6AD-2A1C-47A1-9B89-10104AF20AE4}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{5A55E0EE-37AB-4D78-B742-F110BF4EE1B1}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{69A85797-F973-4171-81D4-72ECF3776EFD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6D3A622C-08A4-470C-9942-CE6F798D5B4C}" = protocol=17 | dir=in | app=c:\program files\logmein hamachi\hamachi-2-ui.exe |
"{74F31D3E-7E9B-4606-AD23-8EED9893521E}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{77A03AE7-34B3-4BE0-A7C7-2003E797851F}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{790131C2-BA85-4E4B-878F-0404113822A3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{86A77BEB-87C7-468D-9C78-4CC8D708A110}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{86B213B8-DB24-4F16-B88E-5C949DDC3DCF}" = protocol=17 | dir=in | app=d:\games\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{8732F56F-351A-4B7C-8B8B-F910A0127997}" = protocol=6 | dir=in | app=d:\games\electronic arts\mass effect 2\binaries\masseffect2.exe |
"{8AE61E11-40CC-4D57-80CB-B234067C28A8}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\fear2\fear2.exe |
"{8CB54503-A012-41AA-A3CD-FE85E3D47C77}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8CB98243-D2AF-4CCE-BA26-9730A2BAE44F}" = protocol=6 | dir=in | app=d:\games\rockstar games\eflc\launcheflc.exe |
"{8E6757C0-54E8-4DB3-A347-92FE828FEBF4}" = protocol=17 | dir=in | app=d:\games\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe |
"{97101454-E0D8-4E8C-855B-DC448193A7B5}" = protocol=6 | dir=in | app=d:\games\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe |
"{9D72221E-C3A2-4605-A32D-61EF536E53B9}" = protocol=6 | dir=in | app=d:\games\electronic arts\mass effect 2\masseffect2launcher.exe |
"{AA7E2420-1DF1-48AF-A1A9-7EB5DFA95452}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\metro 2033\metro2033.exe |
"{B5FC9198-4C85-4DF6-82A7-14E353F06BAE}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{BA95BAE1-42F4-43C1-9E8C-CDAFB3DDE569}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\blacklightretribution\blacklight retribution.exe |
"{BF5FC550-FDBC-4F5B-A1FE-7BBD69A9C336}" = protocol=17 | dir=in | app=d:\games\rockstar games\eflc\launcheflc.exe |
"{C17D1B9A-F6D3-4981-AD86-C840C88A1B2E}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\metro 2033\metro2033.exe |
"{C54E6115-80AE-4612-AD1A-69DA60547777}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{C65C2AE8-56B4-4792-8589-0A00C60CC068}" = protocol=17 | dir=in | app=d:\games\electronic arts\mass effect 2\masseffect2launcher.exe |
"{CD899FE5-E6BF-4C41-8446-9444C802152B}" = protocol=6 | dir=in | app=d:\games\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{D0BD0D92-957E-42B0-AB28-DCEC3F057353}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{D23697E3-2837-42EE-82F7-5B868D405E5A}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{D6576361-27F7-49E3-B602-0CEEAEC04753}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{D70FCA4A-EA8E-47FA-821E-D01E58B11FD1}" = protocol=6 | dir=in | app=c:\program files\logmein hamachi\hamachi-2-ui.exe |
"{D7DA7212-4DB5-4AA1-822C-82F17869D721}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D7FBC8A0-7EC1-4109-8BCA-34743EC159BD}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{E282D684-B42C-45C5-A095-2F55623E1424}" = protocol=17 | dir=in | app=d:\games\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{ED20581A-1101-4EC7-A43D-540A03DF9AD4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{EF372EDF-5298-4393-B9A8-F30116FA0764}" = protocol=6 | dir=in | app=d:\games\steam\steam.exe |
"{F3360CA3-EF73-4D24-A33F-2026942EC0FB}" = protocol=6 | dir=in | app=d:\games\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{F9C52284-7D72-425E-93D3-0237670F1EDB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{005738F3-CF80-4F2E-934A-3E89590C4A85}D:\games\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=d:\games\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"TCP Query User{0288DC4B-7A86-43F3-87F1-F608FBD53494}D:\games\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\games\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{0BF87AAE-7608-4E02-A4D4-3BF23E358241}D:\games\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\games\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{37BE6384-13F8-4E61-BE8C-ED5AF8EB2542}C:\program files\logitech\logitech vid\vid.exe" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"TCP Query User{3EE5776E-5631-4749-9BAE-339AB9005E0E}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{4531BDB9-B2AC-42CF-BBA4-0784D6542158}D:\games\left4dead\hl2.exe" = protocol=6 | dir=in | app=d:\games\left4dead\hl2.exe |
"TCP Query User{4A7A678A-984D-4D41-B2C2-93D1FF992F84}D:\games\audiosurf\engine\questviewer.exe" = protocol=6 | dir=in | app=d:\games\audiosurf\engine\questviewer.exe |
"TCP Query User{4AEE10D6-C71F-4F30-B3E3-D63328B1565D}D:\games\rockstar games\eflc\eflc.exe" = protocol=6 | dir=in | app=d:\games\rockstar games\eflc\eflc.exe |
"TCP Query User{4ED56147-5FF9-4146-BE7E-37BF8FBDC7B4}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{5014EBDE-82F0-4820-851F-A3EB1388724F}D:\games\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=d:\games\ea sports\fifa 11\game\fifa.exe |
"TCP Query User{5CBF928C-B1E8-46FE-99CC-262DD883499B}D:\games\activision\call of duty - world at war\codwaw.exe" = protocol=6 | dir=in | app=d:\games\activision\call of duty - world at war\codwaw.exe |
"TCP Query User{6598E5C9-FA45-4094-91F1-7A10E4BEBE2E}D:\games\codemasters\dirt 3\dirt3_game.exe" = protocol=6 | dir=in | app=d:\games\codemasters\dirt 3\dirt3_game.exe |
"TCP Query User{6C4F42C1-482F-4B9B-90DF-C936CDA9E3F3}D:\games\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=d:\games\ea sports\fifa 11\game\fifa.exe |
"TCP Query User{7E007AB4-29A0-47F9-A1E9-ED8CBD8A2041}D:\games\activision\singularity(tm)\binaries\singularity.exe" = protocol=6 | dir=in | app=d:\games\activision\singularity(tm)\binaries\singularity.exe |
"TCP Query User{84CD93E4-1FD8-48A0-9B87-CB20C00274FB}D:\games\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=d:\games\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"TCP Query User{892C059F-A120-476D-92EE-00766EBB7DE4}D:\games\left4dead\hl2.exe" = protocol=6 | dir=in | app=d:\games\left4dead\hl2.exe |
"TCP Query User{8FE0D246-5E98-4842-8C48-E74BFE14E7AD}D:\games\electronic arts\alarmstufe rot 3\data\ra3_1.0.game" = protocol=6 | dir=in | app=d:\games\electronic arts\alarmstufe rot 3\data\ra3_1.0.game |
"TCP Query User{99620146-5937-4364-9AEE-B3F95A13F0C4}D:\games\rockstar games\eflc\eflc.exe" = protocol=6 | dir=in | app=d:\games\rockstar games\eflc\eflc.exe |
"TCP Query User{A3471D28-FC05-4280-A8D2-AB147932E5CC}D:\games\electronic arts\alarmstufe rot 3\data\ra3_1.0.game" = protocol=6 | dir=in | app=d:\games\electronic arts\alarmstufe rot 3\data\ra3_1.0.game |
"TCP Query User{A92F0E0F-7D68-449A-A819-9C72CD3E34DF}D:\games\team17\worms world party\wwp.exe" = protocol=6 | dir=in | app=d:\games\team17\worms world party\wwp.exe |
"TCP Query User{B5A0616D-2712-4756-A924-353A43A99DD3}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{C44D9BD7-1EB7-4A8C-85DA-BA6598A56618}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{CC5D165E-C7F9-4E38-8805-0DF4A7F9C204}D:\games\electronic arts\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=d:\games\electronic arts\crysis 2\bin32\crysis2.exe |
"TCP Query User{D447962F-F8DE-4FCE-B656-81607D2E4E32}C:\users\querizz\desktop\hero zero sidekick\herozerosidekick.exe" = protocol=6 | dir=in | app=c:\users\querizz\desktop\hero zero sidekick\herozerosidekick.exe |
"TCP Query User{D86F5BA2-2413-4649-8D8E-B83795C548E4}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{E73B22EB-C302-44F6-AE34-41090E231641}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{EE1BD7DD-85C4-4748-BC14-EC782DED5266}D:\downloads\call of duty\blackops.exe" = protocol=6 | dir=in | app=d:\downloads\call of duty\blackops.exe |
"UDP Query User{0501779F-9E30-4DAC-B517-EA8A7978B7B7}D:\games\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=d:\games\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"UDP Query User{0A6DFE8D-DB15-41DD-9BFF-583C50C45F61}D:\games\codemasters\dirt 3\dirt3_game.exe" = protocol=17 | dir=in | app=d:\games\codemasters\dirt 3\dirt3_game.exe |
"UDP Query User{0DD0E993-DAB3-4DE2-B487-9DD75D64C5C1}C:\users\querizz\desktop\hero zero sidekick\herozerosidekick.exe" = protocol=17 | dir=in | app=c:\users\querizz\desktop\hero zero sidekick\herozerosidekick.exe |
"UDP Query User{11114D27-7EF2-4AF8-90C8-5D21CE72B7BF}D:\games\left4dead\hl2.exe" = protocol=17 | dir=in | app=d:\games\left4dead\hl2.exe |
"UDP Query User{19E66AAB-D35C-4C1C-83A0-F46B3A2C919B}D:\games\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\games\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{1C11BAD7-BCD9-4168-BC58-D30CAEE9A66E}D:\games\audiosurf\engine\questviewer.exe" = protocol=17 | dir=in | app=d:\games\audiosurf\engine\questviewer.exe |
"UDP Query User{2222546D-5D98-4B3E-A0E5-A576C7C3CA85}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{32680853-B8FF-4000-8D76-ABD72601BD9C}D:\games\electronic arts\alarmstufe rot 3\data\ra3_1.0.game" = protocol=17 | dir=in | app=d:\games\electronic arts\alarmstufe rot 3\data\ra3_1.0.game |
"UDP Query User{39871973-4E03-4A39-9E4F-7A396BCA7527}D:\games\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=d:\games\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{4E5C6F68-FFB3-4D5B-8DCD-D939DA6C4D85}D:\games\rockstar games\eflc\eflc.exe" = protocol=17 | dir=in | app=d:\games\rockstar games\eflc\eflc.exe |
"UDP Query User{6CD50FCF-E224-4C7C-8CD9-CE3BEDD2D2D6}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{767AE8F5-E882-4B9E-8368-57DA5520FF74}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{7799F50A-B7AD-4617-8124-EC274145F957}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{8F4FF18E-96F3-47D0-A0E1-03975B5BB242}C:\program files\logitech\logitech vid\vid.exe" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"UDP Query User{96D4E7A9-9236-4C1B-BA72-9A0872D84EC8}D:\games\activision\call of duty - world at war\codwaw.exe" = protocol=17 | dir=in | app=d:\games\activision\call of duty - world at war\codwaw.exe |
"UDP Query User{9837E23D-133E-41C7-9B66-CA83D58A076C}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{A0A3FE4A-951B-4A79-98ED-6A64BD00CBFF}D:\games\electronic arts\alarmstufe rot 3\data\ra3_1.0.game" = protocol=17 | dir=in | app=d:\games\electronic arts\alarmstufe rot 3\data\ra3_1.0.game |
"UDP Query User{A2B2C8A1-E0DC-4352-A235-78FD0986393F}D:\games\team17\worms world party\wwp.exe" = protocol=17 | dir=in | app=d:\games\team17\worms world party\wwp.exe |
"UDP Query User{B5953CA8-5B0E-49DF-A397-7542606181E7}D:\games\activision\singularity(tm)\binaries\singularity.exe" = protocol=17 | dir=in | app=d:\games\activision\singularity(tm)\binaries\singularity.exe |
"UDP Query User{B5A03607-1634-4007-9860-D050FB0E2D6F}D:\downloads\call of duty\blackops.exe" = protocol=17 | dir=in | app=d:\downloads\call of duty\blackops.exe |
"UDP Query User{B79ACB88-5330-49E4-8761-AA3F844F8115}D:\games\electronic arts\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=d:\games\electronic arts\crysis 2\bin32\crysis2.exe |
"UDP Query User{D2857AB1-ECE4-47C7-8EB9-182BC558C684}D:\games\rockstar games\eflc\eflc.exe" = protocol=17 | dir=in | app=d:\games\rockstar games\eflc\eflc.exe |
"UDP Query User{D6FFFFD5-E771-49A5-8A77-AC214B8A7977}D:\games\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\games\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{DDDFDBF7-4554-4A52-81BC-8304F1E09774}D:\games\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=d:\games\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{E79576F0-86B4-4E73-84A9-96B6C7620234}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{F1932243-6986-4130-8AE0-0B07657D244D}D:\games\left4dead\hl2.exe" = protocol=17 | dir=in | app=d:\games\left4dead\hl2.exe |
"UDP Query User{F5067369-3069-4D97-9B12-25BF5FC85B12}D:\games\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=d:\games\2k games\gearbox software\borderlands\binaries\borderlands.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160" = Canon MP160
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Alarmstufe Rot 3
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{636A7142-586A-4DF7-9207-191A2AF5610C}_is1" = AusLogics BoostSpeed
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A9D1594-7791-48f5-9CAA-DE9BCB968320}" = Mass Effect™ 3
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{894084B6-BC69-43B7-BF06-B93AECFEA520}" = GameSpy Comrade
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{94A065E8-455D-41C1-AF1F-F0C1AF8F50F3}" = Microsoft IntelliType Pro 7.0
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A200E68-D5F4-4E70-910F-2871753A0E2B}" = Worms World Party
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A10D9B03-AABB-47D7-8A30-2FEA97E70BC7}" = Quake Live Mozilla Plugin
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.2 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C07B86C3-1816-4C59-927E-0287925DFB96}" = Garmin City Navigator Europe NT 2010 Update
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D47087E7-AA15-4D1D-8C0A-60F7E446D597}" = PSP ISO Compressor
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D801B39E-CE01-409F-8E7C-B7976EA3C9DC}_is1" = Audiosurf
"{D9DA2DF6-8CB6-4E3C-A29E-FAECFBA3E9A7}" = Garmin POI Loader
"{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}" = forteManager
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDE59617-F59A-473B-BC4E-C2B81F6CD38D}" = Command & Conquer™ Alarmstufe Rot 3 Der Aufstand
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E89B484C-B913-49A0-959B-89E836001658}" = GEAR 32bit Driver Installer
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF71A531-5B6C-4B20-8D1E-E6379C7FB6D3}" = Microsoft IntelliPoint 7.0
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Alan Wake_is1" = Alan Wake
"Ashampoo ClipFinder HD_is1" = Ashampoo ClipFinder HD 2.06
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"Canon MP160 Benutzerregistrierung" = Canon MP160 Benutzerregistrierung
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"C-Media C6501 Like Sound Driver" = C-Media CM6501 Like Sound Driver
"Crysis 2_is1" = Crysis 2 REPACK [HULUMULUCH]
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.2
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube Download_is1" = Free YouTube Download 2.9
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.14.1206
"HijackThis" = HijackThis 2.0.2
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator 3.0" = Canon MP Navigator 3.0
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Orbit_is1" = Orbit Downloader
"PunkBusterSvc" = PunkBuster Services
"QcDrv" = Logitech® Camera-Treiber
"RAGE Rip_is1" = RAGE Rip [HULUMULUCH]
"Steam App 209870" = Blacklight: Retribution
"Steam App 21100" = F.E.A.R. 3
"Steam App 220" = Half-Life 2
"Steam App 43110" = Metro 2033
"SystemRequirementsLab" = System Requirements Lab
"Theme Park World" = Theme Park World
"TIPP10_is1" = TIPP10 Version 2.1.0
"Tropico3" = Tropico 3 1.00
"Uninstall_is1" = Uninstall 1.0.0.1
"Update Service" = Update Service
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VLC media player 0.9.9
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.3.7
"xp-AntiSpy" = xp-AntiSpy 3.97-9
"xvid" = XviD MPEG-4 Video Codec
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1648288272-387162003-2992708448-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 07.10.2011 01:41:26 | Computer Name = Querizz-PC | Source = WinMgmt | ID = 10
Description =
Error - 07.10.2011 10:55:38 | Computer Name = Querizz-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 07.10.2011 10:55:38 | Computer Name = Querizz-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 07.10.2011 10:56:16 | Computer Name = Querizz-PC | Source = WinMgmt | ID = 10
Description =
Error - 09.10.2011 16:30:03 | Computer Name = Querizz-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 09.10.2011 16:30:03 | Computer Name = Querizz-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 09.10.2011 16:30:30 | Computer Name = Querizz-PC | Source = WinMgmt | ID = 10
Description =
Error - 10.10.2011 10:44:48 | Computer Name = Querizz-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10.10.2011 10:44:48 | Computer Name = Querizz-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10.10.2011 10:45:14 | Computer Name = Querizz-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 19.01.2013 19:53:43 | Computer Name = Querizz-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 19.01.2013 19:53:43 | Computer Name = Querizz-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 19.01.2013 19:53:43 | Computer Name = Querizz-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 19.01.2013 19:53:43 | Computer Name = Querizz-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 19.01.2013 19:53:43 | Computer Name = Querizz-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 19.01.2013 19:53:43 | Computer Name = Querizz-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 19.01.2013 19:53:43 | Computer Name = Querizz-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 19.01.2013 19:53:43 | Computer Name = Querizz-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 19.01.2013 19:53:43 | Computer Name = Querizz-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 19.01.2013 19:53:43 | Computer Name = Querizz-PC | Source = Service Control Manager | ID = 7001
Description =
< End of report >
|
|
21.01.2013, 12:32
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Avira Antivir findet JAVA/Agent.LP, EXP/JAVA.Ternub.Gen und EXP/CVE-2012-0507.AR Zitat:
Bitte alles nach Möglichkeit hier in CODE-Tags posten.  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
| Themen zu Avira Antivir findet JAVA/Agent.LP, EXP/JAVA.Ternub.Gen und EXP/CVE-2012-0507.AR |
| antivir, audacity, avira, bho, bonjour, browser, converter, desktop, excel, exp/cve-2012-0507.ar, exp/java.ternub.gen, firefox, flash player, geld, grand theft auto, hijack, hilfreich, home, internet browser, internet explorer, java/agent.lp, logfile, mozilla, mp3, nvidia update, office 2007, plug-in, registrierungsdatenbank, registry, scan, security, software, stick, taskmanager, viren, vista, wscript.exe |
Linear-Darstellung
