| |
| |||||||
Log-Analyse und Auswertung: Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
02.07.2011, 22:13
| #16 |
 |  Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsam Prima - da mach ich mich gleich mal dran - Logs poste ich alle gemeinsam zum Schluß oder nach den einzelnen Schritten? |
|
02.07.2011, 22:50
| #17 |
| | Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsam Hier kommt der GMER-Log - inkl. Hinweis auf rootkit :-( :
__________________Code:
ATTFilter GMER Logfile: |
|
02.07.2011, 23:17
| #18 |
| | Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsam Hier die MBR.LOG aus WINDOWS\SHELL32 (nicht C:\)
__________________Code:
ATTFilter Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, hxxp://www.gmer.net
Windows 6.0.6002 Disk: Hitachi_HDT725025VLA380 rev.V5DOA7BA -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll acpi.sys >>UNKNOWN [0x884AF4D0]<<
C:\Windows\system32\DRIVERS\hpdskflt.sys Hewlett-Packard Corporation Hewlett-Packard Corporation Mobile Data Protection System
1 ntkrnlpa!IofCallDriver[0x8345A912] -> \Device\Harddisk0\DR0[0x876E9728]
3 CLASSPNP[0x83A0C8B3] -> ntkrnlpa!IofCallDriver[0x8345A912] -> [0x8771F2A8]
5 hpdskflt[0x8D5A8F05] -> ntkrnlpa!IofCallDriver[0x8345A912] -> [0x877288A8]
7 acpi[0x8069B6BC] -> ntkrnlpa!IofCallDriver[0x8345A912] -> [0x86D5F5E0]
\Driver\atapi[0x87903C38] -> IRP_MJ_CREATE -> 0x884AF4D0
error: Read Ein an das System angeschlossenes Gerät funktioniert nicht.
kernel: MBR read successfully
user & kernel MBR OK
|
|
02.07.2011, 23:29
| #19 |
| | Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsam Als nächstes das OTL-FIX-Ergebnis Code:
ATTFilter All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Programme\ICQ6Toolbar\1104271012\ICQToolBar.dll moved successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{9d81af43-de53-48d0-a199-42c2a226b24c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d81af43-de53-48d0-a199-42c2a226b24c}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ not found.
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "hxxp://start.icq.com/skins7/" removed from browser.startup.homepage
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\lib folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome folder moved successfully.
C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\SearchquWebSearch.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\yahoo-en-GB.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FF99715-3016-4381-84CE-E4E4C9673020}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020}\ deleted successfully.
C:\Programme\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FF99715-3016-4381-84CE-E4E4C9673020} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020}\ not found.
File C:\Programme\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Programme\ICQ6Toolbar\1104271012\ICQToolBar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\{1289D823-E624-5CEE-AB7E-EC96825F68C4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1289D823-E624-5CEE-AB7E-EC96825F68C4}\ not found.
C:\Users\Standard\AppData\Roaming\Arxue\waenw.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\4Y3Y0C3A9F7W1ZYDRRQYR deleted successfully.
C:\Recycle.Bin\B6232F3ACEA.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94db7882-308c-11e0-94d3-001e9065ba16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94db7882-308c-11e0-94d3-001e9065ba16}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94db7882-308c-11e0-94d3-001e9065ba16}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94db7882-308c-11e0-94d3-001e9065ba16}\ not found.
File I:\setup\rsrc\Autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94db7882-308c-11e0-94d3-001e9065ba16}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94db7882-308c-11e0-94d3-001e9065ba16}\ not found.
File I:\Directx\dxsetup.exe not found.
C:\Users\Standard\AppData\Roaming\Uduzaw folder moved successfully.
C:\Users\Standard\AppData\Roaming\Arxue folder moved successfully.
C:\Users\Standard\Desktop\nvbbobxg.exe moved successfully.
C:\ProgramData\mtbjfghn.xbe moved successfully.
========== FILES ==========
C:\iduhsfuisdf folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 3512607 bytes
->Temporary Internet Files folder emptied: 75613148 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 17827437 bytes
->Flash cache emptied: 2479 bytes
User: All Users
User: ap
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Standard
->Temp folder emptied: 1401 bytes
->Temporary Internet Files folder emptied: 4563729 bytes
->Java cache emptied: 8676240 bytes
->FireFox cache emptied: 64145542 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 57159 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 55134295 bytes
RecycleBin emptied: 136011437 bytes
Total Files Cleaned = 349,00 mb
OTL by OldTimer - Version 3.2.24.1 log created on 07032011_002003
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
|
|
03.07.2011, 01:21
| #20 |
| | Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsam MBAM-Log: Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Datenbank Version: 7005
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19048
03.07.2011 02:20:32
mbam-log-2011-07-03 (02-20-32).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 478024
Laufzeit: 1 Stunde(n), 45 Minute(n), 49 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 3
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{1289D823-E624-5CEE-AB7E-EC96825F68C4} (Trojan.ZbotR.Gen) -> Value: {1289D823-E624-5CEE-AB7E-EC96825F68C4} -> Quarantined and deleted successfully.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
c:\Recycle.Bin (Trojan.Spyeyes) -> Delete on reboot.
Infizierte Dateien:
c:\_OTL\movedfiles\07032011_002003\c_recycle.bin\b6232f3acea.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Recycle.Bin\7cca0afe1ab2866 (Trojan.Spyeyes) -> Quarantined and deleted successfully.
c:\Recycle.Bin\config.bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.
|
|
03.07.2011, 01:40
| #21 |
| | Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsam und dann zuletzt noch die neuerlichen OTL-Logs. Zwischeninfo:
OTL: OTL Logfile: Code:
ATTFilter OTL logfile created on: 03.07.2011 02:33:57 - Run 5 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Standard\Desktop\Tools Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19048) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 61,87% Memory free 6,69 Gb Paging File | 5,51 Gb Available in Paging File | 82,36% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 118,71 Gb Free Space | 50,97% Space Free | Partition Type: NTFS Computer Name: TOBIAS-PC | User Name: Standard | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.07.02 14:18:25 | 000,428,200 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe PRC - [2011.07.02 14:18:25 | 000,340,136 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe PRC - [2011.07.02 14:18:25 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2011.06.26 18:57:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Standard\Desktop\Tools\OTL.exe PRC - [2011.06.26 11:16:26 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2011.06.26 11:16:13 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2011.06.26 11:16:08 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.06.16 06:32:38 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2011.05.25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe PRC - [2011.04.19 08:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psi_tray.exe PRC - [2011.01.05 04:58:02 | 000,397,312 | ---- | M] (AMD) -- C:\WINDOWS\System32\atieclxx.exe PRC - [2011.01.05 04:57:32 | 000,176,128 | ---- | M] (AMD) -- C:\WINDOWS\System32\atiesrxx.exe PRC - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe PRC - [2010.09.21 15:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2010.09.21 15:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009.09.28 10:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009.09.22 18:29:54 | 001,528,320 | ---- | M] (Elgato Systems) -- C:\Programme\Common Files\TerraTec\Remote\TTTvRc.exe PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2009.03.08 13:34:00 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\ielowutil.exe PRC - [2008.07.11 02:27:52 | 040,999,448 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe PRC - [2008.07.10 02:49:44 | 000,098,840 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe PRC - [2008.07.06 17:31:02 | 000,331,776 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\KMProcess.exe PRC - [2008.06.23 21:28:08 | 000,208,896 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\KMWDSrv.exe PRC - [2008.06.14 01:02:04 | 000,397,312 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\KMCONFIG.exe PRC - [2008.05.30 01:22:38 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\StartAutorun.exe PRC - [2008.04.15 18:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2008.04.15 18:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2008.02.12 22:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2007.12.11 13:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\WINDOWS\System32\agrsmsvc.exe PRC - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2007.05.10 13:18:10 | 000,835,584 | ---- | M] () -- C:\WINDOWS\vsnp325.exe PRC - [2007.04.21 09:36:50 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnp325.exe PRC - [2007.02.12 14:50:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\MDM.EXE ========== Modules (SafeList) ========== MOD - [2011.06.26 18:57:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Standard\Desktop\Tools\OTL.exe MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (Recovery Service for Windows) SRV - [2011.07.02 14:18:25 | 000,428,200 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2011.07.02 14:18:25 | 000,340,136 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService) SRV - [2011.07.02 14:18:25 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.06.26 11:16:26 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.06.10 18:55:48 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2011.01.15 16:06:42 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011.01.05 04:57:32 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\WINDOWS\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2009.09.28 10:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010\Dfsdks.exe -- (DfSdkS) SRV - [2008.07.29 18:20:14 | 000,067,072 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Stopped] -- C:\WINDOWS\System32\ATKFUSService.exe -- (ATKFUSService) SRV - [2008.06.23 21:28:08 | 000,208,896 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Programme\Keyboard & Mouse Driver\KMWDSrv.exe -- (KMWDSERVICE) SRV - [2008.04.15 18:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2008.02.12 22:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe -- (AESTFilters) SRV - [2008.02.03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\WINDOWS\System32\ezsvc7.dll -- (ezSharedSvc) SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.12.11 13:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) ========== Driver Services (SafeList) ========== DRV - [2011.07.02 14:18:26 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011.07.02 14:18:26 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2011.01.05 05:36:10 | 006,789,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2011.01.05 05:36:10 | 006,789,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2011.01.05 04:19:18 | 000,235,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2011.01.02 01:04:00 | 000,722,416 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010.11.17 14:04:12 | 000,097,296 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService) DRV - [2010.06.10 14:32:14 | 000,035,840 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\npf_devolo.sys -- (NPF_devolo) NetGroup Packet Filter Driver (devolo) DRV - [2009.07.17 18:02:02 | 000,335,872 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\rt61.sys -- (RT61) DRV - [2009.07.17 02:41:49 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\SSPORT.SYS -- (SSPORT) DRV - [2009.05.14 09:48:04 | 000,762,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\UDXTTM6010.sys -- (UDXTTM6010) DRV - [2009.05.11 11:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\hamachi.sys -- (hamachi) DRV - [2009.02.13 11:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008.08.06 17:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008.07.29 18:20:16 | 000,030,976 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ATKDispLowFilter.sys -- (atkdisplf) DRV - [2008.07.29 18:20:16 | 000,015,232 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\asusgsb.sys -- (asusgsb) DRV - [2008.07.10 02:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\RsFx0102.sys -- (RsFx0102) DRV - [2008.04.27 18:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2008.04.27 12:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr) DRV - [2008.04.15 20:19:54 | 000,378,368 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008.04.01 13:14:10 | 000,081,296 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\jmcr.sys -- (JMCR) DRV - [2008.03.27 13:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV - [2008.03.27 13:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2008.03.22 11:31:58 | 000,017,024 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\KMWDFILTER.sys -- (KMWDFilter) DRV - [2008.02.29 17:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2008.01.24 15:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\enecir.sys -- (enecir) DRV - [2007.07.11 10:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid) DRV - [2007.06.18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2007.05.30 19:14:58 | 000,016,640 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) DRV - [2007.05.07 17:58:44 | 010,343,168 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\snp325.sys -- (SNP325) USB PC Camera (SNPSTD325) DRV - [2007.01.29 17:12:52 | 000,018,432 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\AsusVRC.sys -- (ASUSVRC) DRV - [2006.11.10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\afc.sys -- (Afc) DRV - [2006.11.02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD) DRV - [2006.07.24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2004.09.12 09:45:28 | 000,008,320 | ---- | M] (Ruling Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dyncal.sys -- (DynCal) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/skins7/" FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - user.js..browser.search.openintab: false FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.02 21:15:52 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.18 10:16:01 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.07.02 14:17:41 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.06.18 10:16:01 | 000,000,000 | ---D | M] [2011.05.29 18:30:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Extensions [2010.09.01 10:06:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011.07.03 00:20:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions [2009.08.30 11:37:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\personas@christopher.beard [2011.06.13 23:05:44 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\plugin@yontoo.com [2011.07.02 14:36:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\psvooo35.default\extensions [2011.06.14 18:32:19 | 000,000,000 | ---D | M] (Maximum AdBlock) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\psvooo35.default\extensions\ozymandias@securityheroes.com [2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\944s7en5.default\searchplugins\icqplugin.xml [2011.07.03 00:20:11 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.03.10 22:24:04 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.06.26 18:58:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.14 19:50:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.11.08 21:25:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.06.13 23:06:07 | 000,000,000 | ---D | M] (Babylon) -- C:\Programme\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2011.06.16 06:32:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll [2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.01.01 10:00:00 | 000,001,538 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazon-en-GB.xml [2011.06.13 23:05:52 | 000,002,226 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\babylon.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,000,947 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\chambers-en-GB.xml [2010.01.01 10:00:00 | 000,001,180 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-en-GB.xml O1 HOSTS File: ([2011.06.26 18:39:42 | 000,000,098 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (GdfrDUEn Class) - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - C:\Programme\Get Styles\enlbrdr.dll (TODO: <Company name>) O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo Layers\YontooIEClient.dll (Yontoo LLC) O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe () O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [KMCONFIG] File not found O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [snp325] C:\WINDOWS\vsnp325.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe () O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [Remote Control Editor] C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe (Elgato Systems) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8 - Extra context menu item: Free YouTube Download - C:\Users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam) O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O9 - Extra Button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Programme\Get Styles\ct.htm () O9 - Extra 'Tools' menuitem : GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Programme\Get Styles\ct.htm () O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} hxxp://support.euro.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\text/html {574940E0-1B7A-4881-8FA3-1E809714B156} - Reg Error: Key error. File not found O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~1\windows searchqu toolbar\datamngr\datamngr.dll) - c:\Programme\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Discordia, LTD) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\WINDOWS\System32\ezShellStart.exe (EasyBits Software AS) O24 - Desktop WallPaper: C:\Users\Standard\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Standard\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\WINDOWS\System32\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.07.02 20:07:42 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\HpUpdate [2011.07.02 20:07:25 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard [2011.07.02 19:59:43 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Secunia PSI [2011.07.02 19:59:34 | 000,000,000 | ---D | C] -- C:\Programme\Secunia [2011.07.02 15:32:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.07.02 15:32:02 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2011.06.26 18:39:42 | 000,000,000 | ---D | C] -- C:\_OTL [2011.06.25 23:27:07 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011.06.25 20:58:50 | 000,000,000 | ---D | C] -- C:\Users\Standard\Desktop\Tools [2011.06.25 19:07:16 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Malwarebytes [2011.06.25 19:06:09 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.06.25 19:06:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.06.25 19:06:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.06.25 19:06:04 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.06.25 19:06:04 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.06.17 19:49:54 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA% [2011.06.17 14:43:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2011.06.17 14:27:36 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\go [2011.06.17 14:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Easybits GO [2011.06.14 18:32:20 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\SecurityHeroes [2011.06.14 12:32:17 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys [2011.06.14 12:32:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2011.06.14 12:31:58 | 000,000,000 | ---D | C] -- C:\Programme\LogMeIn Hamachi [2011.06.14 12:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch [2011.06.13 23:25:07 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2011.06.13 23:05:37 | 000,000,000 | ---D | C] -- C:\Programme\Yontoo Layers [2011.06.13 23:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2011.06.13 23:04:44 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\MediaGet2 [2011.06.13 18:41:09 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Activision [2011.06.11 16:40:52 | 000,000,000 | ---D | C] -- C:\Programme\THQ [2011.06.11 16:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.06.11 16:38:02 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\SKIDROW [2011.06.11 16:37:26 | 000,000,000 | ---D | C] -- C:\Programme\iPod [2011.06.11 16:37:22 | 000,000,000 | ---D | C] -- C:\Programme\iTunes [2011.06.11 10:18:46 | 000,000,000 | ---D | C] -- C:\Programme\DAMN NFO Viewer [2011.06.11 10:13:01 | 000,000,000 | ---D | C] -- C:\Users\Standard\Documents\My Games [2011.06.10 18:53:35 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Steam [2011.06.10 18:53:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2011.06.10 18:53:31 | 000,000,000 | ---D | C] -- C:\Programme\Steam [2009.04.15 13:48:43 | 000,147,456 | ---- | C] ( ) -- C:\Windows\System32\rsnp325.dll [2009.04.15 13:48:43 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\vsnp325.dll [2009.04.15 13:48:43 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp325.dll ========== Files - Modified Within 30 Days ========== [2011.07.03 02:24:41 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.07.03 02:24:28 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.07.03 02:24:27 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.07.03 02:24:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.07.03 02:24:06 | 3488,997,376 | -HS- | M] () -- C:\hiberfil.sys [2011.07.02 23:51:15 | 000,089,088 | ---- | M] () -- C:\Windows\System32\mbr.exe [2011.07.02 22:19:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.07.02 19:59:36 | 000,000,899 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2011.07.02 15:37:03 | 000,000,702 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110702_153657.reg [2011.07.02 15:36:31 | 000,092,782 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110702_153623.reg [2011.07.02 14:18:26 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011.07.02 14:18:26 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2011.06.26 19:03:18 | 000,000,020 | ---- | M] () -- C:\Users\Standard\defogger_reenable [2011.06.26 18:55:24 | 000,736,020 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.06.26 18:55:24 | 000,696,750 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.06.26 18:55:24 | 000,168,278 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.06.26 18:55:24 | 000,142,466 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.06.26 18:39:42 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts [2011.06.26 13:39:00 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk [2011.06.26 13:20:54 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011.06.26 11:14:23 | 000,003,450 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110626_111419.reg [2011.06.25 23:29:04 | 000,000,000 | ---- | M] () -- C:\Windows\System32\.1 [2011.06.25 23:18:05 | 002,250,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.06.18 16:27:04 | 000,010,580 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110618_162654.reg [2011.06.18 10:19:13 | 000,101,980 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110618_101904.reg [2011.06.17 20:11:42 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011.06.17 20:11:42 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2011.06.16 11:03:38 | 000,270,776 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr [2011.06.16 11:01:19 | 000,111,928 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0 [2011.06.13 10:54:37 | 000,022,328 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\PnkBstrK.sys [2011.06.12 08:35:07 | 000,002,032 | ---- | M] () -- C:\Users\Standard\AppData\Local\d3d9caps.dat [2011.06.11 16:38:59 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk ========== Files Created - No Company Name ========== [2011.07.02 23:52:36 | 000,089,088 | ---- | C] () -- C:\Windows\System32\mbr.exe [2011.07.02 19:59:36 | 000,000,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2011.07.02 19:59:36 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk [2011.07.02 15:36:58 | 000,000,702 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110702_153657.reg [2011.07.02 15:36:27 | 000,092,782 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110702_153623.reg [2011.06.26 19:02:56 | 000,000,020 | ---- | C] () -- C:\Users\Standard\defogger_reenable [2011.06.26 13:39:00 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk [2011.06.26 11:14:21 | 000,003,450 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110626_111419.reg [2011.06.25 23:29:04 | 000,000,000 | ---- | C] () -- C:\Windows\System32\.1 [2011.06.25 20:55:07 | 3488,997,376 | -HS- | C] () -- C:\hiberfil.sys [2011.06.18 16:27:00 | 000,010,580 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110618_162654.reg [2011.06.18 10:19:09 | 000,101,980 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110618_101904.reg [2011.06.18 10:16:01 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk [2011.06.17 20:11:42 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2011.06.17 20:11:42 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2011.06.17 14:28:58 | 000,001,589 | ---- | C] () -- C:\Users\Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spielen (EasyBits GO).lnk [2011.06.11 16:38:59 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.04.22 10:53:20 | 000,104,272 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2011.02.22 17:21:53 | 000,022,328 | ---- | C] () -- C:\Users\Standard\AppData\Roaming\PnkBstrK.sys [2011.01.05 04:17:40 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll [2010.12.15 21:33:32 | 000,002,975 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2010.12.08 19:35:34 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010.12.02 19:47:31 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll [2010.10.28 00:13:58 | 000,226,857 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2010.07.02 17:49:56 | 000,762,232 | ---- | C] () -- C:\Windows\System32\drivers\UDXTTM6010.sys [2010.02.27 17:35:01 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2010.02.11 09:58:56 | 000,004,096 | ---- | C] () -- C:\Windows\System32\detoured.dll [2010.02.07 12:42:46 | 000,479,232 | ---- | C] () -- C:\Windows\ssndii.exe [2010.02.07 12:42:20 | 000,026,624 | ---- | C] () -- C:\Windows\System32\ssp4ml3.dll [2009.12.12 19:12:18 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009.09.26 16:23:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\AlfaBIG32.dll [2009.09.24 15:26:17 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.09.24 15:26:17 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.08.31 14:03:42 | 000,262,144 | ---- | C] () -- C:\Windows\System32\EMRegSys.dll [2009.05.24 11:58:18 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2009.05.24 11:50:24 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2009.04.27 19:29:44 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll [2009.04.27 19:29:44 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe [2009.04.17 12:11:26 | 000,020,480 | ---- | C] () -- C:\Users\Standard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.04.15 13:48:44 | 000,835,584 | ---- | C] () -- C:\Windows\vsnp325.exe [2009.04.15 13:48:44 | 000,270,336 | ---- | C] () -- C:\Windows\tsnp325.exe [2009.04.15 13:48:44 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe [2009.04.15 13:48:44 | 000,015,498 | ---- | C] () -- C:\Windows\snp325.ini [2009.04.15 13:38:56 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat [2009.04.14 21:28:16 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2009.04.14 20:31:54 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2009.02.20 12:21:43 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009.01.28 10:08:03 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll [2009.01.28 09:51:29 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009.01.27 17:39:37 | 000,002,032 | ---- | C] () -- C:\Users\Standard\AppData\Local\d3d9caps.dat [2008.09.29 00:09:32 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2008.07.02 18:10:15 | 000,736,020 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.07.02 18:10:15 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.07.02 18:10:15 | 000,168,278 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.07.02 18:10:15 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2008.07.02 09:51:54 | 000,008,308 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat [2008.03.05 05:38:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe [2007.09.20 12:33:52 | 003,190,784 | ---- | C] () -- C:\Windows\System32\libavcodec.dll [2007.09.20 12:33:52 | 000,741,376 | ---- | C] () -- C:\Windows\System32\audxlib.dll [2007.09.20 12:33:52 | 000,662,016 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2007.09.20 12:33:52 | 000,511,488 | ---- | C] () -- C:\Windows\System32\ff_x264.dll [2007.09.20 12:33:52 | 000,405,504 | ---- | C] () -- C:\Windows\System32\libmplayer.dll [2007.09.20 12:33:52 | 000,245,760 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll [2007.09.20 12:33:52 | 000,221,184 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll [2007.09.20 12:33:52 | 000,200,704 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll [2007.09.20 12:33:52 | 000,155,648 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll [2007.09.20 12:33:52 | 000,143,360 | ---- | C] () -- C:\Windows\System32\ff_theora.dll [2007.09.20 12:33:52 | 000,122,880 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll [2007.09.20 12:33:52 | 000,118,784 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll [2007.09.20 12:33:52 | 000,114,688 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll [2007.09.20 12:33:52 | 000,097,280 | ---- | C] () -- C:\Windows\System32\ff_realaac.dll [2007.09.20 12:33:52 | 000,079,872 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll [2007.09.20 12:33:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll [2007.09.20 12:33:52 | 000,038,400 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll [2007.09.20 12:33:52 | 000,026,624 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll [2007.09.20 12:33:52 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 002,250,176 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,696,750 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,142,466 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.02.23 18:37:18 | 000,047,104 | ---- | C] () -- C:\Windows\System32\dsfFLACEncoder.dll [2006.02.23 17:37:06 | 000,047,616 | ---- | C] () -- C:\Windows\System32\dsfVorbisDecoder.dll [2006.02.23 17:36:22 | 000,102,400 | ---- | C] () -- C:\Windows\System32\dsfOggDemux2.dll [2006.02.23 17:35:56 | 000,053,248 | ---- | C] () -- C:\Windows\System32\dsfOGMDecoder.dll [2006.02.23 17:35:44 | 000,053,248 | ---- | C] () -- C:\Windows\System32\dsfNativeFLACSource.dll [2006.02.23 17:35:40 | 000,049,664 | ---- | C] () -- C:\Windows\System32\dsfFLACDecoder.dll [2006.02.23 17:34:58 | 000,083,456 | ---- | C] () -- C:\Windows\System32\libFLAC++.dll [2006.02.23 17:34:56 | 000,106,496 | ---- | C] () -- C:\Windows\System32\libFishSound.dll [2006.02.23 17:34:38 | 000,029,696 | ---- | C] () -- C:\Windows\System32\libOOOggSeek.dll [2006.02.23 17:34:26 | 001,108,480 | ---- | C] () -- C:\Windows\System32\vorbis.dll [2006.02.23 17:34:16 | 000,049,152 | ---- | C] () -- C:\Windows\System32\libOOogg.dll [2006.02.23 17:33:54 | 000,140,288 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2005.04.08 04:16:43 | 000,014,716 | -H-- | C] () -- C:\Users\Standard\AppData\Roaming\Standardlog.dat [2004.10.11 11:19:00 | 000,092,672 | ---- | C] () -- C:\Windows\System32\ASUSASV2.DLL [2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI ========== LOP Check ========== [2010.12.31 22:30:50 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Cuttermaran [2010.12.31 22:15:19 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\DVDVideoSoft [2010.12.31 22:15:52 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers [2009.12.11 18:12:35 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Engelmann Media [2010.11.14 22:48:52 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\flightgear.org [2011.01.21 17:08:12 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\GetRightToGo [2011.06.17 14:27:36 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\go [2011.02.26 14:12:07 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\HLSW [2011.07.03 02:31:19 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\ICQ [2011.06.25 20:53:35 | 000,000,000 | RHSD | M] -- C:\Users\Standard\AppData\Roaming\install [2010.10.20 06:46:54 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\InstantAction [2009.07.23 16:37:52 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\IrfanView [2010.11.08 22:16:39 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\JavaEditor [2010.12.07 16:22:23 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Leadertech [2009.06.06 17:57:37 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Miranda [2011.02.07 21:25:11 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Opera [2011.07.02 15:13:33 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Samsung [2011.06.14 18:32:20 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\SecurityHeroes [2009.12.15 19:10:24 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\SpeedProject [2010.07.02 17:52:31 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\TerraTec [2010.09.01 10:06:07 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Thunderbird [2010.02.12 18:04:21 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Webweaver [2011.02.07 19:14:05 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\WhiteSmoke [2009.04.17 13:09:51 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\WildTangent [2009.04.06 12:04:41 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\WinBatch [2011.07.03 02:38:37 | 000,032,554 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > [/CODE] EXTRAS: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 03.07.2011 02:33:57 - Run 5
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Standard\Desktop\Tools
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 61,87% Memory free
6,69 Gb Paging File | 5,51 Gb Available in Paging File | 82,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 118,71 Gb Free Space | 50,97% Space Free | Partition Type: NTFS
Computer Name: TOBIAS-PC | User Name: Standard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{065DD2F7-9920-439F-BD04-0E3073B25533}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{0B4A45E2-5CFD-4367-A421-244382F6B85F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0C02E0C5-C730-45F9-8905-761654C45C4C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{19FE9E3E-85FF-4569-BDD9-2DDD3E02D8B9}" = rport=139 | protocol=6 | dir=out | app=system |
"{1C27ED59-8710-4B0D-81D3-7BC5A81855C4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2390DA5F-FFA4-4E25-8164-F16A9C9E2864}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{244264B0-7A1F-4F91-AFFE-084BE4DCC019}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{32ABC149-73D7-4A82-8A77-4C990C7FBC1E}" = lport=138 | protocol=17 | dir=in | app=system |
"{4C795BFC-BF53-49FE-B563-0C194924175A}" = lport=137 | protocol=17 | dir=in | app=system |
"{4D7AC7AB-C92E-4D3C-9C8F-FCC13AC552EA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{50EE43AD-15DA-46D3-9D61-E8AC076E637D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{554EC450-094C-43C9-ABBC-FAA54658E75A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5CB26342-473C-436A-818A-D8DC91F8C91D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5F207028-1998-4794-BA7C-E1A9D1C3B6DD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{631D8B3A-529D-416D-97D7-8B813DF2E8ED}" = lport=10243 | protocol=6 | dir=in | app=system |
"{64E52F38-D611-43E3-A9A1-1B251E8D6A64}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6E207099-C83C-458D-AED4-B2916C048D28}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{73526175-250A-4798-BAB6-6D82636F8BBE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{89EFE265-E1A6-4E88-9421-A3A669E63357}" = rport=445 | protocol=6 | dir=out | app=system |
"{9DFA0E9D-39C3-4D22-B3E6-32EE73ED76A5}" = lport=10301 | protocol=17 | dir=in | app=c:\program files\devolo\informer\devinf.exe |
"{A97E9E66-E36A-4A83-ACFB-2796A1A533F2}" = rport=137 | protocol=17 | dir=out | app=system |
"{ADA6E7CA-0EBA-453C-BE48-BEB2714AD344}" = lport=139 | protocol=6 | dir=in | app=system |
"{B21D5DA9-4407-4FFD-B791-72FB4E250912}" = lport=28960 | protocol=6 | dir=in | name=cod4 |
"{B3137CA7-6526-44DF-ADBA-BD51F36991D7}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{B42E7AEE-6A2B-4343-9461-0AB0DC54BFDD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B71098B0-C5F3-4858-986A-0EBC051D6732}" = rport=138 | protocol=17 | dir=out | app=system |
"{BE6126A6-6ADB-4259-AD06-908C8BC5D1DA}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{C71B8A78-D6B2-419A-89DB-50CE72190F8E}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C967780B-3F94-4760-B0B7-F63F6DDBA795}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CA7DCB4F-B4AE-433A-8754-0E19DB0FEE8E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DB1D00AB-4B99-47D6-80EF-A28E3F19A1DA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DD559780-8A6B-4BC0-BC71-B2B04EABF550}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E28EF668-EBF9-49D5-88ED-AE89CAAB5EA6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F37075E6-DF8E-4CE3-8407-29548006EB07}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F390B772-40D8-4A76-A5FD-AB50DE6A1E24}" = lport=10300 | protocol=6 | dir=in | app=c:\program files\devolo\informer\devinf.exe |
"{F87DB93A-8A65-40BC-B857-B65B4BA22872}" = lport=445 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0014C0BA-205B-4149-9B05-CB56F8A58915}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0065883F-1A8C-4049-BB2C-655E4C7925EC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{05903F01-EA69-4353-9C67-9C94EEA1612C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0BB9F8C3-4F11-424E-BFB3-15F548B0125A}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-203 |
"{101C2C69-BA7E-4E1B-B48E-F61A753E6F2D}" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{124E7BD5-10E7-4656-8052-A4F3AB8835C0}" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\insttool.exe |
"{15485653-9FE8-493B-970C-CA1D515C528B}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"{18795C90-77AF-4158-8F40-40F42D078CC6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1C53FC2B-B566-4552-951D-A53628B51D17}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{25EE3E7C-763D-4185-B9EB-CEA780989E0B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{28473026-2D1B-4B77-BA84-A0E5A2704323}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{30BB68EA-0214-404F-BCE5-41BE3FF888AE}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{30E64870-44A9-4CB1-9B14-022684A60092}" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{32A61BFF-3438-4AE3-AE81-BC950957B6D1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3791B316-7D65-4CA0-B0A8-FAF740333710}" = protocol=6 | dir=out | app=system |
"{3FCBC69B-B200-4D06-86F4-2585B4E2B40A}" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\cinergydvr.exe |
"{3FF7E4F4-1BD6-4F05-812B-CAD61DFE9F36}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"{4157F447-19CF-40DB-8335-98EF1A108E7C}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{4A65E5CC-988B-407B-B52D-86B9AA240978}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{552CFEF1-E7AC-4F88-B2BE-3D3923DB85E3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5C08BDCB-4901-4D28-BEBC-74BF2D081CFB}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{5E119DE7-1CBA-4835-A38B-C73660D18C12}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5E1DD7FB-1178-4F48-8CF7-FF7033109253}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5F777A5C-DAF8-4DC3-A382-69CE3D9608E7}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{7389CCD4-CDF6-44CA-9CCE-BB46741CBEE1}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{760A8222-C06E-4840-936B-E9772ABC432C}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{78EC60A4-320B-496B-90ED-4AC3BF99A198}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{79B8B291-80E7-4FEF-B068-B64791611776}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{816512E6-EB29-4A08-A763-F3F8B821ACF3}" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\cinergydvr.exe |
"{914D7F33-6967-429F-81A6-3BCAE17F8E82}" = protocol=58 | dir=in | app=system |
"{94268DF4-9A05-4B8C-9827-1B9DCBE40164}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{9ED55FC4-B4B7-4E8A-9CBA-EE8426BAA40C}" = protocol=6 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{A55090BD-3654-4CA8-B53A-2B245B5696BB}" = protocol=17 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{AA0080CB-4788-4EFD-90A3-671B3D63338C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AA088164-E56B-41C3-83E2-2FF443077B8E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AB27CB8B-A6B2-4973-9FCD-8C2C84CE3EE0}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{AF00C150-65A5-4FF6-8E54-9AC6EDD6D7ED}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B0D26DA5-42DC-43F7-86D9-4EBE7028F6C4}" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\insttool.exe |
"{B2489612-AB6D-4B8B-B6E8-D3AA5838CD1B}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{BD3DE542-BFC0-4706-8BF9-F01D4DFC19B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C217537B-B728-4A63-AF21-D8BBEDD0A6D6}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{CD9B160B-8168-4AD0-B412-5CE56F9B14C9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D186763E-6348-4F41-9995-266F79B5B465}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe |
"{D7B0126E-A388-42F1-9E3F-0AF030D5AAE0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E63AA1F5-9F20-400F-882D-B4EFCAC06DD9}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{F5D562D9-BB0A-453C-8235-2EE11FA2CA05}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe |
"{F70A60BC-FB90-488C-9A0A-9593A5C86E02}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FD224169-2DDE-4920-98BA-87D4FCE00EE1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{1252B7A3-20B5-4984-9EEC-FC575FE3D48C}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{14CFB5A8-3160-455C-BBA4-8C5559078E69}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{2762A398-F718-46BF-B017-5D812D1F8D2C}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"TCP Query User{390503DC-5D29-4BD4-BD9E-F9B7E17D7E4B}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"TCP Query User{6144204B-BEE8-4BA1-988C-6C07E207584A}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{6458BF47-D5DB-4246-ACAA-E26C67DF6FDF}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"TCP Query User{74F68D95-45CC-49D9-8A64-3AC2082985A7}C:\program files\asus\gamerosd\sbs.exe" = protocol=6 | dir=in | app=c:\program files\asus\gamerosd\sbs.exe |
"TCP Query User{786FF187-6C2F-4FC2-8C95-7930B451FD58}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{7F8CDB64-BF21-4BA3-91A2-CF9D633215D2}C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe |
"TCP Query User{872D96FE-0E56-470A-A1D8-F482D6048F2A}C:\program files\icq7.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"TCP Query User{A8EB65FC-DAA5-442B-AA29-18E0A7F97345}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"TCP Query User{AA420A76-7CCE-44D4-8259-EB9908F3712E}C:\program files\devolo\informer\devinf.exe" = protocol=6 | dir=in | app=c:\program files\devolo\informer\devinf.exe |
"TCP Query User{C9B165C1-843F-41F3-B36D-97BA636FA56E}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{F138B2A5-F65F-4513-A1FF-FCCF7B3CDDBD}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{F377A149-BE65-4496-89CF-FEA21E562E38}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{F99B2A89-36B4-474C-BB93-C5DE3080D993}C:\program files\activision\call of duty 4 - modern warfare\iw3mp 1.7 patched.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp 1.7 patched.exe |
"TCP Query User{F9C3A6F8-F4B2-4141-A706-616A6BD14FA7}C:\program files\hlsw\hlsw.exe" = protocol=6 | dir=in | app=c:\program files\hlsw\hlsw.exe |
"UDP Query User{06EE2C64-6C67-49C8-B376-BB12EE07710B}C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe |
"UDP Query User{29CA7137-E326-49C6-9D69-F7747D5AD4E1}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{2A8D35C6-001F-4884-AE7D-CC32CB63E06D}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{361CA2A3-8DA2-49A4-9F06-B025BE31C50F}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{39C842B5-4590-40BE-9A91-032612CBDF25}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{3BC66CCF-CEB8-4FFF-BED7-64DDE74307F3}C:\program files\icq7.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"UDP Query User{564ADE94-4393-477D-82AE-87271E387483}C:\program files\hlsw\hlsw.exe" = protocol=17 | dir=in | app=c:\program files\hlsw\hlsw.exe |
"UDP Query User{65503A8D-A917-4717-B542-6D5D242B1CBE}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"UDP Query User{65D4A092-3E9E-43A5-AF88-BA714B8FE44E}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{885BD7D7-8898-4199-9B60-93E0D4542C68}C:\program files\devolo\informer\devinf.exe" = protocol=17 | dir=in | app=c:\program files\devolo\informer\devinf.exe |
"UDP Query User{8F5E2C06-987E-41AF-8105-BD5A9EA7614C}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"UDP Query User{BA548024-5A37-4861-BB9C-324BEB654C7C}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{BEA529BB-B7C7-4F6A-A3F3-9D02FADED7EC}C:\program files\asus\gamerosd\sbs.exe" = protocol=17 | dir=in | app=c:\program files\asus\gamerosd\sbs.exe |
"UDP Query User{CDBB24A0-0C27-403D-9323-1580F5ACC006}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{D836FB33-9916-444D-95E2-F09E7097F5CD}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{E3A6A25B-22A3-4814-B0D8-AD7E07A5BDB8}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{E437B427-9A45-48F2-8160-3A63E287A3C0}C:\program files\activision\call of duty 4 - modern warfare\iw3mp 1.7 patched.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp 1.7 patched.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{06A940CD-4924-485E-8500-476C9E08A820}" = Samsung PC Studio 3
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0AAFCFAF-5544-EEAF-189B-C85B138112D1}" = ATI Catalyst Install Manager
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{12453E04-9738-4D16-8408-D726532C2C69}" = ASUS VGA Driver
"{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F0D5576-C383-4E5E-9906-0B47BECBB8B6}" = Hama Webcam Suite
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{283CF61A-FAB6-4690-0001-05B15D792AC7}" = freeTunes*2.0
"{28C3E5E6-5ACA-408D-9A46-089C5334EC97}" = HP Help and Support
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{30A68EDA-53FA-43B5-8007-D18ED1F61659}" = Jollenbeck
"{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}" = HP QuickTouch 1.00 D2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{32BC62C5-32B9-F838-ADD4-CFEF544C6888}" = ccc-core-static
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7
"{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008-Browser
"{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}" = HP Easy Setup - Frontend
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{582287DA-0806-4AC0-BF19-C15E3A466034}" = LightScribe System Software 1.12.33.2
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{738B0934-6676-44F6-AB52-32F4E60DCA7F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch)
"{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{771ABEA0-23AF-8F8E-63FE-168779F294B6}" = CCC Help English
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online
"{7E6066E6-8B5B-4100-B0FA-1D9E9B663CBA}" = iTunes
"{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}" = ASUS Gamer OSD
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86B247F9-1D5E-CCC6-3280-71486D9A4E70}" = ATI Stream SDK v2 Developer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers 1.10.01
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8B128562-681D-4FFA-BEBF-A825985B2CB9}" = AirPlus G DWL-G510
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{9F238A60-C445-4B81-8EDE-07DC924E98F8}" = HP MULTIPLE MODEM INSTALLER for VISTA
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A1399B3E-93A8-E865-EC9B-6B452E3094E5}" = Catalyst Control Center InstallProxy
"{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A83000000003}" = Adobe Reader 8.3.0 - Deutsch
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}" = HP Customer Experience Enhancements
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}" = Keyboard & Mouse Driver
"{BA6C526C-F50F-4F7D-920D-D55075E25C55}" = SPEED-LINK STEERING WHEEL DRIVER v4.1
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE4D9AE7-48F8-3A24-5C68-E064153618D3}" = Catalyst Control Center InstallProxy
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C91C4EF4-63E1-41EE-AE6A-5152628FDC21}" = Microsoft SQL Server 2008 Native Client
"{C92C89BB-1D11-C8D5-1584-D5259818479A}" = ccc-utility
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB71A20E-B1B4-4562-81FA-33E1DBD0342F}" = ProtectSmart Hard Drive Protection
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}" = Microsoft Visual Basic 2010 Express - DEU
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DB837331-6864-4B66-7248-4CB823DB4222}" = Catalyst Control Center InstallProxy
"{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EEF985E8-8B36-4230-B174-117A2381C17F}" = LogMeIn Hamachi
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F47C09DB-746B-2ABA-819B-8FC759034E74}" = Catalyst Control Center Graphics Previews Common
"{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}" = HP User Guides 0102
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}" = hama PC-Webcam AC-140
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v1.50
"AIM_6" = AIM
"Ashampoo WinOptimizer 2010_is1" = Ashampoo WinOptimizer 2010
"Avira AntiVir Desktop" = Avira AntiVir Premium
"BiosAgentPlus" = BiosAgentPlus Plugin for Netscape by eSupport.com
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"dlanconf" = devolo dLAN-Konfigurationsassistent
"dslmon" = devolo Informer
"EasyBits Magic Desktop" = Magic Desktop
"Finale NotePad 2008" = Finale NotePad 2008
"FormatFactory" = FormatFactory 2.60
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Studio_is1" = Free Studio version 5.0.3
"Free Video Dub_is1" = Free Video Dub version 1.4
"Free YouTube Download_is1" = Free YouTube Download 2.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"FreePDF_XP" = FreePDF XP (Remove only)
"Get Styles" = Get Styles
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"HLSW_is1" = HLSW v1.3.3.7b
"ICQToolbar" = ICQ Toolbar
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"InstallShield_{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}" = Keyboard & Mouse Driver
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"IrfanView" = IrfanView (remove only)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200
"MegaTrainer XL_is1" = MegaTrainer XL V1.4.5.3-Beta
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual Basic 2010 Express - DEU" = Microsoft Visual Basic 2010 Express - DEU
"Mozilla Firefox 5.0 (x86 en-GB)" = Mozilla Firefox 5.0 (x86 en-GB)
"Mozilla Thunderbird (3.1.11)" = Mozilla Thunderbird (3.1.11)
"NetworkActiv AUTAPF 1.1" = NetworkActiv AUTAPF 1.1
"Notepad++" = Notepad++
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"s4uVoctra" = s4uVoctra
"Samsung ML-191x 252x Series" = Wartung Samsung ML-191x 252x Series
"Searchqu MediaBar" = Windows Searchqu Toolbar
"Secunia PSI" = Secunia PSI (2.0.0.3003)
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"Uninstall_is1" = Uninstall 1.0.0.1
"ViewpointMediaPlayer" = Viewpoint Media Player
"Virtual DJ Home - Atomix Productions" = Virtual DJ Home - Atomix Productions
"WashAndGo_is1" = WashAndGo
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"xvid" = XviD MPEG-4 Video Codec
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"Move Media Player" = Move Media Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 02.07.2011 17:00:08 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.07.2011 17:08:39 | Computer Name = Tobias-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel
0x47918b89, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0x06a096f8, Prozess-ID 0x1234, Anwendungsstartzeit
01cc38faa22cc7ac.
Error - 02.07.2011 17:14:43 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.07.2011 17:22:50 | Computer Name = Tobias-PC | Source = Perflib | ID = 1008
Description =
Error - 02.07.2011 17:22:50 | Computer Name = Tobias-PC | Source = Perflib | ID = 1010
Description =
Error - 02.07.2011 18:11:46 | Computer Name = Tobias-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel
0x47918b89, fehlerhaftes Modul urlmon.dll, Version 8.0.6001.19048, Zeitstempel
0x4d6355e2, Ausnahmecode 0xc0000005, Fehleroffset 0x0003e35a, Prozess-ID 0x1130,
Anwendungsstartzeit 01cc38fc54f2cffc.
Error - 02.07.2011 18:14:57 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.07.2011 18:23:39 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.07.2011 18:32:29 | Computer Name = Tobias-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel
0x47918b89, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0x0532dc18, Prozess-ID 0x454, Anwendungsstartzeit
01cc39067820b302.
Error - 02.07.2011 20:25:52 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 31.03.2011 10:52:14 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 01.04.2011 11:39:16 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 01.04.2011 15:39:28 | Computer Name = Tobias-PC | Source = DCOM | ID = 10016
Description =
Error - 02.04.2011 11:18:10 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 02.04.2011 11:18:10 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 02.04.2011 11:18:10 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 02.04.2011 11:19:05 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 02.04.2011 11:19:07 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 02.04.2011 11:27:57 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 02.04.2011 11:27:57 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
[/CODE] Und jetzt mach ich mal 'kurz' Pause :-)) - Sonntag darfs gerne weitergehen! LG T  |
|
03.07.2011, 06:07
| #22 | ||
| /// Helfer-Team    | Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsam vermutlich dein <MBR> (auch) infiziert, daher: Der Master Boot Record (MBR) der ersten Festplatte wird beim Start des Rechners geladen, noch vor dem Betriebssystem. Code, der Dort residiert, kann im Prinzip das Betriebssystem kontrollieren. wenn Du statt Format C:\ für Systemreinigung entscheidest, dann so geht`s weiter: 1. deinstalliere (falls noch existiert, ansonsten nach Reste suchen ggf löschen): Zitat:
Zitat:
2. TDSSKiller von Kaspersky
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! Geändert von kira (03.07.2011 um 06:28 Uhr) |
|
03.07.2011, 09:59
| #23 |
| | Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsam Guten Morgen! nachdem ich format c:\ für die wirklich allerletzte Option ansehe habe ich mit Kapersky weitergemacht. Logfile: Code:
ATTFilter
2011/07/03 10:46:37.0838 5216 TDSS rootkit removing tool 2.5.8.0 Jun 28 2011 19:12:16
2011/07/03 10:46:38.0114 5216 ================================================================================
2011/07/03 10:46:38.0114 5216 SystemInfo:
2011/07/03 10:46:38.0114 5216
2011/07/03 10:46:38.0114 5216 OS Version: 6.0.6002 ServicePack: 2.0
2011/07/03 10:46:38.0114 5216 Product type: Workstation
2011/07/03 10:46:38.0114 5216 ComputerName: TOBIAS-PC
2011/07/03 10:46:38.0114 5216 UserName: Standard
2011/07/03 10:46:38.0114 5216 Windows directory: C:\Windows
2011/07/03 10:46:38.0114 5216 System windows directory: C:\Windows
2011/07/03 10:46:38.0114 5216 Processor architecture: Intel x86
2011/07/03 10:46:38.0114 5216 Number of processors: 2
2011/07/03 10:46:38.0114 5216 Page size: 0x1000
2011/07/03 10:46:38.0114 5216 Boot type: Normal boot
2011/07/03 10:46:38.0114 5216 ================================================================================
2011/07/03 10:46:39.0312 5216 Initialize success
2011/07/03 10:46:46.0762 4860 ================================================================================
2011/07/03 10:46:46.0762 4860 Scan started
2011/07/03 10:46:46.0762 4860 Mode: Manual;
2011/07/03 10:46:46.0762 4860 ================================================================================
2011/07/03 10:46:47.0881 4860 Accelerometer (3b10711ad8656c097e0d16a41b29c54c) C:\Windows\system32\DRIVERS\Accelerometer.sys
2011/07/03 10:46:47.0929 4860 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/07/03 10:46:47.0990 4860 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys
2011/07/03 10:46:48.0035 4860 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/07/03 10:46:48.0109 4860 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/07/03 10:46:48.0138 4860 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/07/03 10:46:48.0157 4860 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/07/03 10:46:48.0208 4860 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys
2011/07/03 10:46:48.0247 4860 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/07/03 10:46:48.0345 4860 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/07/03 10:46:48.0379 4860 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/07/03 10:46:48.0404 4860 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/07/03 10:46:48.0424 4860 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/07/03 10:46:48.0441 4860 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/07/03 10:46:48.0474 4860 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/07/03 10:46:48.0537 4860 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
2011/07/03 10:46:48.0718 4860 amdkmdag (409d070998de0c740372531174d22c91) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/07/03 10:46:48.0855 4860 amdkmdap (377cd7845a5c428112add976867a2819) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/07/03 10:46:48.0922 4860 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/07/03 10:46:48.0938 4860 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/07/03 10:46:48.0984 4860 ArcSoftKsUFilter (cf3a922857b052c3f073b72c905e4c89) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
2011/07/03 10:46:49.0078 4860 asusgsb (b6e6b264e9c4d0ad0e97af8434c8754d) C:\Windows\system32\drivers\asusgsb.sys
2011/07/03 10:46:49.0108 4860 ASUSVRC (94442e3029ff6c9f08140fe6718af4fb) C:\Windows\system32\DRIVERS\AsusVRC.sys
2011/07/03 10:46:49.0141 4860 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/03 10:46:49.0175 4860 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/07/03 10:46:49.0257 4860 athr (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys
2011/07/03 10:46:49.0296 4860 AtiHDAudioService (0c3c2e9136397e1aaa9033dcae25ced2) C:\Windows\system32\drivers\AtihdLH3.sys
2011/07/03 10:46:49.0502 4860 atikmdag (409d070998de0c740372531174d22c91) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/07/03 10:46:49.0610 4860 AtiPcie (5a1465ad2e7c1bc39cda12a355329096) C:\Windows\system32\DRIVERS\AtiPcie.sys
2011/07/03 10:46:49.0637 4860 atkdisplf (409aafbd2642813f2c1bb446c816e354) C:\Windows\system32\drivers\ATKDispLowFilter.sys
2011/07/03 10:46:49.0721 4860 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/07/03 10:46:49.0780 4860 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/07/03 10:46:49.0819 4860 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
2011/07/03 10:46:49.0885 4860 BCM43XV (8c74f7814028140c9518d2b59f9410b6) C:\Windows\system32\DRIVERS\bcmwl6.sys
2011/07/03 10:46:49.0921 4860 BCM43XX (8c74f7814028140c9518d2b59f9410b6) C:\Windows\system32\DRIVERS\bcmwl6.sys
2011/07/03 10:46:49.0972 4860 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/07/03 10:46:50.0065 4860 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/07/03 10:46:50.0142 4860 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/03 10:46:50.0156 4860 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/07/03 10:46:50.0183 4860 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/07/03 10:46:50.0238 4860 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/07/03 10:46:50.0284 4860 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/07/03 10:46:50.0326 4860 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/07/03 10:46:50.0340 4860 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/07/03 10:46:50.0359 4860 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/07/03 10:46:50.0395 4860 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/03 10:46:50.0456 4860 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/07/03 10:46:50.0504 4860 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
2011/07/03 10:46:50.0540 4860 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/07/03 10:46:50.0570 4860 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/07/03 10:46:50.0610 4860 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/07/03 10:46:50.0677 4860 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/07/03 10:46:50.0700 4860 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/07/03 10:46:50.0718 4860 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/07/03 10:46:50.0777 4860 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/07/03 10:46:50.0824 4860 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/07/03 10:46:50.0887 4860 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/07/03 10:46:50.0958 4860 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/03 10:46:51.0011 4860 DynCal (1354a16a54a444a388d89e18c4f73e17) C:\Windows\system32\drivers\Dyncal.sys
2011/07/03 10:46:51.0087 4860 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/07/03 10:46:51.0182 4860 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/07/03 10:46:51.0253 4860 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/07/03 10:46:51.0350 4860 enecir (4cd6b056c5fd9e97c06fe74c81479517) C:\Windows\system32\DRIVERS\enecir.sys
2011/07/03 10:46:51.0387 4860 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/07/03 10:46:51.0486 4860 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/07/03 10:46:51.0534 4860 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/07/03 10:46:51.0559 4860 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/03 10:46:51.0612 4860 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/07/03 10:46:51.0645 4860 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/07/03 10:46:51.0667 4860 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/03 10:46:51.0705 4860 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/07/03 10:46:51.0742 4860 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/03 10:46:51.0765 4860 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/07/03 10:46:51.0924 4860 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/07/03 10:46:52.0003 4860 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
2011/07/03 10:46:52.0081 4860 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
2011/07/03 10:46:52.0146 4860 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/07/03 10:46:52.0199 4860 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/07/03 10:46:52.0227 4860 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
2011/07/03 10:46:52.0311 4860 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/07/03 10:46:52.0354 4860 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/07/03 10:46:52.0398 4860 hpdskflt (24f3f496c18efc234777723a67a85f81) C:\Windows\system32\DRIVERS\hpdskflt.sys
2011/07/03 10:46:52.0432 4860 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
2011/07/03 10:46:52.0493 4860 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
2011/07/03 10:46:52.0547 4860 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/07/03 10:46:52.0607 4860 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
2011/07/03 10:46:52.0671 4860 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/07/03 10:46:52.0705 4860 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/07/03 10:46:52.0738 4860 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/07/03 10:46:52.0772 4860 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
2011/07/03 10:46:52.0806 4860 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/07/03 10:46:52.0862 4860 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/07/03 10:46:52.0965 4860 IntcAzAudAddService (f42901f67cbc137a0f141c58b831a03c) C:\Windows\system32\drivers\RTKVHDA.sys
2011/07/03 10:46:53.0092 4860 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/07/03 10:46:53.0114 4860 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/03 10:46:53.0145 4860 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/03 10:46:53.0196 4860 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/07/03 10:46:53.0215 4860 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/07/03 10:46:53.0314 4860 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/07/03 10:46:53.0365 4860 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/07/03 10:46:53.0398 4860 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/07/03 10:46:53.0413 4860 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/07/03 10:46:53.0434 4860 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/07/03 10:46:53.0469 4860 JMCR (858c550ebbd243826a2193262c1b54a3) C:\Windows\system32\DRIVERS\jmcr.sys
2011/07/03 10:46:53.0548 4860 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/07/03 10:46:53.0581 4860 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/07/03 10:46:53.0626 4860 KMWDFilter (72c55c745d804d62162144ebfd6390b8) C:\Windows\System32\Drivers\KMWDFilter.SYS
2011/07/03 10:46:53.0674 4860 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/03 10:46:53.0827 4860 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/03 10:46:53.0867 4860 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/07/03 10:46:53.0882 4860 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/07/03 10:46:53.0900 4860 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/07/03 10:46:53.0918 4860 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/07/03 10:46:54.0005 4860 MBAMSwissArmy (b309912717c29fc67e1ba4730a82b6dd) C:\Windows\system32\drivers\mbamswissarmy.sys
2011/07/03 10:46:54.0080 4860 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/07/03 10:46:54.0112 4860 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/07/03 10:46:54.0168 4860 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/07/03 10:46:54.0189 4860 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/03 10:46:54.0273 4860 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/07/03 10:46:54.0291 4860 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/07/03 10:46:54.0328 4860 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/07/03 10:46:54.0343 4860 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/07/03 10:46:54.0369 4860 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/03 10:46:54.0388 4860 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/07/03 10:46:54.0419 4860 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/07/03 10:46:54.0538 4860 mrxsmb (5fe5cf325f5b02ebc60832d3440cb414) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/03 10:46:54.0608 4860 mrxsmb10 (30b9c769446af379a2afb72b0392604d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/03 10:46:54.0631 4860 mrxsmb20 (fea239b3ec4877e2b7e23204af589ddf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/03 10:46:54.0654 4860 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
2011/07/03 10:46:54.0683 4860 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/07/03 10:46:54.0725 4860 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/07/03 10:46:54.0780 4860 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/07/03 10:46:54.0809 4860 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/03 10:46:54.0824 4860 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/03 10:46:54.0845 4860 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/07/03 10:46:54.0883 4860 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/07/03 10:46:54.0923 4860 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/07/03 10:46:55.0013 4860 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/07/03 10:46:55.0035 4860 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/07/03 10:46:55.0112 4860 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/03 10:46:55.0163 4860 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/07/03 10:46:55.0263 4860 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/03 10:46:55.0306 4860 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/03 10:46:55.0363 4860 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/03 10:46:55.0379 4860 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/07/03 10:46:55.0400 4860 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/03 10:46:55.0473 4860 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/03 10:46:55.0557 4860 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/07/03 10:46:55.0593 4860 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/07/03 10:46:55.0672 4860 NPF_devolo (75ac610a7481cb1f343dc971249bcb19) C:\Windows\system32\drivers\npf_devolo.sys
2011/07/03 10:46:55.0699 4860 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/03 10:46:55.0756 4860 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/07/03 10:46:55.0863 4860 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/07/03 10:46:55.0884 4860 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/07/03 10:46:55.0912 4860 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys
2011/07/03 10:46:55.0947 4860 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/07/03 10:46:55.0966 4860 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/07/03 10:46:56.0005 4860 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/07/03 10:46:56.0075 4860 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/07/03 10:46:56.0189 4860 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/07/03 10:46:56.0221 4860 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/07/03 10:46:56.0246 4860 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/07/03 10:46:56.0280 4860 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/07/03 10:46:56.0339 4860 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
2011/07/03 10:46:56.0412 4860 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/07/03 10:46:56.0460 4860 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/07/03 10:46:56.0544 4860 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/03 10:46:56.0570 4860 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
2011/07/03 10:46:56.0656 4860 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/03 10:46:56.0729 4860 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/07/03 10:46:56.0812 4860 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/07/03 10:46:56.0850 4860 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/03 10:46:56.0887 4860 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/03 10:46:56.0909 4860 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/03 10:46:57.0067 4860 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/03 10:46:57.0095 4860 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/03 10:46:57.0127 4860 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/03 10:46:57.0163 4860 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/03 10:46:57.0232 4860 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/07/03 10:46:57.0261 4860 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/03 10:46:57.0314 4860 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/07/03 10:46:57.0421 4860 RsFx0102 (fedd2710b75be3ecf078adace790c423) C:\Windows\system32\DRIVERS\RsFx0102.sys
2011/07/03 10:46:57.0466 4860 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/03 10:46:57.0524 4860 RT61 (7564b99e469d8e3782f5907e3d448f03) C:\Windows\system32\DRIVERS\RT61.sys
2011/07/03 10:46:57.0596 4860 RTL8169 (174b9514cd1a0c33ce4bbc02a3c81a62) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/07/03 10:46:57.0644 4860 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/07/03 10:46:57.0685 4860 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
2011/07/03 10:46:57.0715 4860 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/07/03 10:46:57.0765 4860 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/07/03 10:46:57.0783 4860 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/07/03 10:46:57.0825 4860 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/07/03 10:46:57.0900 4860 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/07/03 10:46:57.0921 4860 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/07/03 10:46:57.0984 4860 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/07/03 10:46:58.0100 4860 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/07/03 10:46:58.0284 4860 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/07/03 10:46:58.0361 4860 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/07/03 10:46:58.0392 4860 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/07/03 10:46:58.0438 4860 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/07/03 10:46:58.0715 4860 SNP325 (a12be6b3f784bd66110efc649f31038b) C:\Windows\system32\DRIVERS\snp325.sys
2011/07/03 10:46:58.0989 4860 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/07/03 10:46:59.0055 4860 sptd (a80cd850d69d996c832bea37e3a6aa1e) C:\Windows\System32\Drivers\sptd.sys
2011/07/03 10:46:59.0179 4860 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/07/03 10:46:59.0273 4860 srv2 (a5940ca32ed206f90be9fabdf6e92de4) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/03 10:46:59.0328 4860 srvnet (37aa1d560d5fa486c4b11c2f276ada61) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/03 10:46:59.0374 4860 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/07/03 10:46:59.0453 4860 SSPORT (ef3458337d7341a05169cefc73709264) C:\Windows\system32\Drivers\SSPORT.sys
2011/07/03 10:46:59.0518 4860 StarOpen (306521935042fc0a6988d528643619b3) C:\Windows\system32\drivers\StarOpen.sys
2011/07/03 10:46:59.0571 4860 STHDA (5e71b3635d5f96d23eee1da92b85c850) C:\Windows\system32\DRIVERS\stwrt.sys
2011/07/03 10:46:59.0611 4860 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/07/03 10:46:59.0641 4860 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/07/03 10:46:59.0690 4860 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/07/03 10:46:59.0719 4860 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/07/03 10:46:59.0806 4860 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/07/03 10:46:59.0903 4860 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/03 10:46:59.0930 4860 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/03 10:47:00.0008 4860 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/07/03 10:47:00.0027 4860 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/07/03 10:47:00.0066 4860 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/03 10:47:00.0126 4860 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/07/03 10:47:00.0200 4860 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/03 10:47:00.0223 4860 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/07/03 10:47:00.0260 4860 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/03 10:47:00.0339 4860 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/07/03 10:47:00.0402 4860 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/03 10:47:00.0455 4860 UDXTTM6010 (328762250ddf538cf007cf692dd6e934) C:\Windows\system32\DRIVERS\UDXTTM6010.sys
2011/07/03 10:47:00.0562 4860 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/07/03 10:47:00.0592 4860 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/07/03 10:47:00.0609 4860 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/07/03 10:47:00.0680 4860 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/07/03 10:47:00.0708 4860 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/07/03 10:47:00.0795 4860 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
2011/07/03 10:47:00.0823 4860 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/07/03 10:47:00.0853 4860 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/07/03 10:47:00.0920 4860 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/07/03 10:47:00.0956 4860 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/07/03 10:47:01.0010 4860 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
2011/07/03 10:47:01.0031 4860 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/03 10:47:01.0095 4860 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/07/03 10:47:01.0128 4860 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/07/03 10:47:01.0162 4860 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/07/03 10:47:01.0229 4860 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/03 10:47:01.0252 4860 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/07/03 10:47:01.0286 4860 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/07/03 10:47:01.0339 4860 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/07/03 10:47:01.0362 4860 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/07/03 10:47:01.0429 4860 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/07/03 10:47:01.0456 4860 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/07/03 10:47:01.0504 4860 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/07/03 10:47:01.0522 4860 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/07/03 10:47:01.0604 4860 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/07/03 10:47:01.0632 4860 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/03 10:47:01.0644 4860 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/03 10:47:01.0677 4860 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/07/03 10:47:01.0707 4860 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/03 10:47:01.0818 4860 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
2011/07/03 10:47:01.0986 4860 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/07/03 10:47:02.0146 4860 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/07/03 10:47:02.0199 4860 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/03 10:47:02.0242 4860 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/03 10:47:02.0337 4860 MBR (0x1B8) (04d4350ae5fb6fc2ad3e7c26b1323c68) \Device\Harddisk0\DR0
2011/07/03 10:47:02.0343 4860 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/07/03 10:47:02.0359 4860 Boot (0x1200) (53e27fa1723027623e36ce56224b0f32) \Device\Harddisk0\DR0\Partition0
2011/07/03 10:47:02.0365 4860 ================================================================================
2011/07/03 10:47:02.0365 4860 Scan finished
2011/07/03 10:47:02.0365 4860 ================================================================================
2011/07/03 10:47:02.0379 5580 Detected object count: 1
2011/07/03 10:47:02.0379 5580 Actual detected object count: 1
2011/07/03 10:47:17.0667 5580 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/07/03 10:47:17.0667 5580 \Device\Harddisk0\DR0 - ok
2011/07/03 10:47:17.0668 5580 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure
2011/07/03 10:47:24.0443 5696 Deinitialize success
|
|
03.07.2011, 10:10
| #24 |
| | Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsam War schon ganz hofffnungsfroh :-) - wohl aber noch (?) zu früh: die Sicherheitscenterwarnung existiert noch immer. |
|
03.07.2011, 10:21
| #25 |
| | Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsam Der (optimistisch) gestartete AVIRA-Suchlauf ist nicht zum Ende gelaufen; Fehlermeldung hänge ich hier an. |
|
03.07.2011, 12:51
| #26 |
| | Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsam Nachdem das Thema offensichtlich noch nicht erledigt ist hänge ich hier nochmal die aktuellen Logs an: 1. OTL.TXT OTL Logfile: Code:
ATTFilter OTL logfile created on: 03.07.2011 13:34:41 - Run 6 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Standard\Desktop\Tools Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19048) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 59,02% Memory free 6,73 Gb Paging File | 5,73 Gb Available in Paging File | 85,11% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 118,58 Gb Free Space | 50,92% Space Free | Partition Type: NTFS Computer Name: TOBIAS-PC | User Name: Standard | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.07.02 14:18:25 | 000,428,200 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe PRC - [2011.07.02 14:18:25 | 000,340,136 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe PRC - [2011.07.02 14:18:25 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2011.06.26 18:57:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Standard\Desktop\Tools\OTL.exe PRC - [2011.06.26 11:16:26 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2011.06.26 11:16:13 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2011.06.26 11:16:08 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe PRC - [2011.04.19 08:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psi_tray.exe PRC - [2011.01.05 04:58:02 | 000,397,312 | ---- | M] (AMD) -- C:\WINDOWS\System32\atieclxx.exe PRC - [2011.01.05 04:57:32 | 000,176,128 | ---- | M] (AMD) -- C:\WINDOWS\System32\atiesrxx.exe PRC - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe PRC - [2010.09.21 15:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2010.09.21 15:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009.09.28 10:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009.09.22 18:29:54 | 001,528,320 | ---- | M] (Elgato Systems) -- C:\Programme\Common Files\TerraTec\Remote\TTTvRc.exe PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008.07.11 02:27:52 | 040,999,448 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe PRC - [2008.07.10 02:49:44 | 000,098,840 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe PRC - [2008.07.06 17:31:02 | 000,331,776 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\KMProcess.exe PRC - [2008.06.23 21:28:08 | 000,208,896 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\KMWDSrv.exe PRC - [2008.06.14 01:02:04 | 000,397,312 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\KMCONFIG.exe PRC - [2008.05.30 01:22:38 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\StartAutorun.exe PRC - [2008.04.15 18:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2008.04.15 18:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2008.02.12 22:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2007.05.10 13:18:10 | 000,835,584 | ---- | M] () -- C:\WINDOWS\vsnp325.exe PRC - [2007.04.21 09:36:50 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnp325.exe PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\MDM.EXE ========== Modules (SafeList) ========== MOD - [2011.06.26 18:57:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Standard\Desktop\Tools\OTL.exe MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (Recovery Service for Windows) SRV - [2011.07.02 14:18:25 | 000,428,200 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2011.07.02 14:18:25 | 000,340,136 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService) SRV - [2011.07.02 14:18:25 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.06.26 11:16:26 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.06.10 18:55:48 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2011.01.15 16:06:42 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011.01.05 04:57:32 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\WINDOWS\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2009.09.28 10:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2008.07.29 18:20:14 | 000,067,072 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Stopped] -- C:\WINDOWS\System32\ATKFUSService.exe -- (ATKFUSService) SRV - [2008.06.23 21:28:08 | 000,208,896 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Programme\Keyboard & Mouse Driver\KMWDSrv.exe -- (KMWDSERVICE) SRV - [2008.04.15 18:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2008.02.12 22:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe -- (AESTFilters) SRV - [2008.02.03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\WINDOWS\System32\ezsvc7.dll -- (ezSharedSvc) SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) ========== Driver Services (SafeList) ========== DRV - [2011.07.02 14:18:26 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011.07.02 14:18:26 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2011.01.05 05:36:10 | 006,789,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2011.01.05 05:36:10 | 006,789,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2011.01.05 04:19:18 | 000,235,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2011.01.02 01:04:00 | 000,722,416 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010.11.17 14:04:12 | 000,097,296 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService) DRV - [2010.06.10 14:32:14 | 000,035,840 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\npf_devolo.sys -- (NPF_devolo) NetGroup Packet Filter Driver (devolo) DRV - [2009.07.17 18:02:02 | 000,335,872 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\rt61.sys -- (RT61) DRV - [2009.07.17 02:41:49 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\SSPORT.SYS -- (SSPORT) DRV - [2009.05.14 09:48:04 | 000,762,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\UDXTTM6010.sys -- (UDXTTM6010) DRV - [2009.05.11 11:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\hamachi.sys -- (hamachi) DRV - [2009.02.13 11:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008.08.06 17:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008.07.29 18:20:16 | 000,030,976 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ATKDispLowFilter.sys -- (atkdisplf) DRV - [2008.07.29 18:20:16 | 000,015,232 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\asusgsb.sys -- (asusgsb) DRV - [2008.07.10 02:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\RsFx0102.sys -- (RsFx0102) DRV - [2008.04.27 18:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2008.04.27 12:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr) DRV - [2008.04.15 20:19:54 | 000,378,368 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008.04.01 13:14:10 | 000,081,296 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\jmcr.sys -- (JMCR) DRV - [2008.03.27 13:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV - [2008.03.27 13:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2008.03.22 11:31:58 | 000,017,024 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\KMWDFILTER.sys -- (KMWDFilter) DRV - [2008.01.24 15:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\enecir.sys -- (enecir) DRV - [2007.07.11 10:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid) DRV - [2007.06.18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2007.05.30 19:14:58 | 000,016,640 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) DRV - [2007.05.07 17:58:44 | 010,343,168 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\snp325.sys -- (SNP325) USB PC Camera (SNPSTD325) DRV - [2007.01.29 17:12:52 | 000,018,432 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\AsusVRC.sys -- (ASUSVRC) DRV - [2006.11.10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\afc.sys -- (Afc) DRV - [2006.11.02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD) DRV - [2006.07.24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2004.09.12 09:45:28 | 000,008,320 | ---- | M] (Ruling Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dyncal.sys -- (DynCal) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/skins7/" FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - user.js..browser.search.openintab: false FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.03 10:39:21 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.18 10:16:01 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.07.02 14:17:41 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.06.18 10:16:01 | 000,000,000 | ---D | M] [2011.05.29 18:30:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Extensions [2010.09.01 10:06:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011.07.03 00:20:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions [2009.08.30 11:37:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\personas@christopher.beard [2011.06.13 23:05:44 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\plugin@yontoo.com [2011.07.02 14:36:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\psvooo35.default\extensions [2011.06.14 18:32:19 | 000,000,000 | ---D | M] (Maximum AdBlock) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\psvooo35.default\extensions\ozymandias@securityheroes.com [2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\944s7en5.default\searchplugins\icqplugin.xml [2011.07.03 10:39:21 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.03.10 22:24:04 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.06.26 18:58:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.14 19:50:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.11.08 21:25:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.06.13 23:06:07 | 000,000,000 | ---D | M] (Babylon) -- C:\Programme\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2011.06.16 06:32:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll [2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2011.06.13 23:05:52 | 000,002,226 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\babylon.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.06.26 18:39:42 | 000,000,098 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (GdfrDUEn Class) - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - C:\Programme\Get Styles\enlbrdr.dll (TODO: <Company name>) O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo Layers\YontooIEClient.dll (Yontoo LLC) O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [KMCONFIG] File not found O4 - HKLM..\Run: [snp325] C:\WINDOWS\vsnp325.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe () O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [Remote Control Editor] C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe (Elgato Systems) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8 - Extra context menu item: Free YouTube Download - C:\Users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam) O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O9 - Extra Button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Programme\Get Styles\ct.htm () O9 - Extra 'Tools' menuitem : GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Programme\Get Styles\ct.htm () O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} hxxp://support.euro.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\text/html {574940E0-1B7A-4881-8FA3-1E809714B156} - Reg Error: Key error. File not found O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~1\windows searchqu toolbar\datamngr\datamngr.dll) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\WINDOWS\System32\ezShellStart.exe (EasyBits Software AS) O24 - Desktop WallPaper: C:\Users\Standard\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Standard\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\WINDOWS\System32\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.07.02 20:07:42 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\HpUpdate [2011.07.02 20:07:25 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard [2011.07.02 19:59:43 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Secunia PSI [2011.07.02 19:59:34 | 000,000,000 | ---D | C] -- C:\Programme\Secunia [2011.07.02 15:32:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.07.02 15:32:02 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2011.06.26 18:39:42 | 000,000,000 | ---D | C] -- C:\_OTL [2011.06.25 23:27:07 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011.06.25 20:58:50 | 000,000,000 | ---D | C] -- C:\Users\Standard\Desktop\Tools [2011.06.25 19:07:16 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Malwarebytes [2011.06.25 19:06:09 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.06.25 19:06:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.06.25 19:06:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.06.25 19:06:04 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.06.25 19:06:04 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.06.17 19:49:54 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA% [2011.06.17 14:43:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2011.06.17 14:27:36 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\go [2011.06.17 14:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Easybits GO [2011.06.14 18:32:20 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\SecurityHeroes [2011.06.14 12:32:17 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys [2011.06.14 12:32:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2011.06.14 12:31:58 | 000,000,000 | ---D | C] -- C:\Programme\LogMeIn Hamachi [2011.06.14 12:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch [2011.06.13 23:25:07 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2011.06.13 23:05:37 | 000,000,000 | ---D | C] -- C:\Programme\Yontoo Layers [2011.06.13 23:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2011.06.13 23:04:44 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\MediaGet2 [2011.06.13 18:41:09 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Activision [2011.06.11 16:40:52 | 000,000,000 | ---D | C] -- C:\Programme\THQ [2011.06.11 16:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.06.11 16:38:02 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\SKIDROW [2011.06.11 16:37:26 | 000,000,000 | ---D | C] -- C:\Programme\iPod [2011.06.11 16:37:22 | 000,000,000 | ---D | C] -- C:\Programme\iTunes [2011.06.11 10:18:46 | 000,000,000 | ---D | C] -- C:\Programme\DAMN NFO Viewer [2011.06.11 10:13:01 | 000,000,000 | ---D | C] -- C:\Users\Standard\Documents\My Games [2011.06.10 18:53:35 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Steam [2011.06.10 18:53:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2011.06.10 18:53:31 | 000,000,000 | ---D | C] -- C:\Programme\Steam [2009.04.15 13:48:43 | 000,147,456 | ---- | C] ( ) -- C:\Windows\System32\rsnp325.dll [2009.04.15 13:48:43 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\vsnp325.dll [2009.04.15 13:48:43 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp325.dll ========== Files - Modified Within 30 Days ========== [2011.07.03 13:19:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.07.03 13:02:11 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.07.03 13:02:11 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.07.03 11:02:24 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.07.03 11:02:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.07.03 11:02:05 | 3488,997,376 | -HS- | M] () -- C:\hiberfil.sys [2011.07.03 10:39:23 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.07.03 10:17:11 | 000,012,142 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110703_101707.reg [2011.07.02 23:51:15 | 000,089,088 | ---- | M] () -- C:\Windows\System32\mbr.exe [2011.07.02 19:59:36 | 000,000,899 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2011.07.02 15:37:03 | 000,000,702 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110702_153657.reg [2011.07.02 15:36:31 | 000,092,782 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110702_153623.reg [2011.07.02 14:18:26 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011.07.02 14:18:26 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2011.06.26 19:03:18 | 000,000,020 | ---- | M] () -- C:\Users\Standard\defogger_reenable [2011.06.26 18:55:24 | 000,736,020 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.06.26 18:55:24 | 000,696,750 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.06.26 18:55:24 | 000,168,278 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.06.26 18:55:24 | 000,142,466 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.06.26 18:39:42 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts [2011.06.26 13:39:00 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk [2011.06.26 13:20:54 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011.06.26 11:14:23 | 000,003,450 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110626_111419.reg [2011.06.25 23:29:04 | 000,000,000 | ---- | M] () -- C:\Windows\System32\.1 [2011.06.25 23:18:05 | 002,250,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.06.18 16:27:04 | 000,010,580 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110618_162654.reg [2011.06.18 10:19:13 | 000,101,980 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110618_101904.reg [2011.06.17 20:11:42 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011.06.17 20:11:42 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2011.06.16 11:03:38 | 000,270,776 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr [2011.06.16 11:01:19 | 000,111,928 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0 [2011.06.13 10:54:37 | 000,022,328 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\PnkBstrK.sys [2011.06.12 08:35:07 | 000,002,032 | ---- | M] () -- C:\Users\Standard\AppData\Local\d3d9caps.dat [2011.06.11 16:38:59 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk ========== Files Created - No Company Name ========== [2011.07.03 10:39:23 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.07.03 10:17:09 | 000,012,142 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110703_101707.reg [2011.07.02 23:52:36 | 000,089,088 | ---- | C] () -- C:\Windows\System32\mbr.exe [2011.07.02 19:59:36 | 000,000,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2011.07.02 19:59:36 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk [2011.07.02 15:36:58 | 000,000,702 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110702_153657.reg [2011.07.02 15:36:27 | 000,092,782 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110702_153623.reg [2011.06.26 19:02:56 | 000,000,020 | ---- | C] () -- C:\Users\Standard\defogger_reenable [2011.06.26 13:39:00 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk [2011.06.26 11:14:21 | 000,003,450 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110626_111419.reg [2011.06.25 23:29:04 | 000,000,000 | ---- | C] () -- C:\Windows\System32\.1 [2011.06.25 20:55:07 | 3488,997,376 | -HS- | C] () -- C:\hiberfil.sys [2011.06.18 16:27:00 | 000,010,580 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110618_162654.reg [2011.06.18 10:19:09 | 000,101,980 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110618_101904.reg [2011.06.18 10:16:01 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk [2011.06.17 20:11:42 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2011.06.17 20:11:42 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2011.06.17 14:28:58 | 000,001,589 | ---- | C] () -- C:\Users\Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spielen (EasyBits GO).lnk [2011.06.11 16:38:59 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.04.22 10:53:20 | 000,104,272 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2011.02.22 17:21:53 | 000,022,328 | ---- | C] () -- C:\Users\Standard\AppData\Roaming\PnkBstrK.sys [2011.01.05 04:17:40 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll [2010.12.15 21:33:32 | 000,002,975 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2010.12.08 19:35:34 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010.12.02 19:47:31 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll [2010.10.28 00:13:58 | 000,226,857 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2010.07.02 17:49:56 | 000,762,232 | ---- | C] () -- C:\Windows\System32\drivers\UDXTTM6010.sys [2010.02.27 17:35:01 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2010.02.11 09:58:56 | 000,004,096 | ---- | C] () -- C:\Windows\System32\detoured.dll [2010.02.07 12:42:46 | 000,479,232 | ---- | C] () -- C:\Windows\ssndii.exe [2010.02.07 12:42:20 | 000,026,624 | ---- | C] () -- C:\Windows\System32\ssp4ml3.dll [2009.12.12 19:12:18 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009.09.26 16:23:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\AlfaBIG32.dll [2009.09.24 15:26:17 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.09.24 15:26:17 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.08.31 14:03:42 | 000,262,144 | ---- | C] () -- C:\Windows\System32\EMRegSys.dll [2009.05.24 11:58:18 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2009.05.24 11:50:24 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2009.04.27 19:29:44 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll [2009.04.27 19:29:44 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe [2009.04.17 12:11:26 | 000,020,480 | ---- | C] () -- C:\Users\Standard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.04.15 13:48:44 | 000,835,584 | ---- | C] () -- C:\Windows\vsnp325.exe [2009.04.15 13:48:44 | 000,270,336 | ---- | C] () -- C:\Windows\tsnp325.exe [2009.04.15 13:48:44 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe [2009.04.15 13:48:44 | 000,015,498 | ---- | C] () -- C:\Windows\snp325.ini [2009.04.15 13:38:56 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat [2009.04.14 21:28:16 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2009.04.14 20:31:54 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2009.02.20 12:21:43 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009.01.28 10:08:03 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll [2009.01.28 09:51:29 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009.01.27 17:39:37 | 000,002,032 | ---- | C] () -- C:\Users\Standard\AppData\Local\d3d9caps.dat [2008.09.29 00:09:32 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2008.07.02 18:10:15 | 000,736,020 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.07.02 18:10:15 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.07.02 18:10:15 | 000,168,278 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.07.02 18:10:15 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2008.07.02 09:51:54 | 000,008,308 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat [2008.03.05 05:38:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe [2007.09.20 12:33:52 | 003,190,784 | ---- | C] () -- C:\Windows\System32\libavcodec.dll [2007.09.20 12:33:52 | 000,741,376 | ---- | C] () -- C:\Windows\System32\audxlib.dll [2007.09.20 12:33:52 | 000,662,016 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2007.09.20 12:33:52 | 000,511,488 | ---- | C] () -- C:\Windows\System32\ff_x264.dll [2007.09.20 12:33:52 | 000,405,504 | ---- | C] () -- C:\Windows\System32\libmplayer.dll [2007.09.20 12:33:52 | 000,245,760 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll [2007.09.20 12:33:52 | 000,221,184 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll [2007.09.20 12:33:52 | 000,200,704 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll [2007.09.20 12:33:52 | 000,155,648 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll [2007.09.20 12:33:52 | 000,143,360 | ---- | C] () -- C:\Windows\System32\ff_theora.dll [2007.09.20 12:33:52 | 000,122,880 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll [2007.09.20 12:33:52 | 000,118,784 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll [2007.09.20 12:33:52 | 000,114,688 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll [2007.09.20 12:33:52 | 000,097,280 | ---- | C] () -- C:\Windows\System32\ff_realaac.dll [2007.09.20 12:33:52 | 000,079,872 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll [2007.09.20 12:33:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll [2007.09.20 12:33:52 | 000,038,400 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll [2007.09.20 12:33:52 | 000,026,624 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll [2007.09.20 12:33:52 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 002,250,176 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,696,750 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,142,466 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.02.23 18:37:18 | 000,047,104 | ---- | C] () -- C:\Windows\System32\dsfFLACEncoder.dll [2006.02.23 17:37:06 | 000,047,616 | ---- | C] () -- C:\Windows\System32\dsfVorbisDecoder.dll [2006.02.23 17:36:22 | 000,102,400 | ---- | C] () -- C:\Windows\System32\dsfOggDemux2.dll [2006.02.23 17:35:56 | 000,053,248 | ---- | C] () -- C:\Windows\System32\dsfOGMDecoder.dll [2006.02.23 17:35:44 | 000,053,248 | ---- | C] () -- C:\Windows\System32\dsfNativeFLACSource.dll [2006.02.23 17:35:40 | 000,049,664 | ---- | C] () -- C:\Windows\System32\dsfFLACDecoder.dll [2006.02.23 17:34:58 | 000,083,456 | ---- | C] () -- C:\Windows\System32\libFLAC++.dll [2006.02.23 17:34:56 | 000,106,496 | ---- | C] () -- C:\Windows\System32\libFishSound.dll [2006.02.23 17:34:38 | 000,029,696 | ---- | C] () -- C:\Windows\System32\libOOOggSeek.dll [2006.02.23 17:34:26 | 001,108,480 | ---- | C] () -- C:\Windows\System32\vorbis.dll [2006.02.23 17:34:16 | 000,049,152 | ---- | C] () -- C:\Windows\System32\libOOogg.dll [2006.02.23 17:33:54 | 000,140,288 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2005.04.08 04:16:43 | 000,014,716 | -H-- | C] () -- C:\Users\Standard\AppData\Roaming\Standardlog.dat [2004.10.11 11:19:00 | 000,092,672 | ---- | C] () -- C:\Windows\System32\ASUSASV2.DLL [2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI ========== LOP Check ========== [2010.12.31 22:30:50 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Cuttermaran [2010.12.31 22:15:19 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\DVDVideoSoft [2010.12.31 22:15:52 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers [2009.12.11 18:12:35 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Engelmann Media [2010.11.14 22:48:52 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\flightgear.org [2011.01.21 17:08:12 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\GetRightToGo [2011.06.17 14:27:36 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\go [2011.02.26 14:12:07 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\HLSW [2011.07.03 10:50:51 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\ICQ [2011.06.25 20:53:35 | 000,000,000 | RHSD | M] -- C:\Users\Standard\AppData\Roaming\install [2010.10.20 06:46:54 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\InstantAction [2009.07.23 16:37:52 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\IrfanView [2010.11.08 22:16:39 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\JavaEditor [2010.12.07 16:22:23 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Leadertech [2009.06.06 17:57:37 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Miranda [2011.02.07 21:25:11 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Opera [2011.07.02 15:13:33 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Samsung [2011.06.14 18:32:20 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\SecurityHeroes [2009.12.15 19:10:24 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\SpeedProject [2010.07.02 17:52:31 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\TerraTec [2010.09.01 10:06:07 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Thunderbird [2010.02.12 18:04:21 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Webweaver [2011.02.07 19:14:05 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\WhiteSmoke [2009.04.17 13:09:51 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\WildTangent [2009.04.06 12:04:41 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\WinBatch [2011.07.03 11:01:14 | 000,032,554 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > 2. EXTRAS.TXT OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 03.07.2011 13:34:41 - Run 6
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Standard\Desktop\Tools
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 59,02% Memory free
6,73 Gb Paging File | 5,73 Gb Available in Paging File | 85,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 118,58 Gb Free Space | 50,92% Space Free | Partition Type: NTFS
Computer Name: TOBIAS-PC | User Name: Standard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{065DD2F7-9920-439F-BD04-0E3073B25533}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{0B4A45E2-5CFD-4367-A421-244382F6B85F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0C02E0C5-C730-45F9-8905-761654C45C4C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{19FE9E3E-85FF-4569-BDD9-2DDD3E02D8B9}" = rport=139 | protocol=6 | dir=out | app=system |
"{1C27ED59-8710-4B0D-81D3-7BC5A81855C4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2390DA5F-FFA4-4E25-8164-F16A9C9E2864}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{244264B0-7A1F-4F91-AFFE-084BE4DCC019}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{32ABC149-73D7-4A82-8A77-4C990C7FBC1E}" = lport=138 | protocol=17 | dir=in | app=system |
"{4C795BFC-BF53-49FE-B563-0C194924175A}" = lport=137 | protocol=17 | dir=in | app=system |
"{4D7AC7AB-C92E-4D3C-9C8F-FCC13AC552EA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{50EE43AD-15DA-46D3-9D61-E8AC076E637D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{554EC450-094C-43C9-ABBC-FAA54658E75A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5CB26342-473C-436A-818A-D8DC91F8C91D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5F207028-1998-4794-BA7C-E1A9D1C3B6DD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{631D8B3A-529D-416D-97D7-8B813DF2E8ED}" = lport=10243 | protocol=6 | dir=in | app=system |
"{64E52F38-D611-43E3-A9A1-1B251E8D6A64}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6E207099-C83C-458D-AED4-B2916C048D28}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{73526175-250A-4798-BAB6-6D82636F8BBE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{89EFE265-E1A6-4E88-9421-A3A669E63357}" = rport=445 | protocol=6 | dir=out | app=system |
"{9DFA0E9D-39C3-4D22-B3E6-32EE73ED76A5}" = lport=10301 | protocol=17 | dir=in | app=c:\program files\devolo\informer\devinf.exe |
"{A97E9E66-E36A-4A83-ACFB-2796A1A533F2}" = rport=137 | protocol=17 | dir=out | app=system |
"{ADA6E7CA-0EBA-453C-BE48-BEB2714AD344}" = lport=139 | protocol=6 | dir=in | app=system |
"{B21D5DA9-4407-4FFD-B791-72FB4E250912}" = lport=28960 | protocol=6 | dir=in | name=cod4 |
"{B3137CA7-6526-44DF-ADBA-BD51F36991D7}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{B42E7AEE-6A2B-4343-9461-0AB0DC54BFDD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B71098B0-C5F3-4858-986A-0EBC051D6732}" = rport=138 | protocol=17 | dir=out | app=system |
"{BE6126A6-6ADB-4259-AD06-908C8BC5D1DA}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{C71B8A78-D6B2-419A-89DB-50CE72190F8E}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C967780B-3F94-4760-B0B7-F63F6DDBA795}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CA7DCB4F-B4AE-433A-8754-0E19DB0FEE8E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DB1D00AB-4B99-47D6-80EF-A28E3F19A1DA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DD559780-8A6B-4BC0-BC71-B2B04EABF550}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E28EF668-EBF9-49D5-88ED-AE89CAAB5EA6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F37075E6-DF8E-4CE3-8407-29548006EB07}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F390B772-40D8-4A76-A5FD-AB50DE6A1E24}" = lport=10300 | protocol=6 | dir=in | app=c:\program files\devolo\informer\devinf.exe |
"{F87DB93A-8A65-40BC-B857-B65B4BA22872}" = lport=445 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0014C0BA-205B-4149-9B05-CB56F8A58915}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0065883F-1A8C-4049-BB2C-655E4C7925EC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{05903F01-EA69-4353-9C67-9C94EEA1612C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0BB9F8C3-4F11-424E-BFB3-15F548B0125A}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-203 |
"{101C2C69-BA7E-4E1B-B48E-F61A753E6F2D}" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{124E7BD5-10E7-4656-8052-A4F3AB8835C0}" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\insttool.exe |
"{15485653-9FE8-493B-970C-CA1D515C528B}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"{18795C90-77AF-4158-8F40-40F42D078CC6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1C53FC2B-B566-4552-951D-A53628B51D17}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{25EE3E7C-763D-4185-B9EB-CEA780989E0B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{28473026-2D1B-4B77-BA84-A0E5A2704323}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{30BB68EA-0214-404F-BCE5-41BE3FF888AE}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{30E64870-44A9-4CB1-9B14-022684A60092}" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{32A61BFF-3438-4AE3-AE81-BC950957B6D1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3791B316-7D65-4CA0-B0A8-FAF740333710}" = protocol=6 | dir=out | app=system |
"{3FCBC69B-B200-4D06-86F4-2585B4E2B40A}" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\cinergydvr.exe |
"{3FF7E4F4-1BD6-4F05-812B-CAD61DFE9F36}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"{4157F447-19CF-40DB-8335-98EF1A108E7C}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{4A65E5CC-988B-407B-B52D-86B9AA240978}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{552CFEF1-E7AC-4F88-B2BE-3D3923DB85E3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5C08BDCB-4901-4D28-BEBC-74BF2D081CFB}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{5E119DE7-1CBA-4835-A38B-C73660D18C12}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5E1DD7FB-1178-4F48-8CF7-FF7033109253}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5F777A5C-DAF8-4DC3-A382-69CE3D9608E7}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{7389CCD4-CDF6-44CA-9CCE-BB46741CBEE1}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{760A8222-C06E-4840-936B-E9772ABC432C}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{78EC60A4-320B-496B-90ED-4AC3BF99A198}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{79B8B291-80E7-4FEF-B068-B64791611776}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{816512E6-EB29-4A08-A763-F3F8B821ACF3}" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\cinergydvr.exe |
"{914D7F33-6967-429F-81A6-3BCAE17F8E82}" = protocol=58 | dir=in | app=system |
"{94268DF4-9A05-4B8C-9827-1B9DCBE40164}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{9ED55FC4-B4B7-4E8A-9CBA-EE8426BAA40C}" = protocol=6 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{A55090BD-3654-4CA8-B53A-2B245B5696BB}" = protocol=17 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{AA0080CB-4788-4EFD-90A3-671B3D63338C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AA088164-E56B-41C3-83E2-2FF443077B8E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AB27CB8B-A6B2-4973-9FCD-8C2C84CE3EE0}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{AF00C150-65A5-4FF6-8E54-9AC6EDD6D7ED}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B0D26DA5-42DC-43F7-86D9-4EBE7028F6C4}" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\insttool.exe |
"{B2489612-AB6D-4B8B-B6E8-D3AA5838CD1B}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{BD3DE542-BFC0-4706-8BF9-F01D4DFC19B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C217537B-B728-4A63-AF21-D8BBEDD0A6D6}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{CD9B160B-8168-4AD0-B412-5CE56F9B14C9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D186763E-6348-4F41-9995-266F79B5B465}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe |
"{D7B0126E-A388-42F1-9E3F-0AF030D5AAE0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E63AA1F5-9F20-400F-882D-B4EFCAC06DD9}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{F5D562D9-BB0A-453C-8235-2EE11FA2CA05}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe |
"{F70A60BC-FB90-488C-9A0A-9593A5C86E02}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FD224169-2DDE-4920-98BA-87D4FCE00EE1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{1252B7A3-20B5-4984-9EEC-FC575FE3D48C}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{14CFB5A8-3160-455C-BBA4-8C5559078E69}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{2762A398-F718-46BF-B017-5D812D1F8D2C}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"TCP Query User{390503DC-5D29-4BD4-BD9E-F9B7E17D7E4B}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"TCP Query User{6144204B-BEE8-4BA1-988C-6C07E207584A}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{6458BF47-D5DB-4246-ACAA-E26C67DF6FDF}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"TCP Query User{74F68D95-45CC-49D9-8A64-3AC2082985A7}C:\program files\asus\gamerosd\sbs.exe" = protocol=6 | dir=in | app=c:\program files\asus\gamerosd\sbs.exe |
"TCP Query User{786FF187-6C2F-4FC2-8C95-7930B451FD58}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{7F8CDB64-BF21-4BA3-91A2-CF9D633215D2}C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe |
"TCP Query User{872D96FE-0E56-470A-A1D8-F482D6048F2A}C:\program files\icq7.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"TCP Query User{A8EB65FC-DAA5-442B-AA29-18E0A7F97345}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"TCP Query User{AA420A76-7CCE-44D4-8259-EB9908F3712E}C:\program files\devolo\informer\devinf.exe" = protocol=6 | dir=in | app=c:\program files\devolo\informer\devinf.exe |
"TCP Query User{C9B165C1-843F-41F3-B36D-97BA636FA56E}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{F138B2A5-F65F-4513-A1FF-FCCF7B3CDDBD}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{F377A149-BE65-4496-89CF-FEA21E562E38}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{F99B2A89-36B4-474C-BB93-C5DE3080D993}C:\program files\activision\call of duty 4 - modern warfare\iw3mp 1.7 patched.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp 1.7 patched.exe |
"TCP Query User{F9C3A6F8-F4B2-4141-A706-616A6BD14FA7}C:\program files\hlsw\hlsw.exe" = protocol=6 | dir=in | app=c:\program files\hlsw\hlsw.exe |
"UDP Query User{06EE2C64-6C67-49C8-B376-BB12EE07710B}C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe |
"UDP Query User{29CA7137-E326-49C6-9D69-F7747D5AD4E1}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{2A8D35C6-001F-4884-AE7D-CC32CB63E06D}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{361CA2A3-8DA2-49A4-9F06-B025BE31C50F}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{39C842B5-4590-40BE-9A91-032612CBDF25}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{3BC66CCF-CEB8-4FFF-BED7-64DDE74307F3}C:\program files\icq7.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"UDP Query User{564ADE94-4393-477D-82AE-87271E387483}C:\program files\hlsw\hlsw.exe" = protocol=17 | dir=in | app=c:\program files\hlsw\hlsw.exe |
"UDP Query User{65503A8D-A917-4717-B542-6D5D242B1CBE}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"UDP Query User{65D4A092-3E9E-43A5-AF88-BA714B8FE44E}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{885BD7D7-8898-4199-9B60-93E0D4542C68}C:\program files\devolo\informer\devinf.exe" = protocol=17 | dir=in | app=c:\program files\devolo\informer\devinf.exe |
"UDP Query User{8F5E2C06-987E-41AF-8105-BD5A9EA7614C}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"UDP Query User{BA548024-5A37-4861-BB9C-324BEB654C7C}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{BEA529BB-B7C7-4F6A-A3F3-9D02FADED7EC}C:\program files\asus\gamerosd\sbs.exe" = protocol=17 | dir=in | app=c:\program files\asus\gamerosd\sbs.exe |
"UDP Query User{CDBB24A0-0C27-403D-9323-1580F5ACC006}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{D836FB33-9916-444D-95E2-F09E7097F5CD}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{E3A6A25B-22A3-4814-B0D8-AD7E07A5BDB8}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{E437B427-9A45-48F2-8160-3A63E287A3C0}C:\program files\activision\call of duty 4 - modern warfare\iw3mp 1.7 patched.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp 1.7 patched.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{06A940CD-4924-485E-8500-476C9E08A820}" = Samsung PC Studio 3
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0AAFCFAF-5544-EEAF-189B-C85B138112D1}" = ATI Catalyst Install Manager
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{12453E04-9738-4D16-8408-D726532C2C69}" = ASUS VGA Driver
"{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F0D5576-C383-4E5E-9906-0B47BECBB8B6}" = Hama Webcam Suite
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{283CF61A-FAB6-4690-0001-05B15D792AC7}" = freeTunes*2.0
"{28C3E5E6-5ACA-408D-9A46-089C5334EC97}" = HP Help and Support
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{30A68EDA-53FA-43B5-8007-D18ED1F61659}" = Jollenbeck
"{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}" = HP QuickTouch 1.00 D2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{32BC62C5-32B9-F838-ADD4-CFEF544C6888}" = ccc-core-static
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7
"{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008-Browser
"{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}" = HP Easy Setup - Frontend
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{582287DA-0806-4AC0-BF19-C15E3A466034}" = LightScribe System Software 1.12.33.2
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{738B0934-6676-44F6-AB52-32F4E60DCA7F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch)
"{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{771ABEA0-23AF-8F8E-63FE-168779F294B6}" = CCC Help English
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online
"{7E6066E6-8B5B-4100-B0FA-1D9E9B663CBA}" = iTunes
"{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}" = ASUS Gamer OSD
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86B247F9-1D5E-CCC6-3280-71486D9A4E70}" = ATI Stream SDK v2 Developer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers 1.10.01
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8B128562-681D-4FFA-BEBF-A825985B2CB9}" = AirPlus G DWL-G510
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{9F238A60-C445-4B81-8EDE-07DC924E98F8}" = HP MULTIPLE MODEM INSTALLER for VISTA
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A1399B3E-93A8-E865-EC9B-6B452E3094E5}" = Catalyst Control Center InstallProxy
"{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A83000000003}" = Adobe Reader 8.3.0 - Deutsch
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}" = HP Customer Experience Enhancements
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}" = Keyboard & Mouse Driver
"{BA6C526C-F50F-4F7D-920D-D55075E25C55}" = SPEED-LINK STEERING WHEEL DRIVER v4.1
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE4D9AE7-48F8-3A24-5C68-E064153618D3}" = Catalyst Control Center InstallProxy
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C91C4EF4-63E1-41EE-AE6A-5152628FDC21}" = Microsoft SQL Server 2008 Native Client
"{C92C89BB-1D11-C8D5-1584-D5259818479A}" = ccc-utility
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB71A20E-B1B4-4562-81FA-33E1DBD0342F}" = ProtectSmart Hard Drive Protection
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}" = Microsoft Visual Basic 2010 Express - DEU
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DB837331-6864-4B66-7248-4CB823DB4222}" = Catalyst Control Center InstallProxy
"{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EEF985E8-8B36-4230-B174-117A2381C17F}" = LogMeIn Hamachi
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F47C09DB-746B-2ABA-819B-8FC759034E74}" = Catalyst Control Center Graphics Previews Common
"{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}" = HP User Guides 0102
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}" = hama PC-Webcam AC-140
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v1.50
"AIM_6" = AIM
"Avira AntiVir Desktop" = Avira AntiVir Premium
"BiosAgentPlus" = BiosAgentPlus Plugin for Netscape by eSupport.com
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"dlanconf" = devolo dLAN-Konfigurationsassistent
"dslmon" = devolo Informer
"EasyBits Magic Desktop" = Magic Desktop
"Finale NotePad 2008" = Finale NotePad 2008
"FormatFactory" = FormatFactory 2.60
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Studio_is1" = Free Studio version 5.0.3
"Free Video Dub_is1" = Free Video Dub version 1.4
"Free YouTube Download_is1" = Free YouTube Download 2.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"FreePDF_XP" = FreePDF XP (Remove only)
"Get Styles" = Get Styles
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"HLSW_is1" = HLSW v1.3.3.7b
"ICQToolbar" = ICQ Toolbar
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"InstallShield_{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}" = Keyboard & Mouse Driver
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"IrfanView" = IrfanView (remove only)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200
"MegaTrainer XL_is1" = MegaTrainer XL V1.4.5.3-Beta
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual Basic 2010 Express - DEU" = Microsoft Visual Basic 2010 Express - DEU
"Mozilla Firefox 5.0 (x86 de)" = Mozilla Firefox 5.0 (x86 de)
"Mozilla Thunderbird (3.1.11)" = Mozilla Thunderbird (3.1.11)
"NetworkActiv AUTAPF 1.1" = NetworkActiv AUTAPF 1.1
"Notepad++" = Notepad++
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"s4uVoctra" = s4uVoctra
"Samsung ML-191x 252x Series" = Wartung Samsung ML-191x 252x Series
"Secunia PSI" = Secunia PSI (2.0.0.3003)
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"Uninstall_is1" = Uninstall 1.0.0.1
"Virtual DJ Home - Atomix Productions" = Virtual DJ Home - Atomix Productions
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"xvid" = XviD MPEG-4 Video Codec
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"Move Media Player" = Move Media Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 03.07.2011 04:09:10 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description =
Error - 03.07.2011 04:20:27 | Computer Name = Tobias-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 03.07.2011 04:20:27 | Computer Name = Tobias-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 03.07.2011 04:20:27 | Computer Name = Tobias-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 03.07.2011 04:20:27 | Computer Name = Tobias-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 03.07.2011 04:27:34 | Computer Name = Tobias-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel
0x47918b89, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18327, Zeitstempel 0x4cb73436,
Ausnahmecode 0xc000071b, Fehleroffset 0x00088d15, Prozess-ID 0x454, Anwendungsstartzeit
01cc395840f3f70c.
Error - 03.07.2011 04:31:09 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description =
Error - 03.07.2011 04:47:27 | Computer Name = Tobias-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel
0x47918b89, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18327, Zeitstempel 0x4cb73436,
Ausnahmecode 0xc000071b, Fehleroffset 0x00088d15, Prozess-ID 0x458, Anwendungsstartzeit
01cc395b5544be91.
Error - 03.07.2011 04:50:59 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description =
Error - 03.07.2011 05:03:54 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 31.03.2011 10:52:14 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 01.04.2011 11:39:16 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 01.04.2011 15:39:28 | Computer Name = Tobias-PC | Source = DCOM | ID = 10016
Description =
Error - 02.04.2011 11:18:10 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 02.04.2011 11:18:10 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 02.04.2011 11:18:10 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 02.04.2011 11:19:05 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 02.04.2011 11:19:07 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 02.04.2011 11:27:57 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 02.04.2011 11:27:57 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
|
|
03.07.2011, 13:05
| #27 |
| | Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsam 3. Hijack-Log Code:
ATTFilter
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
º º
hjtscanlist v2.0
º º
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Microsoft Windows [Version 6.0.6002]
C:
C:\hiberfil.sys ---------
C:\pagefile.sys ---------
03.07.2011 11:15 C:\System Volume Information --------- 4096
03.07.2011 11:00 C:\TDSSKiller.2.5.8.0_03.07.2011_11.00.06_log.txt --------- 67190
03.07.2011 10:47 C:\TDSSKiller.2.5.8.0_03.07.2011_10.46.37_log.txt --------- 67918
03.07.2011 10:35 C:\Config.Msi --------- 655360
03.07.2011 10:29 C:\WINDOWS --------- 28672
03.07.2011 10:14 C:\ProgramData --------- 12288
02.07.2011 22:05 C:\fpRedmon.log --------- 2989
26.06.2011 18:39 C:\_OTL --------- 0
26.06.2011 01:16 C:\Desktop --------- 28672
26.06.2011 00:01 C:\Washer2.rar --------- 0
17.06.2011 20:11 C:\IO.SYS --------- 0
17.06.2011 20:11 C:\MSDOS.SYS --------- 0
14.02.2011 22:51 C:\ATI --------- 0
11.01.2011 18:33 C:\PSFONTS --------- 0
17.12.2010 08:10 C:\Users --------- 4096
09.12.2010 21:44 C:\error.log --------- 90
08.12.2010 17:08 C:\$RECYCLE.BIN --------- 4096
13.04.2010 16:05 C:\img2-001.raw --------- 460824
12.02.2010 22:48 C:\xampp --------- 0
06.01.2010 11:41 C:\FRAGLIST.LUAR --------- 41715
06.01.2010 11:35 C:\boot --------- 8192
14.09.2009 18:11 C:\NotenBox 7 --------- 0
30.04.2009 16:59 C:\sqmdata00.sqm --------- 268
30.04.2009 16:59 C:\sqmnoopt00.sqm --------- 244
16.04.2009 13:47 C:\UpdaterforApp.ini --------- 26
11.04.2009 08:36 C:\bootmgr --------- 333257
20.02.2009 15:01 C:\SwSetup --------- 4096
28.01.2009 10:10 C:\bcmwl6.log --------- 87
27.01.2009 17:43 C:\IPH.PH --------- 373
27.01.2009 17:42 C:\System.sav --------- 0
27.01.2009 17:37 C:\Programme --------- 0
27.01.2009 13:50 C:\Intel --------- 0
02.07.2008 09:38 C:\MSOCache --------- 0
21.01.2008 04:32 C:\PerfLogs --------- 0
02.11.2006 15:02 C:\Documents and Settings --------- 0
18.09.2006 23:43 C:\config.sys --------- 10
18.09.2006 23:43 C:\autoexec.bat --------- 24
----------------------------------------
C:\Windows
03.07.2011 13:56 C:\Windows\bootstat.dat --------- 67584
03.07.2011 13:55 C:\Windows\WindowsUpdate.log --------- 291950
03.07.2011 10:29 C:\Windows\PFRO.log --------- 1422
14.04.2011 17:20 C:\Windows\win.ini --------- 525
16.02.2011 21:57 C:\Windows\DIFxAPI.dll --------- 319456
10.11.2010 03:28 C:\Windows\WLXPGSS.SCR --------- 301936
21.10.2010 20:57 C:\Windows\atiogl.xml --------- 22280
29.09.2010 14:11 C:\Windows\RtlExUpd.dll --------- 1251944
17.07.2009 03:44 C:\Windows\ssndii.exe --------- 479232
17.07.2009 02:41 C:\Windows\SmartCMS2.ico --------- 133757
17.07.2009 02:40 C:\Windows\Dr. Printer Icon.ico --------- 11502
17.07.2009 02:40 C:\Windows\AnyWeb Print.ico --------- 5430
17.04.2009 12:12 C:\Windows\ODBC.INI --------- 400
14.04.2009 20:31 C:\Windows\nsreg.dat --------- 0
11.04.2009 08:27 C:\Windows\explorer.exe --------- 2926592
28.01.2009 10:10 C:\Windows\bcmwl.log.4 --------- 530
28.01.2009 10:10 C:\Windows\bcmwl.log.3 --------- 44590
28.01.2009 10:08 C:\Windows\bcmwl.log.2 --------- 38234
28.01.2009 09:51 C:\Windows\ativpsrm.bin --------- 0
27.01.2009 13:48 C:\Windows\bcmwl.log.1 --------- 11242
27.01.2009 13:45 C:\Windows\xUninstall.bat --------- 251
29.07.2008 18:20 C:\Windows\ASMT_CE.dll --------- 90112
29.07.2008 18:20 C:\Windows\nVGA_i2c.dll --------- 57344
29.07.2008 18:20 C:\Windows\i2c_i.dll --------- 53248
29.07.2008 18:20 C:\Windows\i2c.dll --------- 57344
24.06.2008 17:40 C:\Windows\HPModemVersion.dll --------- 13312
21.01.2008 04:24 C:\Windows\regedit.exe --------- 134656
21.01.2008 04:24 C:\Windows\bfsvc.exe --------- 58880
21.01.2008 04:24 C:\Windows\fveupdate.exe --------- 13312
21.01.2008 04:24 C:\Windows\HelpPane.exe --------- 498176
21.01.2008 04:23 C:\Windows\notepad.exe --------- 151040
10.05.2007 13:18 C:\Windows\vsnp325.exe --------- 835584
21.04.2007 09:36 C:\Windows\tsnp325.exe --------- 270336
12.02.2007 14:50 C:\Windows\FixCamera.exe --------- 20480
02.11.2006 14:35 C:\Windows\WMSysPr9.prx --------- 316640
02.11.2006 14:34 C:\Windows\twain.dll --------- 94784
02.11.2006 14:34 C:\Windows\twunk_16.exe --------- 49680
02.11.2006 14:34 C:\Windows\twunk_32.exe --------- 31232
02.11.2006 11:45 C:\Windows\winhlp32.exe --------- 9216
02.11.2006 11:45 C:\Windows\hh.exe --------- 14848
19.09.2006 13:41 C:\Windows\HomePremium.xml --------- 8328
18.09.2006 23:46 C:\Windows\system.ini --------- 219
18.09.2006 23:43 C:\Windows\_default.pif --------- 707
03.07.2006 10:31 C:\Windows\amcap.exe --------- 94208
27.02.2004 17:36 C:\Windows\snp325.ini --------- 15498
27.02.2004 17:36 C:\Windows\snp325.src --------- 13023
23.06.2000 13:46 C:\Windows\WMPrfDeu.prx --------- 33820
----------------------------------------
C:\Windows\System
02.11.2006 14:34 C:\Windows\System\avicap.dll --------- 69584
02.11.2006 14:34 C:\Windows\System\mciseq.drv --------- 25264
02.11.2006 14:34 C:\Windows\System\msvideo.dll --------- 126912
02.11.2006 14:34 C:\Windows\System\mciavi.drv --------- 73376
02.11.2006 14:34 C:\Windows\System\mciwave.drv --------- 28160
02.11.2006 09:10 C:\Windows\System\OLESVR.DLL --------- 24064
02.11.2006 09:10 C:\Windows\System\WFWNET.DRV --------- 12704
02.11.2006 09:10 C:\Windows\System\COMMDLG.DLL --------- 32816
02.11.2006 09:10 C:\Windows\System\TIMER.DRV --------- 4048
02.11.2006 09:10 C:\Windows\System\mmtask.tsk --------- 1152
02.11.2006 09:10 C:\Windows\System\MMSYSTEM.DLL --------- 68992
02.11.2006 09:10 C:\Windows\System\mouse.drv --------- 2032
02.11.2006 09:10 C:\Windows\System\vga.drv --------- 2176
02.11.2006 09:10 C:\Windows\System\sound.drv --------- 1744
02.11.2006 09:10 C:\Windows\System\keyboard.drv --------- 2000
02.11.2006 09:10 C:\Windows\System\SHELL.DLL --------- 5120
02.11.2006 09:10 C:\Windows\System\system.drv --------- 3360
18.09.2006 23:43 C:\Windows\System\ver.dll --------- 9008
18.09.2006 23:43 C:\Windows\System\lzexpand.dll --------- 9936
18.09.2006 23:35 C:\Windows\System\stdole.tlb --------- 5532
----------------------------------------
C:\Windows\System32
03.07.2011 13:59 C:\Windows\system32\hjtscanlist.txt --------- 7256
03.07.2011 13:56 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3216
03.07.2011 13:56 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3216
03.07.2011 11:00 C:\Windows\system32\drivers --------- 81920
03.07.2011 10:22 C:\Windows\system32\catroot --------- 4096
02.07.2011 23:55 C:\Windows\system32\mbr.log --------- 1000
02.07.2011 15:18 C:\Windows\system32\Samsung_USB_Drivers --------- 0
02.07.2011 14:53 C:\Windows\system32\catroot2 --------- 4096
26.06.2011 18:55 C:\Windows\system32\perfh009.dat --------- 696750
26.06.2011 18:55 C:\Windows\system32\perfc009.dat --------- 142466
26.06.2011 18:55 C:\Windows\system32\perfh007.dat --------- 736020
26.06.2011 18:55 C:\Windows\system32\perfc007.dat --------- 168278
26.06.2011 18:55 C:\Windows\system32\PerfStringBackup.INI --------- 1741234
26.06.2011 13:20 C:\Windows\system32\FlashPlayerCPLApp.cpl --------- 404640
25.06.2011 23:29 C:\Windows\system32\.1 --------- 0
25.06.2011 23:18 C:\Windows\system32\FNTCACHE.DAT --------- 2250176
17.06.2011 19:49 C:\Windows\system32\%APPDATA% --------- 0
16.06.2011 11:03 C:\Windows\system32\PnkBstrB.xtr --------- 270776
16.06.2011 11:01 C:\Windows\system32\PnkBstrB.ex0 --------- 111928
13.06.2011 23:12 C:\Windows\system32\Tasks --------- 8192
12.05.2011 03:02 C:\Windows\system32\mrt.exe --------- 42829768
10.05.2011 08:06 C:\Windows\system32\usbaaplrc.dll --------- 4517664
22.04.2011 10:53 C:\Windows\system32\mlfcache.dat --------- 104272
15.04.2011 13:49 C:\Windows\system32\migration --------- 0
06.04.2011 16:20 C:\Windows\system32\jdns_sd.dll --------- 75040
06.04.2011 16:20 C:\Windows\system32\dnssd.dll --------- 91424
06.04.2011 16:20 C:\Windows\system32\dnssdX.dll --------- 197920
06.04.2011 16:20 C:\Windows\system32\dns-sd.exe --------- 107808
22.03.2011 23:19 C:\Windows\system32\DRVSTORE --------- 0
12.03.2011 23:55 C:\Windows\system32\XpsPrint.dll --------- 876032
10.03.2011 19:03 C:\Windows\system32\mfc42.dll --------- 1136640
10.03.2011 19:03 C:\Windows\system32\mfc42u.dll --------- 1162240
03.03.2011 17:42 C:\Windows\system32\inetcomm.dll --------- 739328
03.03.2011 17:40 C:\Windows\system32\Apphlpdm.dll --------- 28672
03.03.2011 15:35 C:\Windows\system32\GameUXLegacyGDFs.dll --------- 4240384
03.03.2011 15:25 C:\Windows\system32\win32k.sys --------- 2041856
02.03.2011 17:44 C:\Windows\system32\dnsrslvr.dll --------- 86528
02.03.2011 17:44 C:\Windows\system32\dnsapi.dll --------- 168448
23.02.2011 23:05 C:\Windows\system32\de-DE --------- 327680
23.02.2011 23:05 C:\Windows\system32\WindowsPowerShell --------- 0
22.02.2011 17:21 C:\Windows\system32\LogFiles --------- 0
22.02.2011 16:13 C:\Windows\system32\XpsGdiConverter.dll --------- 288768
22.02.2011 15:33 C:\Windows\system32\DWrite.dll --------- 1068544
22.02.2011 15:33 C:\Windows\system32\FntCache.dll --------- 797696
22.02.2011 08:21 C:\Windows\system32\wininet.dll --------- 916480
22.02.2011 08:21 C:\Windows\system32\urlmon.dll --------- 1210880
22.02.2011 08:19 C:\Windows\system32\occache.dll --------- 206848
22.02.2011 08:18 C:\Windows\system32\mstime.dll --------- 611840
22.02.2011 08:17 C:\Windows\system32\mshtmled.dll --------- 66560
22.02.2011 08:17 C:\Windows\system32\mshtml.dll --------- 5962240
22.02.2011 08:17 C:\Windows\system32\msfeedsbs.dll --------- 55296
22.02.2011 08:17 C:\Windows\system32\msfeeds.dll --------- 602112
22.02.2011 08:17 C:\Windows\system32\licmgr10.dll --------- 43520
22.02.2011 08:16 C:\Windows\system32\jsproxy.dll --------- 25600
22.02.2011 08:16 C:\Windows\system32\inetcpl.cpl --------- 1469440
22.02.2011 08:16 C:\Windows\system32\iesetup.dll --------- 71680
22.02.2011 08:16 C:\Windows\system32\iertutil.dll --------- 1991680
22.02.2011 08:16 C:\Windows\system32\iesysprep.dll --------- 109056
22.02.2011 08:16 C:\Windows\system32\ieui.dll --------- 164352
22.02.2011 08:16 C:\Windows\system32\iepeers.dll --------- 184320
22.02.2011 08:16 C:\Windows\system32\ieframe.dll --------- 11080704
22.02.2011 08:16 C:\Windows\system32\iernonce.dll --------- 55808
22.02.2011 08:16 C:\Windows\system32\iedkcs32.dll --------- 387584
22.02.2011 07:20 C:\Windows\system32\html.iec --------- 385024
22.02.2011 06:43 C:\Windows\system32\ieUnatt.exe --------- 133632
22.02.2011 06:43 C:\Windows\system32\ie4uinit.exe --------- 173568
22.02.2011 06:43 C:\Windows\system32\msfeedssync.exe --------- 13312
22.02.2011 06:42 C:\Windows\system32\mshtml.tlb --------- 1638912
17.02.2011 08:23 C:\Windows\system32\vbscript.dll --------- 420864
17.02.2011 08:19 C:\Windows\system32\jscript.dll --------- 726528
16.02.2011 21:57 C:\Windows\system32\RTCOM --------- 0
16.02.2011 18:16 C:\Windows\system32\atmlib.dll --------- 34304
16.02.2011 16:02 C:\Windows\system32\atmfd.dll --------- 292864
15.02.2011 18:19 C:\Windows\system32\en-US --------- 8192
14.02.2011 22:55 C:\Windows\system32\CCCInstall_201102142155314510.log --------- 16561
02.02.2011 18:11 C:\Windows\system32\MpSigStub.exe --------- 222080
01.02.2011 08:07 C:\Windows\system32\WDI --------- 4096
31.01.2011 23:07 C:\Windows\system32\QuickTime --------- 0
21.01.2011 18:35 C:\Windows\system32\shell32.dll --------- 11586048
21.01.2011 18:35 C:\Windows\system32\shlwapi.dll --------- 353280
20.01.2011 18:08 C:\Windows\system32\dxgi.dll --------- 478720
20.01.2011 18:08 C:\Windows\system32\d3d10_1.dll --------- 160768
20.01.2011 18:08 C:\Windows\system32\d3d10.dll --------- 1029120
20.01.2011 18:08 C:\Windows\system32\d3d10core.dll --------- 189952
20.01.2011 18:08 C:\Windows\system32\d3d10_1core.dll --------- 219648
20.01.2011 18:07 C:\Windows\system32\winspool.drv --------- 258048
20.01.2011 18:07 C:\Windows\system32\stobject.dll --------- 586240
20.01.2011 18:07 C:\Windows\system32\shdocvw.dll --------- 1075712
20.01.2011 18:06 C:\Windows\system32\mf.dll --------- 2873344
20.01.2011 18:06 C:\Windows\system32\printfilterpipelineprxy.dll --------- 26112
20.01.2011 18:04 C:\Windows\system32\mfplat.dll --------- 209920
20.01.2011 18:04 C:\Windows\system32\mfps.dll --------- 98816
20.01.2011 16:28 C:\Windows\system32\xpsservices.dll --------- 1554432
20.01.2011 16:25 C:\Windows\system32\OpcServices.dll --------- 847360
20.01.2011 16:24 C:\Windows\system32\XpsRasterService.dll --------- 135680
20.01.2011 16:15 C:\Windows\system32\MFH264Dec.dll --------- 979456
20.01.2011 16:14 C:\Windows\system32\MFHEAACdec.dll --------- 357376
----------------------------------------
C:\Windows\Prefetch
03.07.2011 13:59 C:\Windows\Prefetch\CONIME.EXE-B273009A.pf --------- 10904
03.07.2011 13:59 C:\Windows\Prefetch\CMD.EXE-89305D47.pf --------- 7354
03.07.2011 13:59 C:\Windows\Prefetch\DLLHOST.EXE-893DDF55.pf --------- 21264
03.07.2011 13:59 C:\Windows\Prefetch\IPODSERVICE.EXE-FE1A6FF7.pf --------- 23694
03.07.2011 13:59 C:\Windows\Prefetch\WMPNETWK.EXE-BD0344CA.pf --------- 54630
03.07.2011 13:59 C:\Windows\Prefetch\CONSENT.EXE-65F6206D.pf --------- 115800
03.07.2011 13:59 C:\Windows\Prefetch\ReadyBoot --------- 4096
03.07.2011 13:58 C:\Windows\Prefetch\WERMGR.EXE-2A1BCBC7.pf --------- 62890
03.07.2011 13:58 C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-AA7A1FDD.pf --------- 17222
03.07.2011 13:58 C:\Windows\Prefetch\CCC.EXE-ECD4BD27.pf --------- 202342
03.07.2011 13:57 C:\Windows\Prefetch\AVWEBGRD.EXE-6C715CD9.pf --------- 36724
03.07.2011 13:57 C:\Windows\Prefetch\AVMAILC.EXE-C21D94C0.pf --------- 29494
03.07.2011 13:55 C:\Windows\Prefetch\AgGlFgAppHistory.db --------- 2560255
03.07.2011 13:55 C:\Windows\Prefetch\AgGlFaultHistory.db --------- 804349
03.07.2011 13:55 C:\Windows\Prefetch\AgRobust.db --------- 389460
03.07.2011 13:55 C:\Windows\Prefetch\PfSvPerfStats.bin --------- 508
03.07.2011 13:54 C:\Windows\Prefetch\NOTEPAD.EXE-EB1B961A.pf --------- 25122
03.07.2011 13:54 C:\Windows\Prefetch\WMIPRVSE.EXE-43972D0F.pf --------- 34778
03.07.2011 13:54 C:\Windows\Prefetch\CHECKT.EXE-E99D2731.pf --------- 94626
03.07.2011 13:53 C:\Windows\Prefetch\DLLHOST.EXE-71214090.pf --------- 25736
03.07.2011 13:37 C:\Windows\Prefetch\NOTEPAD.EXE-3D2AFDB4.pf --------- 15706
03.07.2011 13:36 C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2163405644-2042700254-2785213940-1000.db --------- 1017334
03.07.2011 13:36 C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2163405644-2042700254-2785213940-1000.db --------- 2284948
03.07.2011 13:34 C:\Windows\Prefetch\OTL.EXE-0A3BC41B.pf --------- 28398
03.07.2011 13:27 C:\Windows\Prefetch\TASKENG.EXE-5BAF290C.pf --------- 25744
03.07.2011 13:19 C:\Windows\Prefetch\GOOGLEUPDATE.EXE-8973CEDD.pf --------- 35438
03.07.2011 11:52 C:\Windows\Prefetch\SVCHOST.EXE-8FD92526.pf --------- 94428
03.07.2011 11:52 C:\Windows\Prefetch\VSSVC.EXE-04D079CC.pf --------- 61646
03.07.2011 11:42 C:\Windows\Prefetch\Layout.ini --------- 1807594
03.07.2011 11:15 C:\Windows\Prefetch\WERFAULT.EXE-B7E27BE5.pf --------- 104434
03.07.2011 11:06 C:\Windows\Prefetch\WMIADAP.EXE-369DF1CD.pf --------- 20310
03.07.2011 11:06 C:\Windows\Prefetch\HPHC_SERVICE.EXE-B8B935C8.pf --------- 46146
03.07.2011 11:06 C:\Windows\Prefetch\GOOGLECRASHHANDLER.EXE-B9A8DC96.pf --------- 24192
03.07.2011 11:06 C:\Windows\Prefetch\MSCORSVW.EXE-FAA88858.pf --------- 14966
03.07.2011 11:05 C:\Windows\Prefetch\CONTROL.EXE-9459D5A0.pf --------- 31034
03.07.2011 11:05 C:\Windows\Prefetch\SVCHOST.EXE-135A30D8.pf --------- 22964
03.07.2011 11:04 C:\Windows\Prefetch\WMPNSCFG.EXE-DF1DD51A.pf --------- 20296
03.07.2011 11:00 C:\Windows\Prefetch\VERCLSID.EXE-4D95F5A7.pf --------- 16352
03.07.2011 10:55 C:\Windows\Prefetch\EXPLORER.EXE-7A3328DA.pf --------- 157318
03.07.2011 10:47 C:\Windows\Prefetch\LOGONUI.EXE-1BEE4A84.pf --------- 37114
03.07.2011 00:18 C:\Windows\Prefetch\RUNDLL32.EXE-E447C111.pf --------- 26820
02.07.2011 14:34 C:\Windows\Prefetch\THUNDERBIRD.EXE-EDED9AF7.pf --------- 182442
27.06.2011 00:07 C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2163405644-2042700254-2785213940-500.db --------- 575455
27.06.2011 00:07 C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2163405644-2042700254-2785213940-500.db --------- 150088
26.06.2011 22:43 C:\Windows\Prefetch\AgCx_SC3_C762E5C1.db --------- 438398
26.06.2011 22:40 C:\Windows\Prefetch\AgCx_S1_S-1-5-21-2163405644-2042700254-2785213940-1000.snp.db --------- 4656078
26.06.2011 18:46 C:\Windows\Prefetch\AgCx_S1_S-1-5-21-2163405644-2042700254-2785213940-500.snp.db --------- 4839434
26.06.2011 11:17 C:\Windows\Prefetch\AVWSC.EXE-877F4F63.pf --------- 32998
16.06.2011 22:24 C:\Windows\Prefetch\AgCx_SC1.db --------- 851058
16.06.2011 22:23 C:\Windows\Prefetch\AgCx_SC1.db.trx --------- 240616
16.06.2011 10:26 C:\Windows\Prefetch\AgCx_SC2.db --------- 964264
14.11.2009 14:06 C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2163405644-2042700254-2785213940-1006.db --------- 1028005
14.11.2009 14:06 C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2163405644-2042700254-2785213940-1006.db --------- 920232
14.04.2009 18:17 C:\Windows\Prefetch\AgAppLaunch.db --------- 332116
----------------------------------------
C:\Windows\Tasks
03.07.2011 13:57 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 1098
03.07.2011 13:56 C:\Windows\Tasks\SA.DAT --------- 6
03.07.2011 13:55 C:\Windows\Tasks\SCHEDLGU.TXT --------- 32554
03.07.2011 13:19 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job --------- 1102
----------------------------------------
C:\Windows\Temp
03.07.2011 02:37 C:\Windows\Temp\java_install_reg.log --------- 416
03.07.2011 02:37 C:\Windows\Temp\hsperfdata_TOBIAS-PC$ --------- 0
03.07.2011 00:32 C:\Windows\Temp\Adobe --------- 0
----------------------------------------
C:\Users\Standard\AppData\Local\Temp
03.07.2011 13:59 C:\Users\Standard\AppData\Local\Temp\WPDNSE --------- 0
03.07.2011 13:55 C:\Users\Standard\AppData\Local\Temp\ehmsas.txt --------- 2
03.07.2011 10:16 C:\Users\Standard\AppData\Local\Temp\CC3BC8.tmp --------- 21756
03.07.2011 00:31 C:\Users\Standard\AppData\Local\Temp\~DF7BFD.tmp --------- 147456
02.07.2011 22:06 C:\Users\Standard\AppData\Local\Temp\amt.log --------- 5353
02.07.2011 22:06 C:\Users\Standard\AppData\Local\Temp\alm.log --------- 4205
02.07.2011 22:06 C:\Users\Standard\AppData\Local\Temp\swtag.log --------- 1208
02.07.2011 22:06 C:\Users\Standard\AppData\Local\Temp\Low --------- 0
02.07.2011 20:13 C:\Users\Standard\AppData\Local\Temp\jusched.log --------- 4223
02.07.2011 20:13 C:\Users\Standard\AppData\Local\Temp\JAUReg.log --------- 344
02.07.2011 20:13 C:\Users\Standard\AppData\Local\Temp\MSI50416.LOG --------- 244
02.07.2011 20:13 C:\Users\Standard\AppData\Local\Temp\java_install_reg.log --------- 2751
02.07.2011 20:13 C:\Users\Standard\AppData\Local\Temp\AUCHECK_PARSER.txt --------- 183
02.07.2011 20:07 C:\Users\Standard\AppData\Local\Temp\MSIf5d7e.LOG --------- 160
02.07.2011 15:13 C:\Users\Standard\AppData\Local\Temp\{CA1ED47B-D1E3-4A30-BC06-072C6AFF0906} --------- 0
02.07.2011 15:09 C:\Users\Standard\AppData\Local\Temp\{F582B79D-3236-4F13-92F3-0E20F112A78D} --------- 0
20.02.2004 21:45 C:\Users\Standard\AppData\Local\Temp\vmpremov.exe --------- 61440
----------------------------------------
C:\Program Files
03.07.2011 10:39 C:\Program Files\Mozilla Firefox --------- 28672
03.07.2011 10:15 C:\Program Files\WashAndGo --------- 0
02.07.2011 20:13 C:\Program Files\Adobe --------- 4096
02.07.2011 19:59 C:\Program Files\Secunia --------- 0
02.07.2011 15:32 C:\Program Files\CCleaner --------- 0
02.07.2011 15:29 C:\Program Files\ICQ7.5 --------- 8192
02.07.2011 15:13 C:\Program Files\Samsung --------- 0
02.07.2011 14:17 C:\Program Files\Mozilla Thunderbird --------- 28672
26.06.2011 18:48 C:\Program Files\Google --------- 4096
26.06.2011 11:13 C:\Program Files\Steam --------- 8192
25.06.2011 19:06 C:\Program Files\Malwarebytes' Anti-Malware --------- 4096
14.06.2011 12:32 C:\Program Files\LogMeIn Hamachi --------- 4096
13.06.2011 23:05 C:\Program Files\Yontoo Layers --------- 0
13.06.2011 22:17 C:\Program Files\InstallShield Installation Information --------- 12288
13.06.2011 10:23 C:\Program Files\Activision --------- 0
11.06.2011 16:40 C:\Program Files\THQ --------- 0
11.06.2011 16:38 C:\Program Files\iTunes --------- 4096
11.06.2011 16:37 C:\Program Files\iPod --------- 0
11.06.2011 10:18 C:\Program Files\DAMN NFO Viewer --------- 4096
10.06.2011 18:53 C:\Program Files\Common Files --------- 4096
16.05.2011 15:15 C:\Program Files\Skype --------- 0
12.05.2011 03:02 C:\Program Files\Windows Mail --------- 4096
03.05.2011 13:32 C:\Program Files\ICQ6Toolbar --------- 4096
27.04.2011 10:11 C:\Program Files\ICQ7.4 --------- 8192
25.04.2011 18:05 C:\Program Files\Cheat Engine --------- 8192
23.04.2011 19:36 C:\Program Files\Microsoft Silverlight --------- 0
23.04.2011 19:32 C:\Program Files\Keyboard & Mouse Driver --------- 4096
21.04.2011 17:47 C:\Program Files\Bonjour --------- 0
19.04.2011 21:51 C:\Program Files\DVDVideoSoft --------- 4096
19.04.2011 18:47 C:\Program Files\ICQ7.2 --------- 12288
18.04.2011 16:01 C:\Program Files\Paint.NET --------- 8192
15.04.2011 13:49 C:\Program Files\Internet Explorer --------- 4096
05.04.2011 17:46 C:\Program Files\NetworkActiv AUTAPF 1.1 --------- 0
22.03.2011 23:17 C:\Program Files\Apple Software Update --------- 4096
03.03.2011 21:49 C:\Program Files\VirtualDJ --------- 4096
23.02.2011 19:33 C:\Program Files\HLSW --------- 4096
16.02.2011 21:58 C:\Program Files\Temp --------- 0
16.02.2011 21:57 C:\Program Files\Realtek --------- 0
15.02.2011 18:14 C:\Program Files\D-Link --------- 0
14.02.2011 23:00 C:\Program Files\ATI --------- 0
14.02.2011 23:00 C:\Program Files\ATI Stream --------- 0
14.02.2011 23:00 C:\Program Files\ATI Technologies --------- 0
12.02.2011 21:36 C:\Program Files\FinalWire --------- 0
08.02.2011 23:10 C:\Program Files\Electronic Arts --------- 0
08.02.2011 20:38 C:\Program Files\EA GAMES --------- 4096
08.02.2011 19:43 C:\Program Files\Franzis --------- 0
07.02.2011 21:25 C:\Program Files\Opera --------- 4096
31.01.2011 23:07 C:\Program Files\TechSmith --------- 0
31.01.2011 22:17 C:\Program Files\Windows Live --------- 0
30.01.2011 00:33 C:\Program Files\Microsoft Visual Studio 10.0 --------- 4096
30.01.2011 00:29 C:\Program Files\Microsoft Help Viewer --------- 0
27.01.2011 23:17 C:\Program Files\Microsoft Works --------- 28672
26.01.2011 21:01 C:\Program Files\Microsoft SQL Server Compact Edition --------- 0
25.01.2011 23:54 C:\Program Files\QuickTime --------- 4096
19.01.2011 18:29 C:\Program Files\BrowserCap --------- 4096
15.01.2011 20:56 C:\Program Files\WinRAR --------- 4096
15.01.2011 16:11 C:\Program Files\Adobe Media Player --------- 0
11.01.2011 18:33 C:\Program Files\Finale NotePad 2008 --------- 4096
02.01.2011 01:08 C:\Program Files\Alcohol Soft --------- 0
31.12.2010 22:50 C:\Program Files\FreeTime --------- 0
30.12.2010 15:02 C:\Program Files\devolo --------- 0
17.12.2010 21:44 C:\Program Files\Java --------- 0
14.11.2010 22:50 C:\Program Files\FlightGear --------- 4096
08.11.2010 22:17 C:\Program Files\JavaEditor --------- 0
01.11.2010 11:03 C:\Program Files\Microsoft Visual Studio 9.0 --------- 4096
15.10.2010 18:52 C:\Program Files\Windows Media Player --------- 4096
07.09.2010 09:30 C:\Program Files\Get Styles --------- 0
14.08.2010 19:53 C:\Program Files\CyberLink --------- 0
11.08.2010 19:32 C:\Program Files\Movie Maker --------- 4096
02.07.2010 17:51 C:\Program Files\TerraTec --------- 0
25.06.2010 22:42 C:\Program Files\Microsoft.NET --------- 0
04.05.2010 17:02 C:\Program Files\AIM6 --------- 8192
27.02.2010 18:02 C:\Program Files\Notepad++ --------- 4096
27.02.2010 17:35 C:\Program Files\EasyBits For Kids --------- 16384
12.02.2010 17:35 C:\Program Files\Webweaver --------- 4096
07.02.2010 12:42 C:\Program Files\SamsungPrinterLiveUpdate --------- 0
11.12.2009 17:55 C:\Program Files\Engelmann Media --------- 0
01.12.2009 20:32 C:\Program Files\Cornelsen --------- 0
18.11.2009 22:17 C:\Program Files\Windows Portable Devices --------- 0
26.09.2009 16:12 C:\Program Files\Ruling Technologies --------- 0
24.09.2009 19:49 C:\Program Files\Windows Calendar --------- 0
24.09.2009 19:49 C:\Program Files\Windows Sidebar --------- 4096
24.09.2009 19:49 C:\Program Files\Windows Collaboration --------- 4096
24.09.2009 19:49 C:\Program Files\Windows Journal --------- 4096
24.09.2009 19:49 C:\Program Files\Windows Photo Gallery --------- 4096
24.09.2009 19:49 C:\Program Files\Windows Defender --------- 4096
05.09.2009 19:38 C:\Program Files\DivX --------- 8192
30.08.2009 11:29 C:\Program Files\Real --------- 0
25.08.2009 15:06 C:\Program Files\VideoLAN --------- 0
23.07.2009 16:37 C:\Program Files\IrfanView --------- 4096
25.06.2009 16:36 C:\Program Files\source4u --------- 0
22.06.2009 14:49 C:\Program Files\DynaGeo --------- 0
06.06.2009 17:59 C:\Program Files\Miranda IM --------- 4096
27.04.2009 19:37 C:\Program Files\FreePDF_XP --------- 8192
27.04.2009 19:27 C:\Program Files\ghostscript --------- 0
17.04.2009 13:12 C:\Program Files\HP Games --------- 12288
17.04.2009 10:59 C:\Program Files\Microsoft SQL Server --------- 0
17.04.2009 10:50 C:\Program Files\Microsoft Synchronization Services --------- 0
17.04.2009 10:47 C:\Program Files\Microsoft SDKs --------- 0
15.04.2009 13:50 C:\Program Files\Hama --------- 0
14.04.2009 21:33 C:\Program Files\Microsoft Office --------- 4096
14.04.2009 21:27 C:\Program Files\Microsoft Visual Studio --------- 0
14.04.2009 21:07 C:\Program Files\Avira --------- 0
14.04.2009 19:55 C:\Program Files\My Company Name --------- 0
14.04.2009 19:50 C:\Program Files\ASUS --------- 0
20.02.2009 10:55 C:\Program Files\MSXML 4.0 --------- 0
28.01.2009 10:18 C:\Program Files\Atheros --------- 0
28.01.2009 10:18 C:\Program Files\Cisco --------- 0
27.01.2009 17:43 C:\Program Files\Online Services --------- 4096
27.01.2009 17:37 C:\Program Files\Windows NT --------- 4096
27.01.2009 17:37 C:\Program Files\Gemeinsame Dateien --------- 0
27.01.2009 13:51 C:\Program Files\Hewlett-Packard --------- 4096
27.01.2009 13:50 C:\Program Files\Intel --------- 0
27.01.2009 13:47 C:\Program Files\Broadcom --------- 0
27.01.2009 13:46 C:\Program Files\IDT --------- 4096
27.01.2009 13:44 C:\Program Files\Synaptics --------- 0
02.07.2008 10:00 C:\Program Files\HP --------- 4096
02.07.2008 09:41 C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites --------- 8192
21.01.2008 04:43 C:\Program Files\desktop.ini --------- 174
02.11.2006 15:01 C:\Program Files\Uninstall Information --------- 0
02.11.2006 14:37 C:\Program Files\Reference Assemblies --------- 0
02.11.2006 14:37 C:\Program Files\MSBuild --------- 0
02.11.2006 14:37 C:\Program Files\Microsoft Games --------- 4096
----------------------------------------
C:\ProgramData\..
Standard
Administrator
ap
Public
Default
desktop.ini
Default User
All Users
----------------------------------------
C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
----------------------------------------
Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process 0 Services 0 24 K
System 4 Services 0 3.312 K
smss.exe 420 Services 0 760 K
csrss.exe 488 Services 0 6.088 K
wininit.exe 560 Services 0 4.040 K
csrss.exe 568 Console 1 15.108 K
services.exe 604 Services 0 7.964 K
lsass.exe 616 Services 0 9.140 K
lsm.exe 624 Services 0 3.900 K
svchost.exe 792 Services 0 6.664 K
winlogon.exe 808 Console 1 5.652 K
svchost.exe 892 Services 0 6.800 K
atiesrxx.exe 940 Services 0 3.060 K
svchost.exe 980 Services 0 10.996 K
svchost.exe 1012 Services 0 76.120 K
svchost.exe 1024 Services 0 22.472 K
audiodg.exe 1168 Services 0 17.672 K
svchost.exe 1208 Services 0 4.872 K
SLsvc.exe 1228 Services 0 11.700 K
hpservice.exe 1304 Services 0 4.724 K
atieclxx.exe 1352 Console 1 5.304 K
svchost.exe 1436 Services 0 15.440 K
svchost.exe 1460 Services 0 12.544 K
spoolsv.exe 1724 Services 0 11.360 K
sched.exe 1752 Services 0 3.868 K
dwm.exe 1996 Console 1 3.880 K
taskeng.exe 2024 Console 1 9.780 K
taskeng.exe 232 Services 0 5.860 K
explorer.exe 272 Console 1 35.936 K
IAAnotif.exe 1796 Console 1 6.040 K
issch.exe 684 Console 1 4.432 K
avgnt.exe 1856 Console 1 3.032 K
tsnp325.exe 1320 Console 1 7.152 K
vsnp325.exe 1196 Console 1 5.996 K
StartAutorun.exe 2016 Console 1 3.884 K
iTunesHelper.exe 204 Console 1 12.308 K
ehtray.exe 1528 Console 1 1.000 K
TTTvRc.exe 784 Console 1 15.476 K
wmpnscfg.exe 1220 Console 1 4.980 K
ICQ.exe 1520 Console 1 41.208 K
psi_tray.exe 1276 Console 1 3.208 K
KMCONFIG.exe 2120 Console 1 7.488 K
KMProcess.exe 2276 Console 1 6.112 K
ehmsas.exe 2304 Console 1 4.220 K
ACService.exe 2324 Services 0 3.356 K
AEstSrv.exe 2364 Services 0 1.636 K
avguard.exe 2376 Services 0 89.884 K
AppleMobileDeviceService. 2396 Services 0 7.396 K
mDNSResponder.exe 2444 Services 0 5.416 K
svchost.exe 2464 Services 0 5.032 K
avshadow.exe 2472 Services 0 6.044 K
hamachi-2.exe 2508 Services 0 7.568 K
IAANTmon.exe 2632 Services 0 5.596 K
ICQ Service.exe 2692 Services 0 6.116 K
KMWDSrv.exe 2724 Services 0 3.616 K
LSSrvc.exe 2748 Services 0 3.756 K
MDM.EXE 2796 Services 0 4.268 K
sqlservr.exe 2820 Services 0 41.004 K
QPCapSvc.exe 2876 Services 0 14.400 K
QPSched.exe 2912 Services 0 6.524 K
sqlwriter.exe 2940 Services 0 7.044 K
StarWindServiceAE.exe 2984 Services 0 5.428 K
svchost.exe 3016 Services 0 6.432 K
WLIDSVC.EXE 3056 Services 0 11.476 K
SearchIndexer.exe 3124 Services 0 8.852 K
WLIDSVCM.EXE 3244 Services 0 2.780 K
avmailc.exe 4000 Services 0 312 K
avwebgrd.exe 4052 Services 0 10.912 K
ielowutil.exe 2168 Console 1 5.564 K
SearchProtocolHost.exe 4044 Services 0 5.536 K
SearchFilterHost.exe 3072 Services 0 4.452 K
wmpnetwk.exe 2888 Services 0 8.584 K
iPodService.exe 3516 Services 0 5.324 K
cmd.exe 1180 Console 1 3.044 K
conime.exe 1236 Console 1 3.356 K
tasklist.exe 2996 Console 1 4.688 K
WmiPrvSE.exe 2496 Services 0 5.824 K
***** Ende des Scans 03.07.2011 um 13:59:33,57 ***
|
|
03.07.2011, 15:26
| #28 |
| | Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsam 4. Malwarebyte Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Datenbank Version: 7010
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19048
03.07.2011 16:23:47
mbam-log-2011-07-03 (16-23-47).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 475460
Laufzeit: 2 Stunde(n), 14 Minute(n), 20 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Freue mich über weitere Tipps - Danke im Voraus! T |
|
03.07.2011, 18:02
| #29 |
| | Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsam Hallo Kira, habe mal die installlieerten Programme entmüllt und wo möglich updates nachgezogen - auch die Windows-Update-Funkion läuft wieder und hat rund 25 Updates installiert. Leider sit mir bis dato aber der nicht startbare Sicherheitscenter geblieben :-( Gibt's Chancen auch diesen Bug noch zu heilen? LG T |
|
03.07.2011, 21:51
| #30 |
| | Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsam Hallo Kira, habe nach Stöbern im Internet zu 'Sicherheitscenter lässt sich nicht aktivieren' über die Computer-Diensteverwaltung (Computer, rechte Taste 'Verwalten', ...) die Dienste Sicherheitscenter, Windows Defender und Windows Firewall von Status deaktiviert auf automatisch gesetzt. Damit ist die Fehlermeldung des Sicherheitscenters passé. Wars das? Würde mich über ein fachkundiges Urteil sehr freuen - Greets, T |
|
| Themen zu Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsam |
| aktionen, avira, beste, besten, bootet, diverser, erkannt, erstell, erstellt, fehler, google, google links umleitung umgeleitet, kurze, langsam, leitet, logfiles, mas, nicht mehr, paypal, rechner, rechner langsam, seite, seiten, sicherheitscenter, sicherheitsscenter, unglaublich, verändert |
Linear-Darstellung
